ESET researchers discovered 11 vulnerable UEFI shim bootloaders signed by Microsoft that allow attackers to bypass UEFI Secure Boot by exploiting decade-old vulnerabilities.
It’s not flawed at all. But its purpose isn’t actually to secure anything. Its purpose is to complicate the installation of alternative OS and to perpetuate vendor lock in, while sounding like it’s “for your security”. In that regard, it has succeeded.
There is also TPM and Microsoft Pluton, which serve the same purpose.
Arch Wiki had pointed out for years that Secure Boot is a flawed mechanism.
It’s not flawed at all. But its purpose isn’t actually to secure anything. Its purpose is to complicate the installation of alternative OS and to perpetuate vendor lock in, while sounding like it’s “for your security”. In that regard, it has succeeded.
There is also TPM and Microsoft Pluton, which serve the same purpose.