Start Slackware installer without disabling UEFI Secure Boot first?
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I can't know if you were serious but it should be obvious they can't answer for me. What is far less obvious is what good Secure Boot can possibly offer Slackware or Linux as a whole. Since Microsoft and Intel don't emphasize Linux (and who really can blame them?) it's unlikely any meaningful answer will be forthcoming. In the meantime I rely on "If it ain't broke, don't 'fix' it".
On the flip side we have entered an era where firmware is just software and can be attacked by malware underneath any OpSys. How much damage that can cause is largely OpSys dependent and is still to play out. How effective Secure Boot is in defense against such attacks, especially for Linux, is an ongoing battle.
For Windows 8 PCs, manufacturers had to give you a way to turn Secure
Boot off. Microsoft required PC manufacturers to put a Secure Boot
kill switch in users’ hands.
For Windows 10 PCs, this is no longer mandatory. PC manufacturers can
choose to enable Secure Boot and not give users a way to turn it
off. However, we’re not actually aware of any PC manufacturers that do
this.
On the flip side we have entered an era where firmware is just software and can be attacked by malware underneath any OpSys. How much damage that can cause is largely OpSys dependent and is still to play out. How effective Secure Boot is in defense against such attacks, especially for Linux, is an ongoing battle.
Distribution: slackware 15.0 64bit, 14.2 64 and 32bit and arm, ubuntu and rasbian
Posts: 495
Rep:
I thought I had a similar issue to ZhaoLin1457 with not being able to disable secure boot on a laptop. I emailed the manufacturer, and they said that you needed to first create a bios password. Having done this, and restarting, the bios option to disable secureboot appeared!. After disabling it, i could clear the bios password I had temporarily added, and hey-presto! secure-boot disabled, and I could set up dual boot with slackware without having to go through all the hoops described.
Again, what does Secure Boot actually bring to the table as a Benefit and at what Cost? That is by definition, The Bottom Line - Profit or Loss?.
I own and provision x86_64 and arm64 devices, both which have secure-boot (mainline u-boot can store secure-boot-keys); linux kernel can uefi boot with efi_boot_stub configured... so one way to configure booting that works everywhere is handy, though not profitable, per se.
I fixed an apple guy's imac's time machine's mess: I put my portable ssd with slackware64 on it, (which has /boot/efi/EFI/BOOT/BOOTX64.efi), and held the option key during startup, and behold, the portable ssd was available, and I was able to run his imac on my ssd, then mount his imac's internal drive, and use rsync to merge all the copies of copies inside itself that his time machine setup had created... he was really grateful and gave me some bucks (profit). If he had had a secure-boot computer, it would have been more challenging, as this thread discloses, and I would have missed out.
Having a portable slackware installation that can boot a customer's secure-boot device leads to profit! Even though, from a security point of view, secure-boot might not have helped slackware or linux--in fact it created a hindrance by needing more work to make it work--nevertheless, having a secure-boot equipped slackware allows access to those devices that would otherwise be hindered, and that access can be profitable!
I can't know if you were serious but it should be obvious they can't answer for me. What is far less obvious is what good Secure Boot can possibly offer Slackware or Linux as a whole. Since Microsoft and Intel don't emphasize Linux (and who really can blame them?) it's unlikely any meaningful answer will be forthcoming. In the meantime I rely on "If it ain't broke, don't 'fix' it".
On the flip side we have entered an era where firmware is just software and can be attacked by malware underneath any OpSys. How much damage that can cause is largely OpSys dependent and is still to play out. How effective Secure Boot is in defense against such attacks, especially for Linux, is an ongoing battle.
That's why I ask the cost/benefit question.
The question originally posed was in the title: "Start Slackware installer without disabling UEFI Secure Boot first?", positing also subsequently the possibility of having a computer on which it cannot be disabled (which is indeed possible with Windows 10 onwards).
If you cannot answer that question why not be silent rather than trying to take the thread over for your own purposes. Stating your highly predictable views on a different question, namely whether secure boot is a Microsoft conspiracy ("Armed Robbery" as you put it) or has an adequate cost/benefit ratio, might be acceptable if done once, but to keep going on and on I don't think is.
It is a shame when someone tries to turn a technical discussion into yet another twitter-style righteousness war.
Thanks slac-in-the-box. I concur about portable Slackware installs as a great investment. However I still get the strong impression that Secure Boot is like offering a new car with the salient feature that it requires two sets of keys to start it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.