Antwortete im Thread
@franky @ulrichkelber @kontrollierterWahnwitz es heißt #CensorBoot, denn #HoldenKeyBoot macht "#SecureBoot" unfixable unsicher!
Verwaltet von:
#secureboot
2 Beiträge2 Beteiligte0 Beiträge heute
Found in the wild: 2 #SecureBoot exploits. #Microsoft is patching only 1 of them.
Ars Technica · Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.
Unified #Kernel Images in #openSUSE: stronger boot, simplified structure. 
Register for the #openSUSE Conference and #learn more. #SecureBoot #Linux https://events.opensuse.org/
events.opensuse.orgopenSUSE Events
#UEFI-#BIOS-Lücken: #SecureBoot-Umgehung und Firmware-Austausch möglich | Security https://www.heise.de/news/UEFI-BIOS-Luecken-SecureBoot-Umgehung-und-Firmware-Austausch-moeglich-10440016.html #Patchday #Hydrophobia
heise online · UEFI-BIOS-Lücken: SecureBoot-Umgehung und Firmware-Austausch möglich
That's one way of going about that.
Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.
« Not-So-Secure #Boot : 2 #SecureBoot Exploits Discovered » 
› https://linuxsecurity.com/features/2-secure-boot-exploits-discovered
Linux SecurityNot-So-Secure Boot: 2 Secure Boot Exploits DiscoveredSecure Boot has long been advertised as the security boundary that keeps rogue software and untrusted code at bay during system startup. By checking...
Schwerwiegende Sicherheitslücken: Zwei Exploits können #SecureBoot komplett umgehen. #Microsoft hat bislang nur eine davon geschlossen - die zweite bleibt weiterhin ausnutzbar. https://winfuture.de/news,151480.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
WinFuture.de · Zwei Exploits gegen Secure Boot: Microsoft schließt nur eine Lücke
#Hydroph0bia (CVE-2025-4275) - a trivial #SecureBoot bypass for UEFI-compatible firmware based on Insyde #H2O, part 1
coderush.meHydroph0bia (CVE-2025-4275) - a trivial SecureBoot bypass for UEFI-compatible firmware based on Insyde H2O, part 1
Another major Secure Boot bypass (CVE-2025-3052) affects UEFI devices, letting attackers run unsigned code during boot via unsafe NVRAM variable handling. Microsoft’s Patch Tuesday adds 14 new dbx hashes to mitigate.
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
www.binarly.ioAnother Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot BypassBinarly uncovers CVE-2025-3052: a Secure Boot bypass affecting most UEFI devices, enabling attackers to run unsigned code before OS load.
Another Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot Bypass
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
www.binarly.ioAnother Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot BypassBinarly uncovers CVE-2025-3052: a Secure Boot bypass affecting most UEFI devices, enabling attackers to run unsigned code before OS load.
Secure Boot just got a wake-up call—hackers are now exploiting a new flaw to slip bootkit malware past our digital bouncer. Ever wonder how secure your system really is?
https://thedefendopsdiaries.com/navigating-the-challenges-of-secure-boot-vulnerabilities/
With a focus on usability, @almalinux OS 10 has been released
https://www.admin-magazine.com/News/AlmaLinux-OS-10-Released?utm_source=mam
#EnterpriseLinux #AlmaLinux #RHEL #cryptography #OpenSSH #sudo #SecureBoot
iX-Workshop: Sicherer Betrieb von Windows 11 in Unternehmen
Lernen Sie an praktischen Beispielen, wie Sie Windows 11 Pro und Enterprise in Ihrem Unternehmen sicher und effektiv einsetzen.
heise online · iX-Workshop: Sicherer Betrieb von Windows 11 in Unternehmen
Antwortete im Thread
@aurynn the problem is that #vendors have neither interest nor incentive to work with 3rd party #ROMs like @LineageOS nor @GrapheneOS.
- If it was my decision there would be a legal #mandate to #OpenSource #Firmware, #Hardware and release the #keys for any "#SecureBoot" mechanism once a #device doesn't get first party updates that are less than a week old, but that would require @EUCommission, @europarl_en and/or @Bundesregierung to care and be willing to enforce that!
Installing #VoidLinux is one thing, but documenting it is key. I'm working on #dracut hooks to automatically create and sign the #unifiedkernelimage. I've already done #FullDiskEncryption (including /boot)
The best thing is that i can lookup most of the stuff on the #ArchLinux #wiki (except #systemd stuff). I like #runit, though i'm not used to it yet.
I can also fix or reinstall the OS how much i want because of my separate /home partition. This level of customization and control is so cool.
I'm already excited to #automate the base system installation using #Ansible.
Update caused "Secure boot violation invalid signature detected" 24.04 #secureboot
Ask UbuntuUpdate caused "Secure boot violation invalid signature detected" 24.04Something updated that cause the "secure boot violation invalid signature detected" error to pop up on reboot.
I've had no luck finding anything on how to fix this that isn't over 5 years...
#Microsoft has fixed the dual-booting bug affecting Windows and Linux with patch KB5058385, released nine months after the issue was reported.
This update prevents legitimate Linux bootloaders from being blocked.
However, the long delay raises concerns about Microsoft's commitment to niche user needs.
Will they prioritize core features over essential fixes for dual-boot users?
It's FOSS News · 9 Months Later, Microsoft Finally Fixes Linux Dual-Booting BugA sneaky move by the tech giant but at least we have some moves in the right direction.
iX-Workshop: Sicherer Betrieb von Windows 11 in Unternehmen
Lernen Sie an praktischen Beispielen, wie Sie Windows 11 Pro und Enterprise in Ihrem Unternehmen sicher und effektiv einsetzen.
heise online · iX-Workshop: Sicherer Betrieb von Windows 11 in Unternehmen