Id like to hear thoughts. Of course us gamers hate kernel level anti cheat, but is that actually tied to secureboot?
I know some/most distros can boot in secure mode, so it doesn’t seem like an issue there.
With all the new games moving to it, looks like we will all have to sit them out or install Spyware (microshit) to play. I will opt not to.
For Linux, the protection is weak.
But if properly implemented, it’s good. But it would be a hassle to do and would require users to register new keys and blacklist Microsoft’s.
Measured boot is a better solution for Linux. It’s decentralized and does not rely on Microsoft. It uses the TPM to “measure” various parts of the UEFI, bootloader, and OS to ensure they have not been tampered with.
Measured boot requires secure boot to be enabled as one of its components.
The real value of measured boot is when paired with full disk encryption as it protects against boot loader attacks that can compromise your sealed keys.
I don’t believe that’s the case, according to Aeon. The state of secure boot can be measured, so if you have it enabled/disabled, you have to keep it that way or else the measurement will fail and the TPM will complain.