• JackbyDev@programming.dev
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    20
    ·
    1 year ago

    I know all of that. Tone down the condescension. That’s why it’s bullshit for Windows 11 to say it’s secure because of SecureBoot when in reality it’s a feature of your motherboard.

    • icedterminal@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      5
      ·
      1 year ago

      Your statements made me believe the opposite. Though I wasn’t condescending. I said it was OK to not know.

      Microsoft doesn’t say that. They state it adds to the security of your computer before Windows even starts. https://learn.microsoft.com/en-us/windows/security/operating-system-security/system-security/secure-the-windows-10-boot-process

      Any device security is multi layered.

      Having a mechanism that only accepts trusted boot binaries is pretty critical to fighting malware. Rootkits effectively have total control of whatever you decide to boot because of their persistence. When your hardware has its own security features (Secure Boot, TPM) why not take advantage of them to make the software you run more secure?

      If you didn’t know, Android, macOS and iOS have their own TPM and Secure Boot implementations that have been enforced and present for over a decade.

      • Bartsbigbugbag@lemmy.ml
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        And those secureboot implementations in mobile devices are frequently called out as primarily a way to prevent usage that the manufacturer doesn’t want you to do.