Linux users who have Secure Boot enabled on their systems knowingly or unknowingly rely on a key from Microsoft that is set to expire in September. After that point, Microsoft will no longer use that key to sign the shim first-stage UEFI bootloader that is used by Linux distributions to boot the kernel with Secure Boot. But the replacement key, which has been available since 2023, may not be installed on many systems; worse yet, it may require the hardware vendor to issue an update for the system firmware, which may or may not happen. It seems that the vast majority of systems will not be lost in the shuffle, but it may require extra work from distributors and users.

  • VeganCheesecake@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    2 days ago

    I’m pretty sure that warning used to be on the UEFI download page for Biostar boards, but they’ve completely redesigned it, so if it was them, it isn’t there anymore.

    I’ve seen some Asus and MSI Boards getting only uefi updates marked as beta, with the next update, months later, also being marked as beta. With Asus, there have been allegation that they try to get out of warranty claims this way.

    I’ve had less problems with Dell and Lenovo, which probably comes from them being more enterprise focused. I think the problem is that the for the average consumer, uefi updates are last on their mind when picking a board.

    Apple, and, to a lesser degree, Lenovo and Dell, seem hardly comparable, since their focus isn’t selling mainboards as a stand-alone component.