On 25-07-2023 14:30, Source Code wrote:
Hi everyone! I just wanna say some questions: 1. I can not find anywhere about why Arch Linux developers do not make secure for Arch Linux. Why? And will secure be in Arch Linux in the future? 2. I read the https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secur... and now I don’t see information about ship. Why?
A few of the reasons to stay away from SB Secure Boot only works on systems using UEFI. Systems using BIOS don't support SB at all. When secure boot is enabled uefi requires signed firmware to allow hardware components to function. Those components are typically signed with microsoft keys and if you don't trust their keys your system will refuse to boot or be severely crippled. Enabling SB forces you to trust microsoft . Who controls whether something is secure or not ? With SB active the answer is :simple : NOT YOU. SB works best with systems that undergo very little change. A rolling release distributions like archlinux is the opposite of what SB is designed to work with. SB can increase security in certain situations but comes with a substantial price tag . Personally I feel SB disadvantages massively outweight the benefits. Lone_Wolf