Lets not underestimate how much MS would like to lock other OS's out of computers, it has long been speculated that was the goal with palladium and other initiatives. But secure boot can most certainly be used for good. Its possible to secure a system with kernel and a signed key that could be used with and IDS system that would prevent the running of any non signed binary. This could essentially eliminate all trojans as long as the keys are handled securely and if you have access to add the keys yourself you could be fully responsible for locking out every binary you haven't personally signed.
Secure boot isn't evil, it's like any tool though in that it can be used for evil.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds