According to UEFI Secure Boot, Microsoft says "systems certified for Windows 8 [on non-ARM machines] must allow secure boot to enter custom mode or be disabled." Then in theory the user can enter any key in custom mode, and secure boot will honor that key. Apparently current UEFI instances require the user to type the long custom key, but instead UEFI could read the key from a USB device or filesystem and display it to the user for approval. Is there more to the brouhaha than just a user interface issue?
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds