undefined | Better HN

0 pointsFoxboron1y ago0 comments

> Also most (all?) UEFI systems are not locked to Windows and allow customizing the keystore via the firmware console interface anyhow.

All of them.

The Secured Core machines still allows you to reset Secure Boot into user mode as mandated by the spec.

0 comments

Isn't this only true of x86 ones, not ARM ones?

If ARM implements the UEFI specification then there are escape hatches to enroll your own PKI.

I don't own ARM machines with UEFI so I have no clue.

j / k navigate · click thread line to collapse

0 pointsFoxboron1y ago0 comments

> Also most (all?) UEFI systems are not locked to Windows and allow customizing the keystore via the firmware console interface anyhow.

All of them.

The Secured Core machines still allows you to reset Secure Boot into user mode as mandated by the spec.

Isn't this only true of x86 ones, not ARM ones?

If ARM implements the UEFI specification then there are escape hatches to enroll your own PKI.

I don't own ARM machines with UEFI so I have no clue.

j / k navigate · click thread line to collapse