Do I need secure boot if I only boot linux?

Had some hardware issues, when I reassembled the pc got some uefi reset message and the system didn’t boot with some grub_malloc message. I suspect it was some secure boot issue, didn’t have patience to investigate. Packaged it up and sent it to the service.

Anyway, now I started thinking about what actually can happen without secure boot. On a regularly updated system some remote actor somehow installs some infected kernel? Read some posts here on the forum, seems to me some people don’t use secure boot at all, but didn’t find a post where someone explains it in more detail what could happen realistically. No one else has physicall access to this pc. I don’t even encrypt my disks, so idk how does secure boot actually help if some hacker has physicall access to an unencrypted system. I doubt that someone could remotely exploit an updated linux system, doesn’t really matter what services and programs I’m using.

Sorry if I sound ingnorant, but for me a lot of security vulnerabilities seem to be too hard to exploit with a general algorithm. So many linux system environments that manual exploits are the only viable way. Maybe it’s easier to automate non-rolling distros.

1 Like

One thing you certainly do NOT want to boot Linux in any shape or form is secure boot.

Despite of name, that garbage has nothing to do with security and everything to do with being a form of Microsoft’s DRM.


I have already disabled AMD fTPM, it caused stuttering(even in windows)… Who knows what other stupid stuff my uefi has…

Started using linux on my laptop like two years ago, until then I didn’t even know about secure boot, just had to look into it, when it made installing ubuntu a bit too complicated, took me a few hours until I made it work… Never really questioned if I need it at all.

Most install guides don’t even mention, that it’s probably useless for an everyday pc…

I don’t use secure boot on Windows either. :grin:


I just don’t know, why I didn’t really came across the advice before, that it might not be the worst idea to disable secure boot. Had problems with it, when I first installed eos too… Until now, for me, it just made installing Linux harder.

I feel like, there should be more footnotes in Linux install guides, about ditching secure boot.

As far as I’m concerned one should always disable secure boot no matter what OS you are running. Along with that CSM or whatever it’s called by the particular mobo manufacturer and TPM.

Secure boot is mostly just windows making it more difficult to not use Windows.



1 Like

I find this kind of humor i did read it , so bad all the work on secure boot and it even is not save and cant be patched.


Secure Boot is mostly just Windows attempting to make it more difficult to not use Windows and failing badly at it like they do everything else.


Secure Boot means “Microsoft Securing Your (I mean ‘Our’) Computer From Running All Those Nasty Non-Microsoft OS’s Especially L***X”