this appears today
https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/?utm_source=dlvr.it&utm_medium=facebook
origin info
4 Likes
Who could have thought of THAT coming 
JeezâŚThat crap is single most stupid thing in whole history of computingâŚ
Always only created problems.
Love Debian naming btw, âBootHoleâ 
âI jumped into his computer through boothole!â
6 Likes
good reason to switch to rEFInd ?
So thenâŚTear our chips down, disable Intel ME / AMD PSPâŚ
And then write our own BIOS with black-jack and hookers!
If it wasnât for laptops it would be pretty damn doable across the board 
6 Likes
Who on Linux is using secure boot anyway? Iâm not!
5 Likes
Depends on how many threads of âNothing works / i canât boot! / Linux sucksâ you have come acrossâŚ
On Manjaro forums there was a bunch 
âŚ
Disabling Secure boot, Fast boot and all other kinds of boot (including BootHole now ) is sadly not most obvious thing for newcomers 
1 Like
I fell in a Boothole and ended up on EndeavourOS.
7 Likes
I hate secure boot, it is simply a Microsoft shackle imposed on hardware purchasers. On some cheap lower end hardware it can not be disabled at all and you can not even install Linux.
4 Likes
i installed this system in the first place with secureboot & my laptop with secureboot 
but i switched off mean timeâŚ
Totally agree! 
3 Likes
Exactly! 
Canât wait for some new fancy next-gen AI Boot (which totally doesnât reprogram your DNA with 6G for total submission to reptiloids 
)âŚ
3 Likes
It CAN use secure boot (mostly doesnât) and CAN fire up a grub2 instance (mostly doesnât) but is unlikely to be vulnerable to this. Normally it (like âgumminootâ and systemd boot) fires up the kernel directly, bypassing the reported âbuffer overflowâ attack sourced in the grub.cfg file. Not to worry⌠
Ah, forget the whole thing.
3 Likes
I read about this a few hours ago in bleepingcomputer, arstechnica & makeuseof. Initially i was confused, then mildly concerned, then ⌠meh⌠once i realised that if i understood correctly, the bad actor already needs to have compromised your device with root privileges before they can then compromise your device with this thing. So⌠meh.
2 Likes
Arch already has a patch for grub in the works.
2 Likes
ButâŚCan you trust yourself when sleepwalking? 
I donât! 
1 Like
It doesnât affect me, since I am a Linux user and donât wear bootsâŚ
3 Likes
Certainly not! I am completely untrustworthy when awake, & have reason to suspect i might be even more disreputable in my sleep.
1 Like