- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
“Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats,” ESET researchers wrote. “Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats.”
The Fedora doc on this is a bit old but it’s still mostly the same:
The implementation of secure boot is still questionable to this day, but it is understandable that it doesn’t always play nice with Linux. I do believe you can use hibernate now as long as you have an encrypted swap (LUKS).
I can definitely see the pain if you happen to be a kernel dev or use linux on any SBC with IO ports you want to mess with in userspace and not make en entire overkill kernel module for.