• tomiant@piefed.social
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      I remember the day I saw the “Intel! Inside” commercial and the logo, and I thought, I don’t fucking trust this company.

      Yeah no shit Intel inside, you’ve got every fucking three letter agency inside.

      I knew it was over the day they introduced UEFI and TPM.

        • forestbeasts@pawb.social
          link
          fedilink
          English
          arrow-up
          0
          ·
          2 months ago

          Mostly the “secure boot” crap, which you can turn off (it’s more a “running your own software on the machine” risk than a privacy risk). UEFI in general isn’t too bad (way way WAY more complex than BIOS though) and managing EFI bootloaders is so much less hassle than with BIOS boot!

          – Frost

          • wonderingwanderer@sopuli.xyz
            link
            fedilink
            English
            arrow-up
            0
            ·
            2 months ago

            All I know about secure boot is that if I make a custom ISO and try booting from it, I would need to create a signature first, register it in my UEFI, and use it to sign the ISO.

            Seems like a pain in the ass, but then again if I want to play with a custom ISO I can do so in a VM, and that seems kind of worth it to prevent someone from booting whateverthefuck if they somehow gain physical access to my computer…

            • forestbeasts@pawb.social
              link
              fedilink
              English
              arrow-up
              0
              ·
              2 months ago

              I mean, if they gain physical access to your computer, they can just boot their favorite Linux live ISO and go to town. :3

              • wonderingwanderer@sopuli.xyz
                link
                fedilink
                English
                arrow-up
                0
                ·
                2 months ago

                That’s true too, I guess. I suppose the only way to prevent that would be to disable USB boot, which would also make recovery impossible?