this post was submitted on 30 Oct 2023
619 points (93.2% liked)

Technology

59672 readers
2895 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 1 year ago (1 children)

Your statements made me believe the opposite. Though I wasn't condescending. I said it was OK to not know.

Microsoft doesn't say that. They state it adds to the security of your computer before Windows even starts. https://learn.microsoft.com/en-us/windows/security/operating-system-security/system-security/secure-the-windows-10-boot-process

Any device security is multi layered.

Having a mechanism that only accepts trusted boot binaries is pretty critical to fighting malware. Rootkits effectively have total control of whatever you decide to boot because of their persistence. When your hardware has its own security features (Secure Boot, TPM) why not take advantage of them to make the software you run more secure?

If you didn't know, Android, macOS and iOS have their own TPM and Secure Boot implementations that have been enforced and present for over a decade.

[–] [email protected] 6 points 1 year ago

And those secureboot implementations in mobile devices are frequently called out as primarily a way to prevent usage that the manufacturer doesn’t want you to do.