Vole has been a staunch supporter of Linux but it seems news this week suggests it might be up to its old tricks.
It all started when a security engineer found himself unable to boot up a copy of Linux on his Lenovo laptop due to restrictions that are apparently insisted upon by Microsoft.
Matthew Garrett, an information security architect, was keen to check out Lenovo's laptop but found himself unable to boot Linux from a USB stick "for no obvious reason."
Pluton is Microsoft's latest effort to secure PCs and can act as both a Trusted Platform Module (TPM) or as a non-TPM security co-processor. It emerged in 2020, with Microsoft saying Intel, AMD, and Qualcomm were all onboard. While Acer launched tech with the kit in May, Dell is not keen and Lenovo started the year saying it wouldn't be turned on by default.
Many Linux distributions have worked with Secure Boot to ensure that the boot loader and kernel have not been tampered with. Linux distributions use a Microsoft signed 'shim' executable that is then able to verify the subsequent boot stages that have been signed with the distribution key. The Microsoft signed shim is signed using the 'Microsoft 3rd Party UEFI Certificate', and this certificate is stored in the BIOS database."
For Secured Core PCs it is a Microsoft requirement for the 3rd Party Certificate to be disabled by default.
If your PC ships with Windows pre-installed you need to jump into the BIOS setup to enable the Microsoft 3rd Party UEFI Certificate once again.