• onlinepersona@programming.dev
    link
    fedilink
    English
    arrow-up
    7
    ·
    11 months ago

    MBR is so easy to understand. UEFI, has so many things to understand EFI, ESP, MOK, signing procedures and signing chains, … it’s just so darn complicated.

    • cley_faye@lemmy.world
      link
      fedilink
      arrow-up
      11
      ·
      11 months ago
      • Disable secureboot
      • Things just work

      And in the end you just remove the need for a physical attacker to use whatever vulnerability there is in your EFI implementation anyway.

      • 0x4E4FOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        Things just work

        Yeah, if you have only one OS. Or when you have more than one, but the other one doesn’t constantly try to fuck up the first one.

        MBR is easy in this regard. Windows never touches the MBR magic, even when updating, so it’s all good. GRUB keeps the MBR in check, Windows doesn’t meddle, everything’s hunky dory in MBR boot land.

          • 0x4E4FOP
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            I’m not (38). I should have been more precise, Windows doesn’t touch the MBR magic any more.

    • 0x4E4FOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      11 months ago

      Yep. Plus, the less the firmware knows what you’re booting, the better.