The idea is the opposite, to not rely in MS for Secure Boot. True that they created the secure boot but not because they created that is a bad idea. Many Linux distributions support Secure Boot through their own signing keys or by using tools like Shim (Ubuntu, Fedora, Debian, OpenSuse, Arch, Gentoo and NixOS), allowing us to maintain control and security without depending on Microsoft. Secure Boot is a security feature that ensures your computer boots only trusted software, reducing the risk of malware. It checks the signatures of boot software and only allows signed, trusted components to load. This helps protect your system from unauthorized access during startup. Not flawless but is better with than without. Also, along with other strategies it may some day be used by the gaming vendors as a potential via to validate anti cheat. Recently the systemd made some progress in the area enhancing the TPM config.
“the TPM PCRs could be used either to lock a disk-encryption key to only be used on kernels signed by a particular OS vendor, or to lock a disk-encryption key to specific local things, such as the firmware version, available hardware, etc. Now, with systemd 257, the user can configure both these kinds of requirements at once.”
The idea is the opposite, to not rely in MS for Secure Boot. True that they created the secure boot but not because they created that is a bad idea. Many Linux distributions support Secure Boot through their own signing keys or by using tools like Shim (Ubuntu, Fedora, Debian, OpenSuse, Arch, Gentoo and NixOS), allowing us to maintain control and security without depending on Microsoft. Secure Boot is a security feature that ensures your computer boots only trusted software, reducing the risk of malware. It checks the signatures of boot software and only allows signed, trusted components to load. This helps protect your system from unauthorized access during startup. Not flawless but is better with than without. Also, along with other strategies it may some day be used by the gaming vendors as a potential via to validate anti cheat. Recently the systemd made some progress in the area enhancing the TPM config.
https://lwn.net/Articles/1001730/
“the TPM PCRs could be used either to lock a disk-encryption key to only be used on kernels signed by a particular OS vendor, or to lock a disk-encryption key to specific local things, such as the firmware version, available hardware, etc. Now, with systemd 257, the user can configure both these kinds of requirements at once.”