Fortunately I’m safe from that bc right after I assembled my current PC (even before moving the distro to it; yes, moving, not “installing”), I entered BIOS and disabled secure boot, IPM 2.0 and pretty much everything Spyware related. Only then I booted Clonezilla and extracted from the backup image. Since I had done the same on the old PC in BIOS, that means my Arch was never installed with SB and IPM active.
On top of that the last update of BIOS nearly broke it, so I flashed it back to the more stable version the motherboard came with. And since I have no intention to update BIOS, I’m safe from all that trouble.
I use Secure Boot on all my machines but I just use my own keys with Foxboron’s wonderful sbctl utility instead of the hacky shim/MOK method most distributions use.
Another funny thing is that there is speculation because firmware developers…many not actually be checking the dates at all in some cases. Cause that would mean extra work. So its very possible this date comes and goes, nothing happens to cheap devices.
That was based on conversations im seeing in other forums. Not sure honestly.
Well there is the 9/11 change that may be happening soon: https://techrights.org/n/2025/08/26/The_UEFI_9_11_Part_I_Introduction_to_Impending_Catastrophe_Micr.shtml
Its possible a LOT of linux machines wont work after this date.
Fortunately I’m safe from that bc right after I assembled my current PC (even before moving the distro to it; yes, moving, not “installing”), I entered BIOS and disabled secure boot, IPM 2.0 and pretty much everything Spyware related. Only then I booted Clonezilla and extracted from the backup image. Since I had done the same on the old PC in BIOS, that means my Arch was never installed with SB and IPM active.
On top of that the last update of BIOS nearly broke it, so I flashed it back to the more stable version the motherboard came with. And since I have no intention to update BIOS, I’m safe from all that trouble.
Hopefully people who use SecureBoot have plans in place
I just disabled SecureBoot on my end.
I use Secure Boot on all my machines but I just use my own keys with Foxboron’s wonderful
sbctlutility instead of the hacky shim/MOK method most distributions use.Oh, neat! I had no idea something like this existed!
Hopefully!
Another funny thing is that there is speculation because firmware developers…many not actually be checking the dates at all in some cases. Cause that would mean extra work. So its very possible this date comes and goes, nothing happens to cheap devices.
That was based on conversations im seeing in other forums. Not sure honestly.
Either way, we will find out soon!