![the amazing world of gumball nicole episodes the amazing world of gumball nicole episodes](https://i.pinimg.com/736x/b9/1e/f3/b91ef3a50dea1d11b959e33dd039b9cd.jpg)
In this blog, we will describe the standard Secure Boot configuration of a Fedora 29 installation on a Dell Latitude E5470 laptop, which we use in our day-to-day work, and show you how to harden it to a reasonable extent. Can mechanisms like Fedora’s “shim” or Linux Foundation’s “pre-bootloader” be used to execute unsigned code?.How far does my Linux distribution extend the chain of trust?.What entities are entitled to enroll or update public keys, signatures and hashes in UEFI firmware?.What entities actually have control over the private key counterparts?.While such efforts may sound appealing at first, security-conscious individuals may have the following concerns: The basic idea behind Secure Boot is that the UEFI firmware may only redirect control flow to those bootloaders that it could cryptographically verify against a pre-distributed set of public keys, signatures and hashes of executable modules.
![the amazing world of gumball nicole episodes the amazing world of gumball nicole episodes](https://vignette2.wikia.nocookie.net/theamazingworldofgumball/images/7/7b/Season_3_Nicole.png)
![the amazing world of gumball nicole episodes the amazing world of gumball nicole episodes](https://i.pinimg.com/236x/10/34/23/103423c227264f927a189d5b4f98a064.jpg)
It was introduced in the Unified Extensible Firmware Interface (UEFI) 2.3.1 specification (Errata C) in 2012, and has widely been adopted by computer manufacturers since then. What is worse than a failing system? A (silently) compromised, yet operational system! While there are many attack vectors that allow for the compromise of a modern computer system, Secure Boot tries to address one of them: It aims to secure the pre-boot environment against unauthenticated manipulations such as rootkits and bootkits. This blog is from the CrowdStrike Intelligence Advanced Research Team Motivation