@eduncan911.com on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

Eric Duncan 🔵

eduncan911.com

did:plc:ogk72ingmhmrs5fbtanukhkp

UEFI Secure Boot is only as safe as physical access. Default/blank BIOS passwords let anyone disable it or enroll rogue keys. CVEs like BootHole (CVE-2020-10713) cracked GRUB2's chain. Linux also requires Microsoft's signed shim so a stolen/revoked/MS NSA-backdoored cert breaks trust entirely. https://eclypsium.com/blog/theres-a-hole-in-the-boot/

2026-03-05T17:01:38.697Z