alt Hacker News> sign every kernel/initrd update
If you believe that the those SecureBoot private keys were leaked, why not also believe that the linux kernel signing keys were also leaked and that you are downloading a backdoored one.
> sign every kernel/initrd update
If you believe that the those SecureBoot private keys were leaked, why not also believe that the linux kernel signing keys were also leaked and that you are downloading a backdoored one.
It's quite easy to generate your own signing keys which you use to sign a kernel you've built yourself.