212
submitted 1 year ago by that_leaflet@lemmy.world to c/linux@lemmy.ml
all 34 comments
sorted by: hot top controversial new old
[-] clif@lemmy.world 73 points 1 year ago

Ah, delete the windows partition. That should keep me safe.

[-] that_leaflet@lemmy.world 53 points 1 year ago

The TLDR is that Microsoft released a secure boot update that blocked insecure versions of GRUB. This update was only meant to go out to Windows users since releasing it to dual booted users could break GRUB. However, it was accidentally also released to dual-booted users.

The fix involves disabling dual boot, running a command to reset secure boot, then re-enabling.

[-] Zoidsberg@lemmy.ca 63 points 1 year ago
[-] getoffthedrugsdude@lemmy.ml 22 points 1 year ago

Accidentally on purpose

[-] lord_ryvan@ttrpg.network 7 points 1 year ago

How would they know if you're dual booting or not?

[-] that_leaflet@lemmy.world 7 points 1 year ago

By checking for entries in the EFI partition(s).

[-] ExtremeDullard@lemmy.sdf.org 52 points 1 year ago

Windows is best run in a VM in Linux. Who knows what the hell it does when it's running on bare metal. Do you trust Microsoft not to poke around in your Linux disks when you boot into Windows? I don't.

[-] Emotet@slrpnk.net 11 points 1 year ago

Windows, as any operating system, is best run in a context most useful to the user and appropriate for the user's technical level.

  • Need to run Windows apps/games and aren't afraid to tinker around if and when something doesn't work as expected or your software simply isn't supported? WINE/Proton.
  • Need to run mostly light Windows apps and don't want to tinker around? VM.
  • Need to run Windows apps/games that don't rely on Kernel-Level Anti-Cheat, want direct hardware access and aren't afraid to tinker around, especially if you only have one GPU, and when something doesn't work as expected? KVM
  • Need to run any Windows app/game without things constantly breaking or the need to tinker around and staying on top of things? Dual-Boot from different disks, utilize LUKS/FDE and be done with it.
[-] evranch@lemmy.ca 7 points 1 year ago

You're missing one:

  • dedicated, air-gapped Windows box used for legacy industrial software

Aside from "lightweight apps in VM" this is the only solution I use now. (Unless you count Proton, but having Steam games Just Work barely feels like a "solution" as it requires zero effort on my part)

I don't even trust Windows to dual boot off a separate disk without trying to break something anymore.

[-] Cort@lemmy.world 2 points 1 year ago

What about running a Linux to go removable disk and just pull it when you need to boot windows?

[-] evranch@lemmy.ca 2 points 1 year ago

This would work but assumes the primary use of the machine is Windows and derates your performance under Linux significantly due to USB speeds. Even if you're storing your data on the Windows HDD, NTFS drivers are dog slow compared to EXT4 and other *nix filesystems.

Also some BIOSes are a pain to get to boot off removable drives reliably so it really depends on what your machine is.

I've used Linux as a primary dev system for well over a decade now, and with the current state of Windows I'd really recommend just taking the leap, keep your Windows box if you need Windows software and build a dedicated Linux workstation.

[-] ReveredOxygen@sh.itjust.works 2 points 1 year ago

You can keep only grub on the USB so windows can't touch it. Avoids all those issues since the main install remains on the SSD.

Personally I just boot windows from usb. Rufus has the ability to install it there

[-] evranch@lemmy.ca 2 points 1 year ago

This is a pretty good idea, my wife dual boots and I'll suggest it to her as Windows keeps trashing the EFI partition.

[-] tibi@lemmy.world 4 points 1 year ago

I actually tried it before for my TV PC that I wanted to also use as a miniserver, with gpu pass through and everything. It was painful to get it working properly, was like 30-40% slower. I also had constant problems with USB peripherals not connecting properly, or going in a sleep state and not waking. Many games didn't work properly.

Then I decided to just buy a cheap second second hand PC and never looked back.

[-] AndrewZabar@lemmy.world 3 points 1 year ago

I don’t trust them in literally any manner at all.

[-] StrawberryPigtails@lemmy.sdf.org 30 points 1 year ago

And this is why I don’t dual boot anymore. Or run Windows anymore for that matter. Learn to play nicely with others please, Microsoft.

[-] circuitfarmer@lemmy.sdf.org 5 points 1 year ago

Same. It can't even work correctly when I try and put it into a specific box.

The ultimate issue is a distaste for giving any corporation any control over hardware that I, alone, own.

[-] AndrewZabar@lemmy.world 2 points 1 year ago

I have been entirely M$ free for a while now with the exception of one machine which basically acts as a server at this point just hosting hard drives, a thermal label printer and the network scanning applet that my mfp talks to. Every machine I actually use is Linux and I’ve never been happier with the performance of my tech.

[-] eager_eagle@lemmy.world 25 points 1 year ago

Secure boot borking systems? Windows assuming it's the only OS on the machine? I'm shocked

[-] that_leaflet@lemmy.world 5 points 1 year ago

Windows assuming it’s the only OS on the machine

That's not the case. The update was only meant to go out to Windows users. But Microsoft messed up and accidentally released to all users, or at least some who weren't supposed to receive it. My guess is that Microsoft usually doesn't update secure boot stuff for dual boot users and instead waits for the distro to push the update.

[-] eager_eagle@lemmy.world 19 points 1 year ago

The bottom line is that a windows update broke grub. Again.

[-] skullgiver@popplesburger.hilciferous.nl 3 points 1 year ago* (last edited 1 year ago)

[This comment has been deleted by an automated system]

[-] eager_eagle@lemmy.world 3 points 1 year ago

It's a vulnerability that affects secure boot through grub. MS is the interested party in patching it because they're the ones selling secure boot certifications. It doesn't surprise me a bit if the open source community is not interested in patching secure boot holes.

[-] skullgiver@popplesburger.hilciferous.nl 1 points 1 year ago* (last edited 1 year ago)

[This comment has been deleted by an automated system]

[-] AndrewZabar@lemmy.world 2 points 1 year ago

Shocked, I tell you!

[-] SpaceNoodle@lemmy.world 11 points 1 year ago* (last edited 1 year ago)

I was planning to boot into Windows on one of my craptops in order to test a fix from a chip vendor whose configuration software only runs on Windows, but I guess I'll just ... not.

[-] gramgan@lemmy.ml 10 points 1 year ago

Newbie question: does this affect people using systemd-boot? Does anyone use systemd-boot?

[-] dukatos@lemm.ee 2 points 1 year ago

Nobody smart...

[-] aviation_hydrated@infosec.pub 3 points 1 year ago

Is this teaching us not to dual boot and to have separate devices?

this post was submitted on 21 Aug 2024
212 points (100.0% liked)

Linux

59197 readers
326 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago
MODERATORS