secureboot

Secure Boot is a security standard part of the Unified Extensible Firmware Interface (UEFI) designed to ensure that a computer boots using trusted software. It aims to prevent the execution of unauthorized or tampered bootloaders, kernels, and other early-boot components by validating their digital signatures before they are allowed to run.

The security model relies on a hierarchy of cryptographic keys and signature databases. A Platform Key (PK)

Implementation and usage vary by system. Many operating systems support Secure Boot, with Windows typically relying

Limitations and scope are important to note. Secure Boot protects against tampering during the initial boot