You’re talking of an attacker with physical access. This can indeed defeats secure boot, but physical access defeat most computer security. In an evil maid scenario even LUKS can be defeated. An attacker with physical access can clone the drive, install a keylogger (hardware or software) and capture the passphrase the next time the machine boots.
Secure Boot can be useful to prevent malware from inserting themselves into the boot process, preventing them from elevating privilege or gaining persistence https://www.xda-developers.com/secure-boot/
Secure Boot isn’t perfect but it’s widely available and is an useful extra layer of protection, on top of disk encryption (eg LUKS).
I can’t take any Microsoft attempt at security seriously. One of the most important elements to improve security is to delete windows. Secure boot is lots of things but not secure.
These are all basically “if your machine is already compromised, they can also get around these other security measures” type exploits though, which are irrelevant.
You’re talking of an attacker with physical access. This can indeed defeats secure boot, but physical access defeat most computer security. In an evil maid scenario even LUKS can be defeated. An attacker with physical access can clone the drive, install a keylogger (hardware or software) and capture the passphrase the next time the machine boots.
Secure Boot can be useful to prevent malware from inserting themselves into the boot process, preventing them from elevating privilege or gaining persistence https://www.xda-developers.com/secure-boot/
Secure Boot isn’t perfect but it’s widely available and is an useful extra layer of protection, on top of disk encryption (eg LUKS).
I can’t take any Microsoft attempt at security seriously. One of the most important elements to improve security is to delete windows. Secure boot is lots of things but not secure.
These are all basically “if your machine is already compromised, they can also get around these other security measures” type exploits though, which are irrelevant.