“Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats,” ESET researchers wrote. “Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats.”
Shouldn’t this all be handled automatically by the Debian installer though? It seems weird that I would ever have to run other tools just to install a brand new system.
Oh yeah Debian has their own documentation for SecureBoot. If thats not working though, check out
sbctl.