Secure boot: Difference between revisions

(5 intermediate revisions by 2 users not shown)

Line 1:

{{~~Irrelevant~~}}~~{{ProductCargo~~

~~|Company=Microsoft~~

'''Secure boot''', also known as '''verified boot''', is any technology that prevents the execution of non-trusted programs during the startup sequence of a computer system, such as a desktop PC or a smartphone. Its original purpose is to protect users against [[wikipedia:Rootkit|rootkits]].

~~|ReleaseYear=2011~~

~~|InProduction=Yes~~

~~|ArticleType=Service~~

~~|Category=Security~~, ~~Software~~, ~~Operating System~~, ~~Firmware~~

|~~Website=https://learn.microsoft~~.~~com/en-gb/windows-hardware/design/device-experiences/oem-secure-boot}}~~

~~{{Ph-C-Int}}~~

==~~Consumer-impact summary~~==

==How it works==

~~{{Ph~~-C-~~CIS}}~~

This class of technology typically works by only allowing [[wikipedia:Digital_signature|cryptographically signed]] programs to be executed by the hardware-level [[wikipedia:Bootloader|bootloader]]. The signing is done with private keys owned by the device manufacturer (typical case for [[Android]] devices) or operating-system (OS) vendor (such as [[Microsoft]] and [[Apple]]).

~~==Incidents==~~

Many hardware-based bootloaders don't support or allow changing the set of allowed signatures, which suggests they were made to control users rather than "protect" them.{{Citation needed|reason=speculation}}

~~{{Ph~~-~~C-Inc}}~~

~~This is a list~~ of ~~all consumer-protection incidents related~~ to ~~this product~~. ~~Any incidents not mentioned here can be found in the [[:Category:~~{{~~PAGENAME}}~~|~~{{PAGENAME~~}} ~~category]].~~

===~~Example incident one (''date'')~~===

==Why it is a problem==

~~{{Main|link to the main CR Wiki article}}~~

~~Short summary of the incident (could be the same as the summary preceding the article).~~

~~===Example incident two (''date'')===~~

~~...~~

===Market control===

This tech can be used to restrict the software that users can install and use. Even when it's optional, it's typically enabled by default, adding undue friction that deters users from installing alternative OSes.

==Examples==

*[[wikipedia:Uefi#Secure_Boot|UEFI]]

*[[wikipedia:Booting_process_of_Android_devices|Android]]<ref>https://source.android.com/docs/security/features/verifiedboot/</ref>

==See also==

~~{{Ph-C-SA}}~~

*[[Jailbreak]]

*[[Microsoft Windows 11]]

*[[Bootloader unlocking]]

*[[Trusted computing]]

==References==

[[Category:{{PAGENAME}}]]

[[Category:Common terms]]

[[Category:Theme]]

@@ Line 1: / Line 1: @@
-{{Irrelevant}}{{ProductCargo
+{{Stub}}
-|Company=Microsoft
+'''Secure boot''', also known as '''verified boot''', is any technology that prevents the execution of non-trusted programs during the startup sequence of a computer system, such as a desktop PC or a smartphone. Its original purpose is to protect users against [[wikipedia:Rootkit|rootkits]].
-|ReleaseYear=2011
-|InProduction=Yes
-|ArticleType=Service
-|Category=Security, Software, Operating System, Firmware
-|Website=https://learn.microsoft.com/en-gb/windows-hardware/design/device-experiences/oem-secure-boot}}
-{{Ph-C-Int}}
-==Consumer-impact summary==
+==How it works==
-{{Ph-C-CIS}}
+This class of technology typically works by only allowing [[wikipedia:Digital_signature|cryptographically signed]] programs to be executed by the hardware-level [[wikipedia:Bootloader|bootloader]]. The signing is done with private keys owned by the device manufacturer (typical case for [[Android]] devices) or operating-system (OS) vendor (such as [[Microsoft]] and [[Apple]]).
-==Incidents==
+Many hardware-based bootloaders don't support or allow changing the set of allowed signatures, which suggests they were made to control users rather than "protect" them.{{Citation needed|reason=speculation}}
-{{Ph-C-Inc}}
-This is a list of all consumer-protection incidents related to this product. Any incidents not mentioned here can be found in the [[:Category:{{PAGENAME}}|{{PAGENAME}} category]].
-===Example incident one (''date'')===
+==Why it is a problem==
-{{Main|link to the main CR Wiki article}}
-Short summary of the incident (could be the same as the summary preceding the article).
-===Example incident two (''date'')===
-...
+===Market control===
+This tech can be used to restrict the software that users can install and use. Even when it's optional, it's typically enabled by default, adding undue friction that deters users from installing alternative OSes.
+==Examples==
+*[[wikipedia:Uefi#Secure_Boot|UEFI]]
+*[[wikipedia:Booting_process_of_Android_devices|Android]]<ref>https://source.android.com/docs/security/features/verifiedboot/</ref>
 ==See also==
-{{Ph-C-SA}}
+*[[Jailbreak]]
+*[[Microsoft Windows 11]]
+*[[Bootloader unlocking]]
+*[[Trusted computing]]
 ==References==
 {{reflist}}
 [[Category:{{PAGENAME}}]]
+[[Category:Common terms]]
+[[Category:Theme]]