❗Article Status Notice: This Article is a stub
This article is underdeveloped, and needs additional work to meet the wiki's Content Guidelines and be in line with our Mission Statement for comprehensive coverage of consumer protection issues. Learn more ▼
Secure boot, also known as verified boot, is any technology that prevents the execution of non-trusted programs during the startup sequence of a computer system, such as a desktop PC or a smartphone. Its original purpose is to protect users against rootkits.
How it works
This class of technology typically works by only allowing cryptographically signed programs to be executed by the hardware-level bootloader. The signing is done with private keys owned by the device manufacturer (typical case for Android devices) or operating-system (OS) vendor (such as Microsoft and Apple).
Many hardware-based bootloaders don't support or allow changing the set of allowed signatures, which suggests they were made to control users rather than "protect" them.[citation needed - speculation]
Why it is a problem
Market control
This tech can be used to restrict the software that users can install and use. Even when it's optional, it's typically enabled by default, adding undue friction that deters users from installing alternative OSes.