> > > > If I understand it right, in Setup Mode, you can either boot any > > non-signed operating system, or you can import your own keys into the > > firmware, so that you can sign your own bootloaders. For me, this is > > enough to not care about Secure Boot. > > I didn't know key replacement was a requirement for MS certification. That's better than I thought, however. You can only have one key and so it's a barrier to competition via preventing trying out other OS's on a whim!!. To multiboot you have to pay and spend a lot of time. Having authorisation to disable it completely but not import multiple keys simply doesn't make sense. Once sorted, Next stop. Preventing my hard drives firmware from nullifying my boot security ;-) -- ________________________________________________________ Why not do something good every day and install BOINC. ________________________________________________________