© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
>> I don't think it's appropriate to display that in the settings app.
> I suppose that not knowing is more secure?
Yes if you consider the risk of users DoS'ing themselves by having to potentially hack around in the CLI / BIOS settings to try and find the right incantations to get a green check mark to appear. The status quo is a lack of awareness - so we need to trade of the risks of showing something which is unactionable and potentially alarming vs. keeping things as they are. Once there is support to rectify these issues from the GUI then I am not at all opposed to showing this information and would welcome it. However even then, we will want to ensure this is a robust process since we don't want to say make it easy to enable Secure Boot and then prevent machines from booting since the user doesn't actually run a signed kernel, or say end up having hardware devices silently disabled on a subsequent reboot since they were previously using unsigned modules etc. There is a lot of complexity and corner cases here so it is prudent to be conservative in our approach IMO.