Zorin only Secure Boot on or off?

I only use Zorin OS, and Secure Boot is still set in the bios. Do I have any use with this? Or should I generally deactivate Secure Boot?

Secure boot can conflict with the Linux system, however I don't know if it's when Windows is install along side.

I no longer have Windows, I only use Zorin 17 on my system, hence the question, does Secure Boot with Zorin (Linux) have a positive function on security or not?

If it's working with it enabled, then I would just leave it running and go with it. Technically I run with secure boot off, as the benefits it provides are very limited for an end user imo (and CAN lead to issues, but not all the time). It's technically more secure with it enabled, but realistically it doesn't matter either way.

Ah okay Technically safe is good, isn't it?
Yes, it is switched on and is currently running.

Yes, I would just leave it on. Just in the future, in case you get an issue with booting up, you can disable it later.

1 Like

I would disable it. It is very easy to do so and you do not know when you may install software that conflicts with it, so why not prevent the headache now?

1 Like

There are some advanced cases where secure boot can cost you all of your data if you're using whole drive encryption like LUKS. If secure boot looks like it's been tampered with, your drive could fail to decrypt. That's a very specific situation you probably don't need to care about; just have it in the back of your mind if you decide to experiment with encryption.

Otherwise, secure boot mainly matters to keep certain kinds of malware and attacks at bay, but to the best of my knowledge, such attacks are WAY more common on Windows.

1 Like

Okay, I see that opinions differ greatly :confused:

Since I haven't noticed any problems with Secure Boot so far, I'll leave the setting active.

"Linux administrators will still need the Microsoft Unified Extensible Firmware Interface (UEFI) Third Party Marketplace CA 2011 certificate to utilize Secure Boot with leading Linux distributions. [6]"

Extract from NSA advisory on BlackLotus malware: