> install Windows 11. This came with the laptop. And the installation makes installing Linux feel easy: I had to do so many weird tricks to avoid having to create an account with Microsoft during the installation.

The way secure boot evolved is disgusting. Specially because, at the time it was becoming popular, people we're warned that was more a tool of control than for security. Having to install a proprietary OS to install another should be forbidden.

▲

mystifyingpoi 10 hours ago | parent [-]

But what happened doesn't make sense even. Why would upgrading the BIOS suddenly restore the option to toggle Secure Boot? If the previous owner (assuming, some company) disabled this, why would it be so trivial (comparatively) to work around it?

	▲	jeroenhd 10 hours ago \| parent \| next [-]
		I've seen laptops stuck in weird state. Most likely, Fujitsu didn't bother to test turning off secure boot once they received the BIOS they bought, and fixed the toggle in a firmware update. Linux boots fine using standard secure boot, so if it refused it's either NixOS using an unsigned bootloader (which is surprising to me) or secure boot just being bugged to hell. Another option is that NixOS uses secure boot but uses a signature that's too recent: one of the secure boot CAs is expiring soon, and an old BIOS may not carry the new key if NixOS opts to sign their bootloader with the latest key. This issue doesn't just affect Linux, certain Windows images won't boot on older devices either if this mismatch happens. My bet is on NVRAM getting into a weird state or a buggy BIOS. That's the most obvious thing that would get fixed by updating the BIOS.
	▲	makeitdouble 10 hours ago \| parent \| prev \| next [-]
		If the company fully managed the previous windows install, they'd have control on the upgrades to the BIOS as well and could just block them. These restrictions disappear with standard windows install.
	▲	9 hours ago \| parent \| prev [-]
		[deleted]