Bytelocker
Unlock encrypted system volume automatically during boot using TPM2 (Trusted Platform Module 2.0) protection, very fast. (by archee565)
shim
UEFI shim loader (by rhboot)
Bytelocker | shim | |
---|---|---|
1 | 20 | |
6 | 806 | |
- | 2.7% | |
0.0 | 7.0 | |
almost 2 years ago | 6 days ago | |
Python | C | |
- | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Bytelocker
Posts with mentions or reviews of Bytelocker.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-10-03.
shim
Posts with mentions or reviews of shim.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-05-20.
- Critical bug that exists in every Linux boot loader signed in the past decade
-
Signing a UEFI module
Microsoft doesn't really sign other people's code for UEFI. They do sign shim (https://github.com/rhboot/shim) which will look at other keys the user registered with UEFI to load other components to enable you to write custom third party UEFI modules while still supporting secure boot.
-
The vendor-locking is for your own safety. Do not resist.
In this case, the distros first boot loader is shim, which is signed by Microsoft. Shim is FOSS: https://github.com/rhboot/shim
-
SBAT for rEFInd
How do I get dual boot set up and running? There doesn't seem so much documentation about this sbat chicanery as it was introduced to shim in 2021 and patched in rEFInd a bit more than a month ago, so I suppose not enough people have had this trouble yet.
-
Microsoft VS BlackLotus Malware
Secure boot still isn't "secure" at all because microsoft has signed multiple bootloaders with their own keys, which exist only to chain load a second bootloader. See https://github.com/rhboot/shim and https://blog.hansenpartnership.com/linux-foundation-secure-boot-system-released/
-
First in-the-wild UEFI bootkit bypassing UEFI Secure Boot
A new mechanism called SBAT (https://github.com/rhboot/shim/blob/main/SBAT.md) is now used to allow revocation of groups of bootloaders rather than individual hashes in order to mitigate the resource consumption
-
Ultimate guide to Pop OS secure boot with NVIDIA.
{ echo "sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md" echo "systemd-boot,1,systemd,systemd-boot,1,https://systemd.io" } > sbat.csv
- How to add an SBAT section to grub and resign?
-
Unable to install Fedora 36 with secure boot enabled.
Yeah, that incident instigated a totally new approach to revoking bad bootloaders that everybody (including Microsoft) should be using nowadays. So I guess HP just never got the memo.
- Invalid image when trying to boot Nobara Project USB image (both Gnome and KDE)
What are some alternatives?
When comparing Bytelocker and shim you can also consider the following projects:
tpm2KeyUnlock - Adds an automated unlock function based on TPM policy installation
tpm-km - yet another pack of scripts for TPM2+Luks
tpm-luks
stig - TUI and CLI for the BitTorrent client Transmission
tpm2-initramfs-tool - Tool used in initramfs to seal/unseal FDE key to the TPM
xtermwm
WoeUSB - A Microsoft Windows® USB installation media preparer for GNU+Linux
tremc - Curses interface for transmission [Moved to: https://github.com/tremc/tremc]