Definitions and Descriptions.
UEFI, or Unified Extensible Firmware Interface, is a type of firmware that is used to boot up computers and other devices. It replaces the traditional BIOS (Basic Input/Output System) and provides a more modern and flexible interface for booting up a device.
UEFI has a number of advantages over BIOS, including:
One example of a device that uses UEFI is a modern laptop or desktop computer. When the device is turned on, the UEFI firmware loads and begins the boot process. The user can then use the UEFI GUI to select the operating system or boot device, as well as configure other boot options.
Another example of a device that uses UEFI is a modern server. UEFI is often used in servers to allow for more complex boot processes, such as booting from a network or from a logical volume manager.
Overall, UEFI is a modern and flexible firmware that is used to boot up a wide range of devices. Its features and compatibility make it an important part of the boot process for many devices.
UEFI Secure Boot
Secure boot is a security feature found in modern computers that prevents unauthorized software from running during the boot process. It is designed to protect against malware and other threats that may attempt to compromise the system before the operating system has loaded.
Secure boot is implemented through the use of Unified Extensible Firmware Interface (UEFI), a standardized interface that controls the boot process of a computer. UEFI replaces the traditional BIOS system and allows for more advanced features such as secure boot.
Secure boot works by requiring that any software that is allowed to run during the boot process must be digitally signed with a trusted certificate. This ensures that only software that has been approved by the manufacturer or the operating system vendor can run. If an unauthorized or untrusted piece of software is detected, it will be blocked from running and the system will not boot.
One example of secure boot in action is the protection against bootkits, which are types of malware that infect the boot process in order to remain hidden and persist on a system. With secure boot enabled, a bootkit would not be able to run and would be detected and blocked before the operating system loads.