4

Ubuntu supports UEFI and Secure Boot, but it's unclear if they should be used. From my reading, it seems that using UEFI improves security, but the Ubuntu UEFI documentation says:

If you're installing Ubuntu as the sole OS on a computer, either mode is likely to work, although BIOS mode is less likely to cause problems... if Ubuntu is the only operating system on your computer, then it does not matter whether you install Ubuntu in UEFI mode or not.

Is this true? Does it really not matter whether UEFI is used, even when it comes to security?

Do you believe Ubuntu should be installed in UEFI mode?

John Karahalis
  • 196

2 Answers2

2

UEFI is a newer technology, so its support has been added later to Ubuntu and therefore is generally less tested in real conditions than legacy BIOS. This doesn’t mean it hasn’t been tested enough, just the time in which the world is using UEFI is shorter than for legacy BIOS.

The text you quoted from Ubuntu UEFI documentation was added on 2015-06-07 which is almost 5 years ago.

either mode is likely to work, although BIOS mode is less likely to cause problems...

So if you are not experiencing any problems, you can happily use UEFI. I personally would choose UEFI because I find it mature enough and more flexible. (Related: In a dual boot system, how does the BIOS choose which bootloader to run?)

Does it really not matter whether UEFI is used, even when it comes to security?

As you have found already, UEFI offers Secure Boot which legacy BIOS does not. Legacy BIOS was never designed to provide security features.

Melebius
  • 11,750
2

If you are encrypting the disk (LUKS), UEFI prevents (or at least makes it very hard) to make you boot on a hacked kernel (that could steal your passphrase). LUKS without UEFI wouldn't make much sense.

xenoid
  • 5,759