How do you secure your bootloader without secure boot or why doesn't it matter?
I've made the effort to secure mine and am aware of how the trusted protection module works with keys, Fedora's Anaconda system, the shim, etc. I've seen where some here have mentioned they do not care or enable secure boot. Out of open minded curiosity for questioning my biases, I would like to know if there is anything I've overlooked or never heard of. Are you hashing and reflashing with a CH341/Rπ/etc, or is there some other strategy like super serious network isolation?
At the point where the feds are paying Israelis millions to break your boot shit, they're paying dudes to watch you type in your password or any number of other things. I'd argue as long as you're not among the [number of prey] the predators are looking to take down at the back, for whatever category of shit you're in, you're fine