Speaking of which I have another question building on the last post I did two days ago when I said that I turned Secure Boot off on that Dell Inspiron.
Everything seemed to be fine at first, the computer loaded Linux Mint and I thought everything was normal. But then the next morning I turn the computer on, I see the Dell logo, then the Linux Mint logo, and then… a black screen with a little _ in the top left corner. I left it for several hours (got busy with other things, haha) and still nothing happened, so it’s not that it needed more time.
The way I got the computer to load Mint after that black _ screen was to press the power button until it shut down hard. Then I waited 30 seconds and pressed the power button again. After that it loaded Mint, whew! At which point I quickly backed up the computer in case it didn’t load Mint the next time. But it did, I loads Mint if you go through the whole process of turning it on, then hard turning it off, and on again, ha.
Since I had some things to get done outside of the house I turned Secure Boot back on so I could get through those two days. Now I’m wondering… Is there another setting somewhere that I need to change in order to get the boot to choose to load Linux Mint every time? I dug around the internet and couldn’t find an answer to this, but thought maybe you would know? I’m hoping against hope that I don’t have to reinstall Linux
I did find one thing that might be something I should do, but I don’t understand it. In this link (Disabling Secure Boot | Microsoft Learn) there’s a paragraph that says:
In some cases, you may need to change other settings in the firmware, such as enabling a Compatibility Support Module (CSM) to support legacy BIOS operating systems. To use a CSM, you may also need to reformat the hard drive using the Master Boot Record (MBR) format, and then reinstall Windows.
Thought I’d share that from my research in case it’s helpful
Generally speaking, no, you won’t have to reinstall anything. Even if it does stop working completely, you can still save your files with ease.
Also, since you installed Mint with Secure Boot, removing it will require clearing out the keys in the BIOS. Then, when you enter Mint, the following command will clear the keys from your Linux installation as well:
sudo mokutil --reset
After that, I doubt you will have any other issues with Secure Boot off.
That’s great news, thank you!! When you say “clear out the keys in the BIOS”, is another way of wording that “reset the BIOS”? I found this short step by step (When I Turn My Computer on It Tries to Start Then Goes Right Off | Small Business - Chron.com) on how to reset a Dell Inspiron BIOS, but then I wasn’t sure if that’s the same thing as clearing the keys? I don’t want to rest the BIOS and find I’ve wiped the hard drive or something.
You are most welcome @hannahgirl!
Resetting the BIOS (or the CMOS) is different. In most BIOS setups there is a section with the keys right next to (or under of) the Secure Boot option. These are the authentication keys that the BIOS uses to implement the boot process and check the loading kernel. Do you happen to see those within your BIOS?
I think you got the most advanced BIOS screen I’ve ever seen!
To completely disable MS Secure Boot, all you’ll need to do - besides disabling it - will be to delete all the keys. Don’t worry, as they remain in the motherboard’s ROM (Read-Only Memory) if you ever decide to reinstate them.
Then, you can execute the former command to clear the keys from your Linux installation.
The alternative:
If you do not have any issues in your OS, then leave things as they are. However, if you do start experiencing abnormalities in behavior, consider clearing out Secure Boot and Keys (and get rid of them within your Linux as well).
@vasileios Hey! I haven’t replied till now because I was waiting to try what you said and then report back. But I haven’t had a moment to try it, and since you said if I’m not having any issues… Well, there aren’t any issues and haven’t been for the 3+ months I’ve had Linux on that Dell, so I thought at the very least I would wait till I have time. But more and more I’m thinking of just leaving it altogether. Although I don’t want it on, it might be simpler to leave it. Anyway, I will keep this thread updated either way for future folks to reference
Hi Vasileios
I have a follow-up question about Secure Boot and internet speed… Basically, I accidentally turned on Secure Boot when I was installing Linux Mint on my Dell back in October. After I asked about it in the original post of this thread you worked to help me turn it off, but you also said that if having Secure Boot turned on on my Dell wasn’t causing any problems I could just leave it if I wanted to.
That sounded good to me and I’ve been watching that laptop ever since for any issues. So far the only issue is that the internet is really, really slow sometimes ever since installing Linux. Sometimes it’s fine, but often it’s incredibly slow. All the other laptops (both Linux and Windows) in the house using the same WiFi router and browser (Brave) are getting fast internet like always. So strange.
After a couple months of trying different things and waiting I suddenly wondered if it was Secure Boot? It feels a little silly to even ask if Secure Boot could effect internet speed, ha! They seem like totally unrelated things, but I thought I’d ask juuuuuust in case since I’m watching for issues with Secure Boot on this Dell.
Thanks so much for your time and knowledge!
P.S. If the answer to this question is “no, there is no way Secure Boot could effect internet speed”, then I’ll delete this post (since that would make it super off topic, haha) and search the forum / make a new thread.
Hey @hannahgirl!
Secure Boot is a bit deceptive when it comes to its name. It does a lot more than just booting your system. It requires the OS to run under specific parameters and keeps on checking the modules that run under the Kernel.
The way that it works is that it checks for the SHIM file, which is the digital signature for the Kernel. Some Linux distros come with their shipped Kernels as pre-signed. However, any manual Kernel version upgrade (other than the official patches) will void that signature and will not load. Now, how does this affect your internet speed?
Drivers on Linux are either pre-installed inside the Kernel itself, or are added as external modules post installation. While there may not be a direct issues for many of the modules, the Secure Boot will trigger constant “integrity checks” (read “Microsoft Approval”) for those modules. This can present issues for the said modules.
I encountered this with a poor guy from Australia, who had bought a new system (with a TPM 2.0 - the latest hardware chip for Secure Boot) and both his WiFi and Bluetooth were inoperable. Or, when one was working, the other was not. When we kicked Secure Boot out, both started working normally. That makes you think, no?
Whoa. Okay then! Haha, Secure Boot is the worst I’ve just finished following your “how to turn off Secure Boot” steps and everything on the Dell appears to be awesome. Last time I turned Secure Boot off I didn’t do it right and Mint wouldn’t boot sometimes, so hopefully all is well this time. I’ll watch if the internet is still slow too just in case there’s another issue there, but either way, I’m really glad to have Secure Boot gone. Thank you so much!
In case it helps anyone else, here is what I did to turn off Secure Boot (on a Dell Inspiron 15) in about 10 minutes:
I backed up the laptop (because it’s just a good idea).
Shut down the laptop.
Turned the laptop on and immediately started tapping F12 on the keyboard (like in this video) until I saw a Boot Option Set Up type screen. (Note: you may need to press F2 instead, or whatever key you need your computer uses to get to the Boot screen. If you don’t know which key, you can search to find the one for your specific computer, but it’s usually F12 or F2 so you can give those a try first if you want.)
Clicked on the “BIOS Set Up” section. Your page name may be different than mine, just look around until you find “Secure Boot” (see fourth screen shot in post 26 above for how my page looked) and toggle that off.
Found the “keys” to delete. For me the keys were on a different page than the “Secure Boot” page. It was called “Expert Key Management” (see first screen shot in post 26 above)and I clicked the button there that said “Delete All Keys”. It then said I needed to “Enable Custom Mode” (again, see first screen shot in post 26 above), so I did.
Clicked “Apple Changes” at the bottom of the screen.
Then clicked “Exit” in the right corner of the screen, so that the computer then booted itself to Linux Mint.
Opened a Terminal window and typed: sudo mokutil --reset
The Terminal asked for my password, which I typed. Then this is where I got stuck for a bit. It asked for a password again, but wouldn’t let me type. I searched and apparently it IS typing anyway, so just type the password carefully and then it will accept it and ask for it again. I typed my password twice again, but it said I typed the wrong password. That might not happen to you, but if it does, here’s the solution that worked for me: What was the original password you used to install Linux Mint on your computer? I had changed my password since then, so I needed to type the original one, not the current one. Aha! 9. So then I typed that original password in twice and voilà, all done
Alrighty, I’ll update if anything changes with all that above
you’re welcome! Sadly, this morning I woke up and the Dell laptop wouldn’t boot to Mint. When I turned it on it starts up, shows the Dell logo, and then goes to a black screen with one of these _ in the top left corner. I had to restart it 4 times to get Mint to boot.
Last time this happened months ago I had to turn Secure Boot back on in order for Mint to boot every time. And I thought that I had to do that (turn Secure boot back on) because I hadn’t turned Secure Boot off properly by also deleting the keys.
But now it’s happening again. Ugh, sorry for this never-ending issue! If you have any ideas or solutions, they’d be most welcome! At least the internet on the Dell is pretty fast again so far.
No worries @hannahgirl!
There are multiple ways to do this. The first one that comes into mind is the mkoutil trying to verify the keys - which are now disabled. This makes the system halt during the boot process. Once you manage to boot normally, open up a terminal and type in:
On the same article you will also notice that the DKMS tends to not work properly when Secure Boot is enabled. This is what we discussed above. DKMS is the Dynamic Kernel Module Support, which is responsible for installing additional modules (drivers) to your Kernel.
As a last step, before you reboot, execute:
sudo update-grub
This will rewrite the configuration and boot files on your Grub loader. Then, reboot and check it out.
Thanks, @vasileios! I did what you said yesterday and today the Dell still went black after I started it, but! guess what? I went into the Boot Set Up via F12 and looked at everything again… just in case I missed something. Which is when I discovered that yes, I had missed something. There are 4 sets of keys! And when you click “Delete All Keys”, it doesn’t delete all 4 sets, it only deletes all the keys for 1 set at a time.
So, back when I turned Secure Boot off the other day I had only deleted one set of keys. No wonder it still wasn’t working, haha! So, this morning I clicked “Delete All Keys” for each set and I think maybe that was what was wrong.
I’m hopeful that it’s all set to go now. Either way, I’ll come back and edit that step-by-step I wrote above to be more accurate OR I’ll have anothe “oh no” for us
Hey again @vasileios! The black screen is still happening. I was so sure it was good now, but the problem lingers. Since my last post I’ve had to put the Dell into “suspend” mode because I’ve been so busy. So, last night I shut it down and this morning when I turned it on it shows the Dell logo, then goes to a black screen with just an underscore in the top left corner. I had to hard restart it three times before Mint would load.
What can it be? I’ve been really focusing to be thorough and detailed when following instructions, but perhaps I’m missing something? Like before when I didn’t realize there were 4 sets of keys to delete? Hmm. Do you see anything on the pages I took pictures of back on post 26 that might have a clue to this?
Hey @vasileios, just bumping my post above up in case it got missed. Also, I have some new info that might help, lol. I’ve been trying not to shut down the Dell laptop too much as it takes 4-5 times to get it to boot to Mint, but today something new happened instead of a black screen with an underscore, there was this screen:
I have another question building on the last post I did two days ago when I said that I turned Secure Boot off on that Dell Inspiron.
I’ve just finished following your “how to turn off Secure Boot” steps and everything on the Dell appears to be awesome. Last time I turned Secure Boot off I didn’t do it right and Mint wouldn’t boot sometimes, so hopefully all is well this time. I’ll watch if the internet is still slow too just in case there’s another issue there, but either way, I’m really glad to have Secure Boot gone. Thank you so much! 
Ugh, sorry for this never-ending issue! If you have any ideas or solutions, they’d be most welcome! At least the internet on the Dell is pretty fast again so far.
