Hi! Thanks for clicking on this post.
I purchased a Steam Deck OLED about a year ago hoping to play my favorite video games outside of a Microsoft environment (the Xbox Live costs were getting annoying).
Everything worked fine for a while until EA games stopped launching via Steam OS. This fact motivated me to look into dual booting with the Windows 10 edition that’ll be supported for another 5-7 years, despite the commercial editions losing support in October 2025. I followed this guide, and got W10 dual boot up and running with Ventoy and GParted.
Fast forward to 2025, and the new Battlefield 6 beta just launched. I was hoping to try the beta out knowing that I probably wouldn’t buy the game (all BFs since BF1 are COD trash) and that BF4, BF1, and BFV all launch in W10 on Deck.
But then I receive this error: “SecureBoot is not enabled. Learn how to use SecureBoot at [go.ea.com/SecureBoot] (111)”.
I’ve done some research to try to figure this out, following EA’s own guide to enable Secure Boot:
Running msinfo32 shows that my BIOS Mode is UEFI, and Secure Boot State is Off.
Running tpm.msc shows that “The TPM is ready for use” under Status.
Entering Disk Management, right clicking on C:, selecting Properties, Hardware, Micron_2400_MTFDKBK1T0QFM, Properties, Volumes, Populate, and my Partition style is shown as GUID Partition Table (GPT).
Now I enter Advanced Startup to view BIOS settings, Troubleshoot, Advanced options, UEFI Firmware Settings, Restart, and the Steam Deck boots into the InsydeH2 BIOS menu.
From here, EA says these BIOS settings are specific to the manufacturer, so I go exploring. Under Setup Utility, I see Main, Advanced, Security, Power, Boot, and Exit menus to the left side of the screen.
When I click through these, I see the following:
- BIOS Release Date = 08/01/2024
- VBIOS FW Version = 113-AMDSphJupiter
- Current TPM Device = TPM 2.0 (FTPM)
- TPM State = All Hierarchies Enabled, Owned
- Quick Boot = Enabled
- Quiet Boot = Enabled
I don’t see any specific mention of “Secure Boot”.
I have read that the only way to enable Secure Boot is to go through these steps. I don’t have the time or energy to do that now. Maybe this weekend.
Has anyone else gone through similar troubleshooting?
Is the above the right path forward for my use case?
Are there any risks I should keep in mind if I want to enable Secure Boot?
What ways can I protect myself from my n00b carelessness?
Thanks for your time!! I don’t post much, but all the reddit posts out there failed to answer my specific problem. And who on Lemmy doesn’t like more content?
sp3ctr4l@lemmy.dbzer0.com 4 hours ago
So, Secure Boot for Windows is basically a mode of running your system that cryptographically links your Windows OS to the BIOS/UEFI… and the way that this works is almost always incompatible with a dual boot setup that includes Linux… maybe unless you have literally physically distinct harddrives/ssds/microsd/usb drives that each OS lives on?
The Steam Deck does not officially support Windows Secure boot.
Because…
Basically, Secure Boot means that … no other OS is allowed to boot.
That’s what ‘Secure’ means, to Windows/MSFT.
There are basically workaround hacks to attempt to get Win 10 Secure Boot working on a Deck, but they are not official, unsupported, could break at any time with any Windows update.
…
So yeah, you cannot do a Win 10 + Linux dual boot where that Win 10 boot is also ‘Secure’, at the same time.
If you start with a dual boot config, and then manage to enable secure boot for Win 10… chances are very high that Win 10 will then reconfigure your boot config to disable dual boot, it’ll wipe out GRUB, and now your linux stuff … is still there, but you can’t access it.
…
This isn’t really a direct answer to your question, but MSFT and … more or less, everything it touches, hardware, software… have been making it harder and harder to successfully dual boot Windows and Linux for over a decade now.
If you or others in this thread somehow can figure this out, in a reliably stable way, well, that’s honestly impressive…
But imo, it isn’t worth the effort.
Any game update, or Windows update, or Mobo firmware level BIOS/UEFI update… could blow up your entire solution, because your entire solution basically by definition is actually going to be a hacky workaround that tricks Win 10 into thinking it is Secure Boot mode, when it actually isn’t.
MSFT really, really wants you to use its virtualized version of linux (WSL), or run a linux VM, but keep everything on bare metal Windows.
…
All that being said:
github.com/ryanrudolfoba/SecureBootForSteamDeck
You may or may not be able to get this to work, but absolutely back up your entire linux system and every personal document and file and program on it, back it up to another physical drive of some kind before you do it, as you should expect more or less catastrophic failure if anything goes wrong, like fucking up a ROM flash of a smartphone.
Kazumara@discuss.tchncs.de 36 minutes ago
Of course it has Secure Boot, that’s a required part of the UEFI spec. “Windows Secure Boot” is not a thing.
No it means only EFI files that are signed with a known key are loaded. I use secure boot to load my signed GRUB.
What the Steam Deck doesn’t have is the Microsoft signing keys pre-installed in its factory state. If you buy other computers or bare mainboards they usually have this.
sp3ctr4l@lemmy.dbzer0.com 7 minutes ago
Part 1:
Yep. The Deck and SteamOS have Secure Boot.
I never said they did not.
I said:
Not sure if you struggle with reading comprehension in English, but when you read all of this, together, it is obvious that I am saying that the Windows specific implenentation of Secure Boot is exclusionary, only works with Windows.
This is true, by default, unless you do a bunch of other extra work, which is easy to fuck up and likely to fail at some future point, because the way Windows ‘does’ Secure Boot is very different from how basically every other OS does, and will constantly change in subtle and esoteric ways that often result in a user being unable to access any other OS than Windows.
Windows Secure Boot is thus functionally a distinct thing, even if Windows/MSFT act otherwise and insist on confusing and obfuscatory terminology… which they have a long track record of doing with basically all of their software and related nomenclature, for decades.
Part 2:
Yep, which is why I described that in layman’s terms by saying:
Yep, you can do some extra bullshit, and it might work for a while, untill a new Windows update of some kind rewrites your UEFI config, requires some new arcane dependency setting or config of some kind, which then will lock out your non Windows OS.
Yep, other Mobos often come with everything preconfigured for Windows and their specific implenentation of Secure Boot.
The Steam Deck doesn’t, and that is what we are talking about.
Also, its entirely possible and even common for dual boot and linux users to either intentionally or unintentionally wipe out those Windows EFI files, alter the crypotgraphic signing process in some other way, and then you run into this same problem on other Mobos.
Resonosity@lemmy.dbzer0.com 1 hour ago
Oh yeah, apparently I updated W10 a few months ago accidentally (not even knowing the implications to this) and it wiped GRUB. The only way I’m able to boot into SteamOS now is to power the Deck from OFF into W10, shutdown, boot into BIOS, and select one of the EFI files. Not ideal, but it still works. That’s all I’m looking for for now, that my Steam Deck still functions.
One of the things that’s concerning me long term is that it seems like the Steam Deck can’t fully restart to do system updates. When it does, the Deck boots straight into W10, cancelling out any progress on the updates. There might be a way to fix this, but I’m not a tech guru! (Even though I’m an engineer).
Appreciate the protection recommendations btw. The more I live in a dual boot world, and the more games that release on Steam, the more I’m willing to completely scrap W10. I still enjoy the BFs tho, and Delta Force isn’t a good alternative. As my taste in games change, who knows.
Thanks for the help
sp3ctr4l@lemmy.dbzer0.com 1 hour ago
No problem!
Yeah, dual booting Win and Lin is… basically a trap at this point, I first tried to do it over a decade now…
There really is no need anymore, beyond very specific uses cases, to run Windows at all.
Linux caught up and has now exceeded it in basically everyway, as Windows has also enshittified.
I would suggest you look into just switching your Deck over to Bazzite.
From a basic user stand point, it is highly functional and performant, gives you more flexibility and utilities than default SteamOS, and you can even set up a linux container as a dev environment to do linux dev stuff, use Bottles or something if you need something closer to a Windows environment.
Yeah, its still not gonna play those few, super hyped and marketed AAA games… but fuck em, they’re evil corpos, stop giving them your time and money.
…
And I just made another suggestion to you in another comment:
You want BF style game(play)?
TitanFall 2. Still alive, still alive, got a reverse engineered server browser and private servers, runs great on linux via Proton.