Good article. I think Ubuntu uses Debian's shim. The package is called something *-signed-shim... I've tried self signing modules before, sometimes the "blue screen" won't accept my password (not a numlock or length or chatacter problem) and one time it did but I had to go true root which I don't want. IMO, chances of boot sector malware invading a personal computer is low, and even lower under linux given that I verfiy all keys and checksums before booting an iso. Can it be caught _on-the-fly_?