CodeRush has a new tutorial on UEFI SecureBoot:
Taming UEFI SecureBoot tutorial
[…] let’s talk about how to make a UEFI SecureBoot not work for the benefit of Microsoft, as it is often set at default, and for the good of us. If you’re wondering how to generate their own your own keys for SecureBoot how to install them instead of the standard (or with them), you sign your favorite EFI-boot, how to prevent loading of unsigned or signed other people’s key code, it looks like the interface to configure SecureBoot at AMI, Insyde and Phoenix, […]
It is in Russian, use a translation tool if you can’t read Russian (like me). The article has multiple examples and screenshots of multiple UEFI implementations, and includes some UEFI links at the end that I’ve never seen before, exciting!