Hi! Thanks for clicking on this post.
I purchased a Steam Deck OLED about a year ago hoping to play my favorite video games outside of a Microsoft environment (the Xbox Live costs were getting annoying).
Everything worked fine for a while until EA games stopped launching via Steam OS. This fact motivated me to look into dual booting with the Windows 10 edition that’ll be supported for another 5-7 years, despite the commercial editions losing support in October 2025. I followed this guide, and got W10 dual boot up and running with Ventoy and GParted.
Fast forward to 2025, and the new Battlefield 6 beta just launched. I was hoping to try the beta out knowing that I probably wouldn’t buy the game (all BFs since BF1 are COD trash) and that BF4, BF1, and BFV all launch in W10 on Deck.
But then I receive this error: “SecureBoot is not enabled. Learn how to use SecureBoot at [go.ea.com/SecureBoot] (111)”.
I’ve done some research to try to figure this out, following EA’s own guide to enable Secure Boot:
Running msinfo32 shows that my BIOS Mode is UEFI, and Secure Boot State is Off.
Running tpm.msc shows that “The TPM is ready for use” under Status.
Entering Disk Management, right clicking on C:, selecting Properties, Hardware, Micron_2400_MTFDKBK1T0QFM, Properties, Volumes, Populate, and my Partition style is shown as GUID Partition Table (GPT).
Now I enter Advanced Startup to view BIOS settings, Troubleshoot, Advanced options, UEFI Firmware Settings, Restart, and the Steam Deck boots into the InsydeH2 BIOS menu.
From here, EA says these BIOS settings are specific to the manufacturer, so I go exploring. Under Setup Utility, I see Main, Advanced, Security, Power, Boot, and Exit menus to the left side of the screen.
When I click through these, I see the following:
-
BIOS Release Date = 08/01/2024
-
VBIOS FW Version = 113-AMDSphJupiter
-
Current TPM Device = TPM 2.0 (FTPM)
-
TPM State = All Hierarchies Enabled, Owned
-
Quick Boot = Enabled
-
Quiet Boot = Enabled
I don’t see any specific mention of “Secure Boot”.
I have read that the only way to enable Secure Boot is to go through these steps. I don’t have the time or energy to do that now. Maybe this weekend.
Has anyone else gone through similar troubleshooting?
Is the above the right path forward for my use case?
Are there any risks I should keep in mind if I want to enable Secure Boot?
What ways can I protect myself from my n00b carelessness?
Thanks for your time!! I don’t post much, but all the reddit posts out there failed to answer my specific problem. And who on Lemmy doesn’t like more content?
I’ll just start off with some second hand knowledge I cannot promise is correct because I recently learned that secure boot is a bit of a hot mess.
I seem to remember from discussions of recent articles that were about expiration of some widely used keys to run secure boot, that this is something you need to enable when you install your operating system. Unless I misunderstood what people were saying it sounds to me like there is no way to switch it on retroactively, because that pretty much stops your operating system from booting. Similar if you had it on during installation and then switch it off, your system won’t run.
I guess this is to avoid that someone with physical access to your computer can just switch it off, install root kit malware, then switch it back on (or not).
Again. I might be wrong but maybe if you look into that direction you find some more information that helps.
Interesting, hadn’t seen this quirk in my research. Thanks for sharing.
I may be willing to wipe my partitions clean and do a fresh W10 install, but there would need to be a video guide from Bald Sealion or others.
Honestly the more and more I look into this mess, as you rightfully put it, it’s not worth it for 1 game.