Secure boot as it currently exists in desktop Linux distributions is sufficient to verify that the bootloader and kernel have not been tampered with, but generally does nothing to ensure that userland is secure. How can we fix that?