When updating kernel modules on secure boot that don't work with it, apt
shows this message that AIU comes from shim-signed:
The user needs to take a decision whether to disable secureboot or to
leave it on, but to make an *informed* decision, the user will need to
know which those third-party drivers are. In my case, I think it was the
v4l loopback, so I stuck with secureboot, but apt dialogues should
preferably not invite guessing.
I have no clue how that information is available at this point, but it
would have helped me to see something like:
thanks for your consideration, and for maintaining this
Christian