http://www.zdnet.com/article/microsoft-secure-boot-key-debacle-causes-security-panic/
Quote:
Microsoft has accidentally leaked the keys to the kingdom, permitting attackers to unlock devices protected by Secure Boot -- and it may not be possible to fully resolve the leak.
The design flaw in the Windows operating system can be used to unlock Windows devices, including smartphones and tablets, which are otherwise protected by Secure Boot in order to run operating systems other than Windows on locked down systems.
This, in turn, allows someone with admin rights or an attacker with physical access to a machine not only to bypass Secure Boot and run any operating system they wish, such as Linux or Android, but also permits the installation and execution of bootkit and rootkits at the deepest level of the device, security researchers MY123 and Slipstream revealed in a blog post on Tuesday.
Synopsis; if you build a backdoor, don't leave the key in the lock.
Quote:
Microsoft has accidentally leaked the keys to the kingdom, permitting attackers to unlock devices protected by Secure Boot -- and it may not be possible to fully resolve the leak.
The design flaw in the Windows operating system can be used to unlock Windows devices, including smartphones and tablets, which are otherwise protected by Secure Boot in order to run operating systems other than Windows on locked down systems.
This, in turn, allows someone with admin rights or an attacker with physical access to a machine not only to bypass Secure Boot and run any operating system they wish, such as Linux or Android, but also permits the installation and execution of bootkit and rootkits at the deepest level of the device, security researchers MY123 and Slipstream revealed in a blog post on Tuesday.
Synopsis; if you build a backdoor, don't leave the key in the lock.
Last edited:
