←back to thread

Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security

(securityonline.info)
658 points transpute | 5 comments | 06 May 23 17:39 UTC | HN request time: 1.079s | source
1. transpute ◴[06 May 23 18:24 UTC] No.35843954[source]
Related thread, https://twitter.com/binarly_io/status/1654287041339998208
replies(1): >>35845362 #
2. csdvrx ◴[06 May 23 21:05 UTC] No.35845362[source]
How can you scan your firmware on linux, without running an unknown payload, to know if you're affected?

How can you test the leaked key say to edit your bios, resign it, then reflash it?

replies(1): >>35845408 #
3. transpute ◴[06 May 23 21:13 UTC] No.35845408[source]
> How can you scan your firmware on linux, without running an unknown payload, to know if you're affected?

According to the Twitter thread above, you would upload the original OEM firmware for your device to Binarly's web portal at https://fwhunt.run. The firmware file matching your device could be obtained from the OEM's website, rather than the running system. I haven't tried this myself, don't know if it requires unpacking or pre-processing the OEM firmware file format.

replies(1): >>35845480 #
4. csdvrx ◴[06 May 23 21:24 UTC] No.35845480{3}[source]
They must be doing the equivalent of a grep.

It seems safe, but I'd rather do that locally.

replies(1): >>35845544 #
5. transpute ◴[06 May 23 21:34 UTC] No.35845544{4}[source]
Maybe someone could add key manifest inspection to this OSS tool, https://fiedka.app.

Hopefully Intel and OEMs will make official statements soon.

If you're copying a firmware file from the OEM's website to Binarly's website, then receiving a text report, they would have an IP address, browser fingerprint and device model number, but little else.