←back to thread

Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security

(securityonline.info)
658 points transpute | 7 comments | 06 May 23 17:39 UTC | HN request time: 0.373s | source | bottom
Show context
codedokode ◴[06 May 23 18:40 UTC] No.35844123[source]
Isn't it good? Does leaked key mean that now owners of hardware will be able to read and modify the firmware, including IME, and check it for backdoors?

Such keys should be in the hands of users, not Intel.

replies(5): >>35844144 #>>35844419 #>>35844928 #>>35845513 #>>35845801 #
QuiDortDine ◴[06 May 23 18:42 UTC] No.35844144[source]
If there was something to leak, it was always going to. Just a matter of when. Pretending otherwise is just security theater.
replies(4): >>35844147 #>>35844361 #>>35844510 #>>35844608 #
guerrilla ◴[06 May 23 18:43 UTC] No.35844147[source]
Yeah, don't depend on a permanent global conspiracy for your security. Someone always defects and accidents often happen long before that.
replies(4): >>35844184 #>>35844346 #>>35844567 #>>35846541 #
1. henriquez ◴[06 May 23 18:46 UTC] No.35844184[source]
It is not a conspiracy. Just like the iOS App Store it is for your own protection. There is no legitimate reason to run your own software on general purpose computing hardware.
replies(4): >>35844239 #>>35846466 #>>35847367 #>>35847385 #
2. ChrisClark ◴[06 May 23 18:50 UTC] No.35844239[source]
/s I hope. ;)
replies(1): >>35844530 #
3. brookst ◴[06 May 23 19:20 UTC] No.35844530[source]
Doesn't really matter /a or not, it's a ridiculously reductive and extremist position either way.

Security is about tradeoffs, most notably security vs convenience, but also many others.

Anyone who suggests that their personal preferences in tradeoffs are not just universally correct but also the only reasonable position to hold is just silly.

replies(1): >>35846570 #
4. chaxor ◴[06 May 23 23:46 UTC] No.35846466[source]
I love this comment, thank for such a good laugh.

I really hope no one would ever think this non sarcastically.

5. userbinator ◴[07 May 23 00:07 UTC] No.35846570{3}[source]
It's extremist but unfortunately also an opinion that seems to be nonsarcastically becoming more popular.
6. vivegi ◴[07 May 23 02:37 UTC] No.35847367[source]
Yeah, right. Wait until the day when iOS App Store infra keys leak.

Oh no! That will never happen. Because it runs on Apple M1 kryptonite chip that even Superman can't touch. /s

7. Dalewyn ◴[07 May 23 02:40 UTC] No.35847385[source]
This rings more true than many would want to accept: Most people view and use computers as household appliances; they just use whatever is installed on it and if it breaks they go out and buy a new one.

For most people there are, in fact, no legitimate reasons to run "their own" software on "general purpose" (read: household appliance) computing hardware. Almost nobody runs custom software on their washing machine or toaster.