(securityonline.info)

658 points transpute | 2 comments | 06 May 23 17:39 UTC | HN request time: 0s | source

Show context

josephcsible ◴[06 May 23 19:00 UTC] No.35844339[source]▶

This isn't a blow to real security, just to DRM and treacherous computing. There's no legitimate security from "Secure" Boot.

replies(2): >>35844366 #>>35845021 #

bawolff ◴[06 May 23 19:03 UTC] No.35844366[source]▶

>>35844339 #

Evil maids?

replies(6): >>35844387 #>>35844545 #>>35844816 #>>35845120 #>>35845414 #>>35849808 #

1. happymellon ◴[06 May 23 19:23 UTC] No.35844545[source]▶

>>35844366 #

I agree that this is the reason, but having Intel as the guard only makes it so that it could have already been hacked/leaked/bypassed and you never know.

At least if it was user controlled we can ensure that other people's leaked keys don't bypass our security.

replies(1): >>35844739 #

2. charcircuit ◴[06 May 23 19:43 UTC] No.35844739[source]▶

>>35844545 (TP) #

If it's user controlled what stops an attacker from bypassing it as the "user"? Most people just want to have a secure device and will not think about security, not want to do any work to secure their device.

↑

Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security