Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security

(securityonline.info)

658 points transpute | 2 comments | 06 May 23 17:39 UTC | HN request time: 0.002s | source

Show context

yyyk ◴[06 May 23 18:42 UTC] No.35844137[source]▶

Is there only one 'private key', or do they use an intermediate cert kind of setup where they could revoke MSI via a BIOS update?

replies(1): >>35844383 #

andromeduck ◴[06 May 23 19:05 UTC] No.35844383[source]▶

>>35844137 #

You can always factory reset.

replies(1): >>35844486 #

SXX ◴[06 May 23 19:16 UTC] No.35844486[source]▶

>>35844383 #

What factory reset? PC motherboards are not Android phones. When you flash new BIOS you can't get back to old one without flashing it and obviously new BIOS versions after accident will likely forbid flashing of older versions.

replies(1): >>35844718 #

1. pseudo0 ◴[06 May 23 19:41 UTC] No.35844718[source]▶

>>35844486 #

On many modern motherboards there is a backup bios that you can boot into by shorting certain pins. This can be done in about 10-15 minutes by a person with a metal paperclip, some basic technical knowledge and instructions from a YouTube video. I don't think there is even a mechanism to update this backup version, it's just a "known good" bios shipped with the hardware so that a bad bios update does not brick the device.

So even if they push an update, people can pretty easily downgrade to a vulnerable version if they want to.

replies(1): >>35845420 #

2. SXX ◴[06 May 23 21:14 UTC] No.35845420[source]▶

>>35844718 (TP) #

I doubt there are actually many boards with dual bios. For a while Gigabyte had a lot of them, but for many years very many of their boards dont have this feature

↑