←back to thread

Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security

(securityonline.info)

658 points transpute | 3 comments | 06 May 23 17:39 UTC | HN request time: 0.845s | source

Show context

teddyh ◴[06 May 23 19:39 UTC] No.35844705[source]▶

>>35843566 (OP) #

The original links:

Announcement: http://blogvl7tjyjvsfthobttze52w36wwiz34hrfcmorgvdzb6hikucb7... (link likely to be invalid over time, since the number seems to change)

Link with the actual data: http://vkge4tbgo3kfc6n5lgjyvb7abjxp7wdnaumkh6xscyj4dceifieun...

(Links found via https://www.ransomlook.io/group/money%20message)

replies(1): >>35844734 #

jokowueu ◴[06 May 23 19:42 UTC] No.35844734[source]▶

GitHub link below

https://github.com/binarly-io/SupplyChainAttacks/blob/main/M...

replies(1): >>35844749 #

1. teddyh ◴[06 May 23 19:44 UTC] No.35844749[source]▶

IIUC, aren’t those the public keys, and not the actual, leaked, private keys?

replies(1): >>35850862 #

2. hduebdivd ◴[07 May 23 12:39 UTC] No.35850862[source]▶

>>35844749 (TP) #

i guess they self regulated the leak to avoid github ban.... and to think at one point guthub could host the deccs keys. how times have changed

replies(1): >>35861117 #

3. 1827163 ◴[08 May 23 13:03 UTC] No.35861117[source]▶

So true, I forgot about that, wow, how the frog has boiled so slowly over the years. I now see every GitHub repo has a 'report' button, to facilitate censorship, in the name of 'safety' as usual. With a huge list of categories.