(securityonline.info)

658 points transpute | 2 comments | 06 May 23 17:39 UTC | HN request time: 0.001s | source

1. DethNinja ◴[06 May 23 23:30 UTC] No.35846349[source]▶

I guess lesson learned here is:

Always self-sign the secure boot keys, do not use any third-party keys.

Unfortunately, this complicates the kernel & boot loader upgrade process as one shouldn’t keep private keys in the same machine.

replies(1): >>35847630 #

2. Arnavion ◴[07 May 23 03:27 UTC] No.35847630[source]▶

>>35846349 (TP) #

The leaked key in question has nothing to do with Secure Boot keys. The leaked key in question affects you even if you have your own Secure Boot keys.

↑

Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security