←back to thread

Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security

(securityonline.info)
658 points transpute | 1 comments | 06 May 23 17:39 UTC | HN request time: 0.207s | source
Show context
thathndude ◴[06 May 23 18:46 UTC] No.35844191[source]
This was always a dumb idea. No different than a “master” TSA key. All it does is create a single point of failure.
replies(5): >>35844335 #>>35844411 #>>35844581 #>>35845052 #>>35845754 #
rvba ◴[06 May 23 20:22 UTC] No.35845052[source]
It was a genius idea - you cannot install Windows 11 on an old computer. So you need to buy a new one.

Monopoly practice hidden as security.

replies(2): >>35845255 #>>35846509 #
tredre3 ◴[06 May 23 20:51 UTC] No.35845255[source]
This has nothing to do with TFA, you're thinking of the TPM2.0 which is unrelated to secure boot.

Secure Boot is part of UEFI. TPM2.0 is used only by bitlocker (at least for the average person, enterprises do store other keys in it).

replies(3): >>35846471 #>>35847307 #>>35847332 #
1. Hawxy ◴[07 May 23 02:25 UTC] No.35847307[source]
> TPM2.0 is used only by bitlocker

This isn't true at all, Windows Hello uses it as a secure credentials store.