Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security

This isn't a blow to real security, just to DRM and treacherous computing. There's no legitimate security from "Secure" Boot.

Evil maids?

There was this recent article (here in HN) about these "evil public charging ports that can hack your smartphone" and how there is an entire ecosystem of devices to protect against them.... when in practice no one has heard about any one single example of such evil charging port, and that in practice carrying out such attack is so target-specific and leaves so many warnings signs that the entire thing sounds implausible to say the least.

These evil maids are even more implausible than that. Has to be ridiculously targeted. If you are really targeted by such a powerful state-like entity, wouldn't it make much more sense for them to just send a NSA letter to Intel (or whatever the weakest link in your chain is, and there are plenty of extremely weak chains here, like the BIOS manufacturer) and/or backdoor the hell out of it?

Secure Boot was never about security for normal users nor security for the majority of us. This is like https://xkcd.com/1200/ all over again. At the point the attacker can write arbitrary bytes to your hard disk, its way past the point where the majority of users care.

EM isn't needfully a targeted attack: almost everyone is running x86_64

it'd just be a matter of replacing a binary with a iffy'd version that runs before any decryption happens, e.g. replacing plymouth.

This isn't hard to do in the slightest? I think even you or I could do it.

But with secureboot, replacing a binary in the loading chain isn't an option.

I don't think I could convince intel to install a bug for me.

https://blog.invisiblethings.org/2011/09/07/anti-evil-maid.h... is a good descriptor of how it all comes together