←back to thread

Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security

(securityonline.info)
658 points transpute | 6 comments | 06 May 23 17:39 UTC | HN request time: 1.057s | source | bottom
Show context
mjg59 ◴[06 May 23 20:26 UTC] No.35845088[source]
The pervasiveness of secure boot has genuinely made things difficult for attackers - there'd have been no reason for the Black Lotus bootkit to jump through all the hoops it did if it weren't for secure boot, and the implementation of UEFI secure boot does make it possible to remediate in a way that wouldn't be the case without it.

But secure boot at the OS level (in the PC world, at least) is basically guaranteed to give users the ability to enable or disable it, change the policy to something that uses their own keys, and ensure that the system runs the software they want. When applied to firmware, that's not the case - if Boot Guard (or AMD's equivalent, Platform Secure Boot) is enabled, you don't get to replace your firmware with code you control. There's still a threat here (we've seen firmware-level attacks for pre-Boot Guard systems), but the question is whether the security benefit is worth the loss of freedom. I wrote about this a while back (https://mjg59.dreamwidth.org/58424.html) but I lean towards thinking that in most cases the defaults are bad, and if users want to lock themselves into only using vendor firmware that's something that users should be able to opt into.

replies(3): >>35847100 #>>35847323 #>>35849078 #
Dalewyn ◴[07 May 23 02:28 UTC] No.35847323[source]
>the question is whether the security benefit is worth the loss of freedom.

At least as far as Benjamin Franklin would tell you: No.

replies(2): >>35847568 #>>35848234 #
1. stevefan1999 ◴[07 May 23 03:15 UTC] No.35847568[source]
Absolutely agree on here as Benjamin Franklin once said: "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
replies(2): >>35847600 #>>35848456 #
2. mjg59 ◴[07 May 23 03:21 UTC] No.35847600[source]
The freedom to choose which software runs on your computer is also the freedom to choose that certain software shouldn't run on your computer. The freedom to make that decision should be left up to the individuals rather than being imposed on them, but making an explicit choice that my computer should only run specific firmware builds is an expression of freedom, not a rejection of it.
replies(1): >>35860294 #
3. simonh ◴[07 May 23 06:27 UTC] No.35848456[source]
The key term there is “essential liberty”, by which he meant political rights. Choosing to delegate management of a computer’s firmware to a third party firstly isn’t giving away any political rights, and is a rational choice in some circumstances. It’s a choice I might make for some computers I own or operate, and not others. Suggesting that this choice has anything to do with what Franklin was talking about is nonsense on stilts.
replies(1): >>35850802 #
4. salawat ◴[07 May 23 12:34 UTC] No.35850802[source]
Yes, delegating firmware management unaudited is giving away political rights. You do not know what is in there.

The ones who write the code make the rules. The ones who make the rules, wield power. Those that are attracted to the exercise of power, inevitably abuse it.

Trying to handwave that "computer says no" couldn't possibly be abused to political ends is literally shoving your head in the sand. DRM would not be a thing if computing was fundamentally apolitical.

replies(1): >>35851687 #
5. simonh ◴[07 May 23 14:09 UTC] No.35851687{3}[source]
> The ones who write the code make the rules…

Any code I didn’t write myself, from the ground up using no third party components, in a language I developed, ‘could’ possibly be abused in this way. Even then, do I have to also write the microcode in the chip as well, and supervise the fab? This extreme absolutist stance is completely non viable. I certainly don’t see how I could live life taking that level of extreme paranoid seriously, or how anyone could in an advanced technological society.

The whole point of laws and government is to outsource such concerns. That’s why free speech, the rule of law and democracy matter so much. Those are the essential freedoms he was talking about. Everything else is based on those, because with those you don’t need to trust the vendor, because your legal rights will be protected.

So sure, essential freedoms are exactly that, essential, but extending that to absurd lengths is fuzzy thinking that obscures what’s actually important by confusing it with things that aren’t practically attainable generally anyway.

6. account42 ◴[08 May 23 11:12 UTC] No.35860294[source]
Except that describes a fantasy reality and not our reality where the user has no say and even if you are lucky enough to be able to run the software that you want it won't have access to the keys demanded by third parties like the media industry. The mere existence of "trusted comuting" is a threat to free computing.