Bonum Certa Men Certa

UEFI Restricted Boot No Longer Valid for Security, Keys Leaked

As much about security as multimedia DRM

Drip



Summary: Antitrust offences with UEFI restricted boot can no longer be defended as an act of enhancing security because keys are leaking

A Fedora developer was the first to embrace Microsoft's restricted boot, so Fedora was usually ahead of the curve when it comes to it and it shows.



Torvalds criticised Red Hat for complicity with Microsoft [1, 2] after he had slammed restricted boot as something that would not improve security. He was right. Keys were inevitably leaked, leaving UEFI restricted boot (which former Novell/SUSE developers too helped promote) in a position where it is only an antitrust issue and nothing to do with computer security, just protectionism. As one new article puts it, the "Linux Lawsuit Shines Uncomfortable Light on UEFI Standard" and a Restricted Boot proponent leads with this news about UEFI signing keys getting leaked:

A hardware vendor apparently had a copy of an AMI private key on a public FTP site. This is concerning, but it's not immediately obvious how dangerous this is for a few reasons. The first is that this is apparently the firmware signing key, not any of the Secure Boot keys. That means it can't be used to sign a UEFI executable or bootloader, so can't be used to sidestep Secure Boot directly. The second is that it's AMI's key, not a board vendor - we don't (yet) know if this key is used to sign any actual shipping firmware images, or whether it's effectively a reference key. And, thirdly, the code apparently dates from early 2012 - even if it was an actual signing key, it may have been replaced before any firmware based on this code shipped.

But there's still the worst case scenario that this key is used to sign most (or all) AMI-based vendor firmware. Can this be used to subvert Secure Boot? Plausibly. The attack would involve producing a new, signed firmware image with Secure Boot either disabled or with an additional key installed, and then to reflash that firmware. Firmware images are very board-specific, so unless you're engaging in a very targeted attack you either need a large repository of firmware for every board you want to attack, or you need to perform in-place modification.


Now we know that UEFI restrictions had nothing to do with security and eventually became just a competition barrier. Rather than cracking we are seeing leaking as the end of UEFI restricted boot's (or 'secure' boot's) reputation.

Recent Techrights' Posts

Alleged Layoffs at IBM Consulting in Australia
IBM loses many government contracts these days
The Rumours Were Likely True: Sixth Wave of Microsoft Mass Layoffs in 2025 (Days After "50" Anniversary and About 5,000 Layoffs)
5 hours ago, by Ashley Stewart
IBM and MCC: Layoffs Coming Again to Metro Connect Company Limited (MCC) as Tariffs Bite and IBM's Shares Fall
Blacklists applicable to Chinese suppliers also mean that IBM can no longer cooperate with key partners in Asia
Go Static
Please don't Go(lang) or JavaScript or PHP or...
Keeping Track of Microsoft Layoffs in 2025
So here's a quick roundup of 2025
The Sixth Anniversary of the Lightweight Alternative to the Web (Gemini Protocol)
Now 11 short of 3,000 active capsules. 65 short of 4,500 total.
People Are Sick of LLM Slop. Offer Them Alternatives.
We never used LLM slop for anything and we never will
 
Mozilla Firefox Already Down to 1% in Brazil
Don't people crave the surveillance and the slop?
Links 10/04/2025: Hardware, Politics, and Internet
Links for the day
Gemini Links 10/04/2025: Creativity and Agitation, Life in the USA, CSS Naked Day 2025
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 09, 2025
IRC logs for Wednesday, April 09, 2025
Malware in Proprietary Software - Latest Additions
Original by Free Software Foundation, Inc.
Links 09/04/2025: More Trade Wars and Wars, Chinese Army Troops Found Fighting in Ukraine
Links for the day
Linux Clickbait by Slop
Give it up for Brian Fagioli, the Serial Slopper
Microsoft's Entire Premise for Its Future Existence Goes Up in Flames
32 minutes ago
GNU/Linux on a High in Colombia
Stereotypes much?
Techrights Be Like...
K.I.S.S.
Gemini Links 09/04/2025: Autism, Cybersecurity, and LLMs Attacking Services Online
Links for the day
GNU/Linux Would be Measured at Over 5% Globally (by statCounter) Had the Data in India Not Been Changed
GNU/Linux grew a lot in many countries and has expanded since then
Links 09/04/2025: Quartz Fires All Writers (Shutdown, LLM Slop or Slopfarm Instead), "Bitcoin Is Crashing Hard"
Links for the day
Web Surveyor statCounter Sees Apple's macOS Falling From 5.6% to 3.6% in Two Months, It Might Soon be Smaller Than GNU/Linux
Apple's "value" (faked, exaggerated) is back to "pandemic times"
UK House of Lords Recognises the SLAPP Issue in the UK and EFF Pursues "Bill (That) Could Put A Stop To Censorship By Lawsuit" in the US
"A House of Lords inquiry into how the news industry can survive into the future has accused the government of “failing to prioritise” action on strategic lawsuits against public participation (SLAPPs)."
Open Source Initiative (OSI) Privacy Fiasco in Detail: Seeking Class Action Against the OSI
"LETTER SEEKING CLASS ACTION REPRESENTATION"
The Value of Slop, by Alexandre Oliva
Original by Alexandre Oliva
Gemini Links 09/04/2025: Neocities, Tinylogs, and Inter-community Protocols
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 08, 2025
IRC logs for Tuesday, April 08, 2025
You Can Be an A--hole to Women (Even Strangle Women) as Long as You Work for Microsoft
Recalling the Mark Shuttleworth origin story
Canonical is a Proprietary Software Reseller With a 'Debian Base'
"Canonical Ubuntu" is just Debian with some proprietary things sold on top of it
statCounter Sees Microsoft Bing at Lowest Level Since Last Summer
Since 2023 Bing has repeatedly had layoffs
Nearly 5,000 Microsoft Layoffs Disclosed on Week of Microsoft 'Anniversary' (Media Noise), The HR Digest Says More Layoffs Coming
more "Microsoft layoffs on the horizon"
Windows "Market Share" Down to 1% in Sudan, Based on statCounter
Among those 1% who use Windows to access the Web fewer than 30% are on Vista 11
People Who Facilitate Truth Will Always Win at the End
"Just always stick to the truth"
Slopwatch: LinuxTechLab, linuxsecurity.com, "Cyber Security News" and More LLM Slopfarms
So the Web has this bunch of slopfarms pretending to "cover" GNU/Linux
Links 08/04/2025: More Mass Layoffs Expected at Microsoft (Gaming), Fentanylware (TikTok) Unsold
Links for the day
Gemini Links 08/04/2025: "Shared Ownership" and Rant About Scrapers
Links for the day
Links 08/04/2025: Microsoft Shrinking, Oracle's Clown Computing Cracked
Links for the day
Walmart Vizio TVs Scream At Immigrants to Leave America
Reprinted with permission from Ryan Farmer
Stolen Credit Card and LinkedIn. DHS Spies on Immigrant Social Media.
Reprinted with permission from Ryan Farmer
How Corporations Such as Microsoft Try to Crush Critics and Dissolve Activism
Stay focused
Wikipedia Can Lower Its Hosting Bill by Going More Static, Not Just by Caching, But It Would Not Solve Its Biggest Problems (Bribes and AstroTurfing)
For about 15 years we had a Wiki in this site
At 50, Microsoft Has Over 100 Billion Dollars in Debt and Less Than 25% "Market Share" (Windows)
statCounter basically sees less than a quarter of Web requests coming from Windows
linuxhint.com Died 12 Months Ago (After Adopting Image Slop)
Zombie sites
LLM Slop Will Eventually Stop Due to High Costs, Worse Training Sets (Polluted Models Ingesting Their Own Junk), and No Real Returns
This too shall pass
Urgent Need for SLAPP Litigation Transparency
Microsofters really want to shut us up
Courage is Contagious
I became a witness to acts of great courage from EPO examiners
On Shutdowns and 2,000 More Layoffs at Microsoft (10,000 Microsoft Staff May Have Already Been Laid Off in 2025)
Microsoft tries to hide and belittle mass layoffs; its data centre business also flounders, so it issues puff pieces about some anniversary over and over again
Gemini Links 08/04/2025: Gabbro 0.1.4 and Disillusioned With Social Control Media
Links for the day
Microsoft Windows in Jordan: From 99% Down to 10%
This is becoming more "normal"
Open Source Initiative (OSI) Privacy Fiasco in Detail: A "Deep Dive" Into the Complaint at the California Privacy Protection Agency
There are many facets to it and it may be the first complaint of several
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, April 07, 2025
IRC logs for Monday, April 07, 2025