04.07.13

UEFI Restricted Boot No Longer Valid for Security, Keys Leaked

Posted in Antitrust, GNU/Linux, Microsoft, Security at 2:30 pm by Dr. Roy Schestowitz

As much about security as multimedia DRM

Drip

Summary: Antitrust offences with UEFI restricted boot can no longer be defended as an act of enhancing security because keys are leaking

A Fedora developer was the first to embrace Microsoft’s restricted boot, so Fedora was usually ahead of the curve when it comes to it and it shows.

Torvalds criticised Red Hat for complicity with Microsoft [1, 2] after he had slammed restricted boot as something that would not improve security. He was right. Keys were inevitably leaked, leaving UEFI restricted boot (which former Novell/SUSE developers too helped promote) in a position where it is only an antitrust issue and nothing to do with computer security, just protectionism. As one new article puts it, the “Linux Lawsuit Shines Uncomfortable Light on UEFI Standard” and a Restricted Boot proponent leads with this news about UEFI signing keys getting leaked:

A hardware vendor apparently had a copy of an AMI private key on a public FTP site. This is concerning, but it’s not immediately obvious how dangerous this is for a few reasons. The first is that this is apparently the firmware signing key, not any of the Secure Boot keys. That means it can’t be used to sign a UEFI executable or bootloader, so can’t be used to sidestep Secure Boot directly. The second is that it’s AMI’s key, not a board vendor – we don’t (yet) know if this key is used to sign any actual shipping firmware images, or whether it’s effectively a reference key. And, thirdly, the code apparently dates from early 2012 – even if it was an actual signing key, it may have been replaced before any firmware based on this code shipped.

But there’s still the worst case scenario that this key is used to sign most (or all) AMI-based vendor firmware. Can this be used to subvert Secure Boot? Plausibly. The attack would involve producing a new, signed firmware image with Secure Boot either disabled or with an additional key installed, and then to reflash that firmware. Firmware images are very board-specific, so unless you’re engaging in a very targeted attack you either need a large repository of firmware for every board you want to attack, or you need to perform in-place modification.

Now we know that UEFI restrictions had nothing to do with security and eventually became just a competition barrier. Rather than cracking we are seeing leaking as the end of UEFI restricted boot’s (or ‘secure’ boot’s) reputation. █

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.

Permalink Mail Send this to a friend

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New

Benefits of Ubuntu's Derivatives: MATE, Cinnamon, and the Depth Desktop Environment

The power of deviation as demonstrated by Linux Mint and Linux Deepin, two of the more widely used derivatives of Ubuntu
Don't Rule Out Gentoo, Slackware, and Mandriva Just Yet

How distributions which were largely forgotten some years ago are making a comeback and spawning new derivatives
State-of-the-Art Gaming on GNU/Linux Not Only Possible But Becoming Default Option, Hardware Products

GNU/Linux as the operating system of gaming consoles no longer a far-fetched dream; companies other than Valve explore these possibilities
Links 8/12/2013: Applications and Instructionals

Links for the day
Drifting Away From Copyleft in Databases

Databases which are Free/Open Source software (FOSS) are becoming less liberal/freedom-respecting while deceiving labels hide it
Roman Catholic Church Joins Opposition to 'Trade' Agreements

The Church which claims to have 1.2 billion members is expressing dissatisfaction and opposition to TPP and TAFTA/TTIP
'Unauthorised' Programming and What It Means to Software Freedom

DRM and DMCA versus society, or how operation-restricting legal mechanisms are affecting coders, for whom not only software patents are now a creativity wall
Assassinations by Drone Make the West Hypocritical on Syria

Putting in context the cycle of violence which the West uses to justify indefinitely detaining the domestic population, assassinating parts of it, and spying on everyone (even domestically, using loopholes)
Links 6/12/2013: KDE and GNOME News

Links for the day
Links 6/12/2013: NSA News

Links for the day
Microsoft Sued Over Collusion With the NSA, Microsoft Issues Orwellian Statements

Microsoft is lying about privacy of its customers and the Free Software Foundation (FSF) responds
To Oracle, 'Community' Means Paying Oracle Customers

Oracle continues to extend only its own distribution of GNU/Linux (which is a ripoff of another), leaving everyone else out in the cold
Patent Policy Change a Victory for Large Corporations, Real Reform Remains Elusive

Patent extortion and litigation by proxy still permitted in the United States, even after the passage of a celebrated (by corporations) new bill
A Western Assault on GNU/Linux Security and Privacy

Governments (which are dominated by corporations) continue to make security hard as part of a campaign to spy on everyone under claims that it helps "national security" (control from above)
The Copyright Cartel Takes Over Schools to Deceive and Indoctrinate Children

Schools become a target of shameless copyright propaganda and promotion (advertising) of copyright boosters/maximalists
While Nokia Becomes Microsoft's Anti-Linux Litigation Front, Pre-Elop Nokia Revived, Jolla Sells All Available Phones

More of the old products of Nokia are brought back to life owing to former Nokia staff while existing Nokia staff, led by a Microsoft mole, continues to attack Linux-powered phones with patents
Custom-built Distributions and the 2,000+ GNU/Linux Distributions Listed by Softpedia

Customisation for different users, localisations, system ages etc. motivate plurality and diversity, which now yields thousands of packaged (for installation) GNU/Linux images
Links 4/12/2013: Games News

Links for the day
NSA Leaks: Still Yielding New Scandals, But Fewer Than Before

A roundup of news about cracking, sabotage, privacy infringement and illegal surveillance by the NSA and its allies
Links 3/12/2013: Screenshots

Links for the day
Links 3/12/2013: Applications and Instructionals

Links for the day
Apple and Microsoft Claim Patent Tax on GNU/Linux, Red Hat's Response Too Weak

GNU/Linux is said to be among the targets for illegal extortion, but even self-professed backers of GNU/Linux aren't interested in addressing this problem
GNU is Not Linux: Richard Stallman Explains the Origins of GNU

Stallman tells Techrights/TechBytes lesser-known details about the birth of GNU in the early 1980s
Reminder to Corporate Press: PHP is Not Linux

Reporting on scare-mongering from Symantec mostly off target
Bill Gates Brings NSA-esque Surveillance to Children

Plutocrats are using US schools to indoctrinate, control, and even spy on tomorrow's adults
Culture of Violence a Disservice to National Security

How a culture of unprecedented violence leads to less security and more hostility towards the West
Anti-GNU/Linux Campaigns Are Not Left Behind at Microsoft, Only the Brands Change

Microsoft's offensive and facts-free campaigns still target products which run GNU/Linux, even if the "G" and "L" words are not mentioned (Chromebooks/Google are the target now)
Links 1/12/2013: Android News

Links for the day
Liberating Devices From Android Using Replicant, Not CyanogenMod

Why Android is not enough and why CyanogenMod is not the solution, Replicant is
Links 30/11/2013: Ubuntu News

Links for the day