Microsoft 'Secure Boot' Cracked

Dr. Roy Schestowitz

2011-11-18 15:43:43 UTC
Modified: 2011-11-18 15:55:37 UTC

Alone

Summary: The mechanism which secures Microsoft from Linux growth is not delivering whatever 'features' Microsoft alleged that it would

MICROSOFT has been marketing as "security" a mechanism that complicates or blocks GNU/Linux [1, 2, 3, 4, 5, 6, 7] . Well, via Slashdot we found this report which defeats Microsoft's excuse:

At the upcoming MalCon security conference in Mumbai, Austrian independent developer and security analyst Peter Kleissner is scheduled to release the first known "bootkit" for Windows 8—an exploit that is able to load from a hard drive's master boot record and reside in memory all the way through the startup of the operating system, providing root access to the system. The exploit allegedly defeats the security features of Windows 8's new Boot Loader. However, Kleissner said in a message exchange with Ars Technica that the exploit did not currently target the Unified Extensible Firmware Interface (UEFI), but instead went after legacy BIOS. Kleissner said he has shared his research and paper and the paper he plans to present, "The Art of Bootkit Development," with Microsoft.

So, what's the point of it then? People have predicted this all along. ⬆

Comments

Michael

2011-11-18 17:33:56

You mean security measures are not a 100% assurance!

Wow.

Thanks!

Recent Techrights' Posts

KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term): It only serves to distract from real articles
[Meme] EPO for the Kids' Future (or Lack of It): Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration: At the moment the casualties of EPO corruption include the EPO's own staff
Topics We Lacked Time to Cover: Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions: Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago): Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024: IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up: Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users: Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading: Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month: Two more doctorate degrees
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024: IRC logs for Wednesday, November 20, 2024
Gemini Links 20/11/2024: Game Recommendations, Schizo Language: Links for the day
Growing Older and Signs of the Site's Maturity: The EPO material remains our top priority
Did Microsoft 'Buy' Red Hat Without Paying for It? Does It Tell Canonical What to Do Now?: This is what Linus Torvalds once dubbed a "dick-sucking" competition or contest (alluding to Red Hat's promotion of UEFI 'secure boot')
Links 20/11/2024: Politics, Toolkits, and Gemini Journals: Links for the day
Links 20/11/2024: 'The Open Source Definition' and Further Escalations in Ukraine/Russia Battles: Links for the day
[Meme] Many Old Gemini Capsules Go Offline, But So Do Entire Web Sites: Problems cannot be addressed and resolved if merely talking about these problems isn't allowed
Links 20/11/2024: Standing Desks, Broken Cables, and Journalists Attacked Some More: Links for the day
Links 20/11/2024: Debt Issues and Fentanylware (TikTok) Ban: Links for the day
Jérémy Bobbio (Lunar), Magna Carta and Debian Freedoms: RIP: Reprinted with permission from Daniel Pocock
Jérémy Bobbio (Lunar) & Debian: from Frans Pop to Euthanasia: Reprinted with permission from Daniel Pocock
This Article About "AI-Powered" is Itself LLM-Generated Junk: Trying to meet quotas by making fake 'articles' that are - in effect - based on plagiarism?
Recognizing invalid legal judgments: rogue Debianists sought to deceive one of Europe's most neglected regions, Midlands-North-West: Reprinted with permission from Daniel Pocock
Google-funded group distributed invalid Swiss judgment to deceive Midlands-North-West: Reprinted with permission from Daniel Pocock
Gemini Links 20/11/2024: BeagleBone Black and Suicide Rates in Switzerland: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 19, 2024: IRC logs for Tuesday, November 19, 2024