Posted on Friday, August 12 2016 @ 0:50 CEST by Thomas De Maesschalck
On the bright side, this makes the installation of Linux or other operating systems easier on a variety of devices, but the bad news is that this threatens to make Secure Boot useless against advanced bootkits and rootkits.
You can see how this is very bad!! A backdoor, which MS put in to secure boot because they decided to not let the user turn it off in certain devices, allows for secure boot to be disabled everywhere!The golden keys were discovered in March 2016 by my123 and slipstream. They created a cheesy website that explains what this is about, you can visit it over here. It seems Microsoft put this in Windows 10 Anniversary Update for debugging purposes but accidentally forgot to remove it from the production versions.
You can see the irony. Also the irony in that MS themselves provided us several nice "golden keys" (as the FBI would say ;-) for us to use for that purpose
About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of backdooring cryptosystems with a "secure golden key" is very bad! Smarter people than me have been telling this to you for so long, it seems you have your fingers in your ears. You seriously don't understand still? Microsoft implemented a "secure golden key" system. And the golden keys got released from MS own stupidity. Now, what happens if you tell everyone to make a "secure golden key" system? Hopefully you can add 2+2...
Microsoft attempted to patch it but the researchers claim the patch doesn't do anything useful. In fact, they doubt whether Microsoft will be able to rectify this big snafu as that would break install media, recovery partitions, backups, etc.
