SoylentNews is people
SoylentNews
Microsoft leaked the golden keys that unlock Windows-powered tablets, phones and other devices sealed by Secure Boot – and is now scrambling to undo the blunder.
These skeleton keys can be used to install non-Redmond operating systems on locked-down computers. In other words, on devices that do not allow you to disable Secure Boot even if you have administrator rights – such as ARM-based Windows RT tablets – it is now possible to sidestep this block and run, say, GNU/Linux or Android.
What's more, it is believed it will be impossible for Microsoft to fully revoke the leaked keys.
And perhaps most importantly: it is a reminder that demands by politicians and crimefighters for special keys, which can be used by investigators to unlock devices in criminal cases, will inevitably jeopardize the security of everyone.
Microsoft's misstep was uncovered by two researchers, MY123 and Slipstream, who documented their findings here in a demoscene-themed writeup published on Tuesday. Slip believes Microsoft will find it impossible to undo its leak.
[Continues...]
[...] People are particularly keen to unlock their ARM-powered Surface fondleslabs and install a new operating system because Microsoft has all but abandoned the platform. Windows RT is essentially Windows 8.x ported to 32-bit ARMv7-compatible processors, and Microsoft has stopped developing it. Mainstream support for Surface RT tabs runs out in 2017 and Windows RT 8.1 in 2018.
A policy similar to the leaked debug-mode policy can be used to unlock Windows Phone handsets, too, so alternative operating systems can be installed. A policy provision tool for Windows Phone is already available. We expect to hear more about that soon.
[...] The Secure Boot policies Microsoft is rushing to revoke can't be used to backdoor conversations or remotely hijack systems, but they remind us that this kind of information rarely stays secret.
"This is a perfect real world example about why your idea of backdooring cryptosystems with a 'secure golden key' is very bad," Slipstream wrote, addressing the FBI in particular.
"Smarter people than me have been telling this to you for so long. It seems you have your fingers in your ears. You seriously don't understand still? Microsoft implemented a 'secure golden key' system. And the golden keys got released by Microsoft's own stupidity. Now, what happens if you tell everyone to make a 'secure golden key' system?"
The article goes into considerable background on the leaked keys and how you can use them to circumvent Secure Boot. Happy hacking to anyone who has (or can get a good deal on) a Windows RT tablet!
(Score: 3, Insightful) by Azuma Hazuki on Thursday August 11 2016, @04:50AM
It's easy until the ones doing the controlling start hurting you. This crap is precisely why I started on Linux over 12 years ago (yeeee gods, has it been THAT long already...?). Mostly everything you said up there was completely true, and sad to say I think we've lost this one: the technology is too ubiquitous and the knowledge gap too great to save the system as it is now. Things are going to have to collapse, to some degree or another, before they improve.
I am "that girl" your mother warned you about...
(Score: 0) by Anonymous Coward on Thursday August 11 2016, @06:32PM
While there were suspicions about the capability to coopt computer hardware (especially x86) since the mid 90s (SMM/option roms before all the modern stuff became standard), it is becoming increasingly difficult to have both hardware and software you can trust. All of the ARM/x86 hardware has drm and signed firmware baked in that makes it possible there are integrated escalation attacks an owner of the hardware can't easily filter, omit, or disable. And on the software side the majority of software both proprietary and libre is run by the same few dozen organizations, many of which have lots to lose if they don't toe a great deal of government's lines, and who may either put pressure on, or simply plant a mole in their development teams in order to ensure exploits are available in the event future attacks, either targeted or broad are deemed necessary.
While it is possible some niche device that respects end users control, ownership, and privacy above that of corporations and governments will be made available, so far it hasn't, and all the in development hardware that could be made capable of that has so far not made it into products outside the realm of embedded systems (see J2 and RISC-V derivatives.) There are currently patent free busses fully capable of integrating with 'closed/encumbered' busses like PCI Express to allow us to build systems to take full advantage of modern peripheral hardware for maximum performance, but nobody producing hardware seems to be putting in the work to make it happen at a price point that would lead its sales to scale.