MSI accidentally disables Secure Boot on hundreds of its motherboards:
One of the latest MSI UEFI updates accidentally disabled Secure Boot technology on hundreds of its motherboards, reports Bleeping Computer. As a consequence, over 290 motherboards for AMD and Intel processors can run insecure operating systems, which can be harmful.
MSI's firmware update version 7C02v3C released on January 18, 2022, comes with Image Execution Policy set to 'Always Execute' by default, which allows the PC to boot an operating system that lacks proper signature by its developer. This means that a computer can boot an OS that may have been tampered with, which is an insecure policy as the operating system may be infected or have malicious intent.
The discovery was recently made by Polish security researcher named Dawid Potocki. The researcher noted that he contacted MSI, but did not receive any response, which essentially means that so far the motherboard maker has not fixed its Secure Boot.
See article for a list of motherboard models.
(Score: 1, Interesting) by Anonymous Coward on Saturday January 21 2023, @02:49PM (1 child)
Then what is the point, other than to make it harder to install linux? The only related matter is a warning that I can't use some drivers as secure boot is.not enabled. Which is a serious wtf. Why would loading drivers ever be related to how the OS boots. If I want to trust a driver I should be able to install it. Otherwise, why bother having it.
(Score: 0) by Anonymous Coward on Tuesday January 31 2023, @12:17AM
The people who devise this crap, like "secure boot", are maybe 1/4 as smart as the attackers.
To make it worse, the people who devise this stuff are much better at convincing others that their hairbrained ideas are the be-all and end-all of security.
tl;dr: "Security" people are usually much better at posturing and selling than innovating security.