Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Crack Microsoft Feature, Say Encryption Backdoors Similarly Crackable (thehill.com)

Posted by msmash on from the crackable-world dept.

An anonymous reader writes: Researchers who uncovered a security key that protects Windows devices as they boot up say their discovery is proof that encryption backdoors do not work. The pair of researchers, credited by their hacker nicknames MY123 and Slipstream, found the cryptographic key protecting a feature called Secure Boot. They believe the discovery highlights a problem with requests law enforcement officials have made for technology companies to provide police with some form of access to otherwise virtually unbreakable encryption that might be used by criminals. "Microsoft implemented a 'secure golden key' system. And the golden keys got released from [Microsoft's] own stupidity," wrote the researchers in their report, in a section addressed by name to the FBI.

6 of 86 comments (clear)

  1. Dear God by TechyImmigrant · · Score: 3, Informative

    That web site is annoying. 8 bit game music and the text jitters.

    --
    I should use this sig to advertise my book ISBN-13 : 978-1501515132.
  2. Unbelievably obnoxious fucking article by Anonymous Coward · · Score: 2, Informative

    Rotating golden key, moving starfield and crappy text. Virtually unreadable article. WTF?

  3. That "Microsoft Feature" is Secure Boot by Anonymous Coward · · Score: 5, Informative

    Microsoft made a signed policy file which can be used with a Microsoft signed UEFI boot loader to turn off Secure Boot, and accidentally (?) published that policy with the Windows 10 anniversary update. Using this policy, Secure Boot can even be disabled on systems that won't allow the owner to disable it. And of course, this can be used to turn off Secure Boot remotely, so basically Microsoft eradicated any benefit that Secure Boot might have had. Now it's just annoying.

    1. Re:That "Microsoft Feature" is Secure Boot by Anonymous Coward · · Score: 2, Informative

      The obvious problem is that they can't revoke the key that enables the boot loader, because that would stop countless devices from booting installation media, recovery partitions and restored systems. They can revoke the key that enables the policy, but anybody with admin rights can replace the boot loader with an older version that doesn't have this key blacklisted, and use that to disable Secure Boot. The magnitude of this fuck-up can hardly be overestimated.

    2. Re:That "Microsoft Feature" is Secure Boot by AmiMoJo · · Score: 4, Informative

      http://arstechnica.com/apple/2...

      Just Google it next time.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  4. "Government only" keys do not exist by Opportunist · · Score: 4, Informative

    Dear politicians: There will never be a backdoor key that only your law enforcement will have. Such things tend to be very, very valuable. Being able to decrypt any and all trade secrets is valuable. At a level where nation states start to be interested, not just some petty criminals, or even large criminal entities. Governments are interested. And they tend to have very, very deep pockets. Pockets deep enough that pretty much anyone becomes open for bribes. And if bribes don't work, well, there are other ways to be convincing.

    Any key you have will also be held by Iran, Russia and probably even North Korea within reasonable time. That backdoor game is an odd one: The only winning move is not to play it.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.