Researchers Crack Microsoft Feature, Say Encryption Backdoors Similarly Crackable

An anonymous reader writes: Researchers who uncovered a security key that protects Windows devices as they boot up say their discovery is proof that encryption backdoors do not work. The pair of researchers, credited by their hacker nicknames MY123 and Slipstream, found the cryptographic key protecting a feature called Secure Boot. They believe the discovery highlights a problem with requests law enforcement officials have made for technology companies to provide police with some form of access to otherwise virtually unbreakable encryption that might be used by criminals. "Microsoft implemented a 'secure golden key' system. And the golden keys got released from [Microsoft's] own stupidity," wrote the researchers in their report, in a section addressed by name to the FBI.

proof that encryption backdoors do not work

proof that [anything developed by Microsoft does] not work.

FTFY.

That "Microsoft Feature" is Secure Boot

Microsoft made a signed policy file which can be used with a Microsoft signed UEFI boot loader to turn off Secure Boot, and accidentally (?) published that policy with the Windows 10 anniversary update. Using this policy, Secure Boot can even be disabled on systems that won't allow the owner to disable it. And of course, this can be used to turn off Secure Boot remotely, so basically Microsoft eradicated any benefit that Secure Boot might have had. Now it's just annoying.

challenge accepted!

Show me an unhackable machine and I'll show you my bare arse.

Sounds like an easily exploitable security hole to me...

Re:Microsoft; Secure? Bwahahaha!

[clubby]

That implies that it was once respected. I think it's more accurate to say that their security has *always* been a joke.