| |||||||||||||
SFLC: Microsoft confirms UEFI fears, locks down ARM devicesSFLC: Microsoft confirms UEFI fears, locks down ARM devicesPosted Jan 13, 2012 17:21 UTC (Fri) by raven667 (subscriber, #5198)In reply to: SFLC: Microsoft confirms UEFI fears, locks down ARM devices by bricef Parent article: SFLC: Microsoft confirms UEFI fears, locks down ARM devices
Protecting the keys in a situation like this is stupidly easy because your need to interface with the private keys is so limited. IIUC all they need to do is be able to sign the signature of the kernel when the kernel is updated, that can be done entirely offline by manual data entry from printouts. It'll be a bit of an inconvenience but should have a reasonable turnaround time for updates and be protected from attack up to and including a stuxnet type worm.
(Log in to post comments)
SFLC: Microsoft confirms UEFI fears, locks down ARM devices Posted Jan 13, 2012 18:26 UTC (Fri) by bricef (guest, #80336) [Link]
I wasn't thinking of a digital attack actually. I expect that those kind of keys are behind an airgap, and that microsoft will have learnt a lesson form stuxnet and the virus hitting the us drone control centers. I was thinking of a disgruntled employee or actual physpen.
Regardless, I just think it's really silly to paint such a big target on your own back. Besides the fact that what they're doing hurts everyone, it's conspicuous and, frankly, given the spotlight already directed at UEFI, moronic. (If it's even legal.) and will attract the exact kind of attention that you really don't want.
What's a real shame is that the average smartphone consumer will be hurt most if this goes through, but that they're unaware of the issue and the implications. The irony is that they have the power to vote with their wallets, but won't know that they need to.
SFLC: Microsoft confirms UEFI fears, locks down ARM devices Posted Jan 13, 2012 21:38 UTC (Fri) by elanthis (guest, #6227) [Link]
The Xbox keys never got hacked or stolen. Unlike with SecureBoot, the xbox signing keys need to be applied to thousands of binaries from third parties; the SecureBoot keys need only be exposed to a handful of Windows 8 bootloader builds. Microsoft knows how to manage the bank-vault security of their signing keys and processes (well, the Xbox division does, at least; Microsoft is a very, very big company, so it's quite feasible for one division to be highly competent while another is hopelessly idiotic, I suppose).
SFLC: Microsoft confirms UEFI fears, locks down ARM devices Posted Jan 13, 2012 22:21 UTC (Fri) by mpr22 (subscriber, #60784) [Link] The division responsible for Excel certainly had a reputation for being sharper than most of Microsoft.
SFLC: Microsoft confirms UEFI fears, locks down ARM devices Posted Jan 13, 2012 23:30 UTC (Fri) by drag (subscriber, #31333) [Link]
> What's a real shame is that the average smartphone consumer will be hurt most if this goes through, but that they're unaware of the issue and the implications. The irony is that they have the power to vote with their wallets, but won't know that they need to.
I kinda doubt that. If the average consumer was interested in using something other then a Windows OS they wouldn't be purchasing Windows phones, would they?
I know I am suppose to be all upset and bothered buy this, but I can't for the life figure out why shipping a locked down Windows is any worse then shipping a locked down Android phone, Kindle, or a iPhone or a iPod.
The whole thing strikes me a kinda silly. I read the article and their analysis and I was thinking to myself 'Sooo.. exactly why this is so tragic?'. I mean it's generally bad that these devices are locked down, but I fail to see what Microsoft is doing is any worse then what anybody else is doing.
At least they are only interested in locked down their already closed source software. It's not like Apple or many Android vendors that lock down open source using software written by other groups.
SFLC: Microsoft confirms UEFI fears, locks down ARM devices Posted Jan 25, 2012 14:54 UTC (Wed) by jospoortvliet (subscriber, #33164) [Link]
It's not about phones but laptop- and tablet devices. I for one are looking forward to an affordable, reasonably powerful ARM based laptop on which I can run openSUSE. But it's highly likely that those won't come to exist as the ones which get mass-produced are Windows only... In the PC world you can simply wipe windows and have your nice device, the only downsides being the Microsoft tax and possibly hardware support issues. In the ARM world - you're out of luck.
SFLC: Microsoft confirms UEFI fears, locks down ARM devices Posted Jan 13, 2012 23:41 UTC (Fri) by jmorris42 (subscriber, #2203) [Link]
> If it's even legal.
That doesn't matter now does it? How many times did the DoJ go after them? They even 'won' a few against them. None of it mattered. To this day they still charge the per PC license fees and pretty much every practice they pinkie swore to stop doing. And the Europeans haven't had any better luck.
This IS the Xboxing of the PC. Sure they allow the x86 to continue as is for now. Because they see it as a dead end. Besides, if they changed the way the desktop PC works it might anger enough people to get a legal response. Better to just make sure streaming video only plays if you haven't 'rooted' your PC, just like on tablets and phones now with Android. Then the Microsoft App Store won't work on 'rooted' PCs come Windows 9. And ever so slowly the chains slide on. And the future is a boot stamping over and over on a human face.
SFLC: Microsoft confirms UEFI fears, locks down ARM devices Posted Jan 14, 2012 7:06 UTC (Sat) by imgx64 (guest, #78590) [Link]
> And the future is a boot stamping over and over on a human face.
Pun not intended?
SFLC: Microsoft confirms UEFI fears, locks down ARM devices Posted Jan 19, 2012 16:41 UTC (Thu) by cortana (subscriber, #24596) [Link]
I think it's a reference to 1984.
|
|||||||||||||