| |||||||||||||
LSS: Secure BootLSS: Secure BootPosted Sep 24, 2012 0:36 UTC (Mon) by mjg59 (subscriber, #23239)In reply to: LSS: Secure Boot by nix Parent article: LSS: Secure Boot
If you wanted to attack Windows in the current non-Secure Boot world, the single most valuable thing would be the ability to sign arbitrary code as a valid Windows driver. But, somehow, nobody's managed to get hold of Microsoft's key. Now, to be fair, part of that's because vendor keys have been easier to get hold of (see Stuxnet), but even so having the Microsoft key would be an advantage - if you've got the root then there's no process for revoking existing installations. And yet it hasn't been leaked.
(Log in to post comments)
LSS: Secure Boot Posted Sep 24, 2012 8:41 UTC (Mon) by nix (subscriber, #2304) [Link]
True enough. Still, the paranoid in me sees a billion or so eggs landing in one basket, and thinks 'this is *wrong*, this is *stupid*'.
LSS: Secure Boot Posted Sep 24, 2012 9:07 UTC (Mon) by hummassa (subscriber, #307) [Link]
> Now, to be fair, part of that's because vendor keys have been easier to get hold of
No, that's not "part of that". s/part of //. The security process stops at the easier way to the threat to get what he wants. Threats can and will leak keys from Microsoft (remember NT4/XP source code?) if that's the easier way of signing device drivers. As vendor keys are currently easier to get hold of, and they do the job just fine (because there are a lot of vendors and IIRC once the keys were revoked another version of Stuxnet signed with another key popped up) the threats don't need to go after MS.
Security = you don't have to outrun the beast, you have to outrun the friend beside you.
|
|||||||||||||