From PC World: Secure Boot, a tool that’s built into hundreds of millions of PCs to keep them from loading unverified software via UEFI, is a fundamental cornerstone of modern computer security. It uses cryptographic signatures in hardware components to make sure that nothing connected to your PC can load up code that you (or at least the PC) haven’t verified. That’s why cryptographic key leaks are such a big deal.
Security research firm Binarly reports that leaked cryptographic keys have compromised hardware from several major vendors in the PC industry, including Dell, Acer, Gigabyte, Supermicro, and even Intel. Eight percent of firmware images released in the last four years are compromised, with 22 untrusted keys discovered immediately.
And according to an Ars Technica post, “more than 200 device models” from these vendors are affected by one particular key that was posted to an open GitHub repository in late 2022.
Binarly is calling the exploit “PKfail.” The meat and bones of the situation is that a lot of devices in both the consumer and B2B spaces are now vulnerable to attacks on the boot process. This is one of the most dangerous ways in which a computer can be compromised, though attacks do need to be particularly complex to succeed.
View: Full Article