Secure Boot is completely broken on 200 models from 5 big device makers
Researchers from Binarly found that Secure Boot is compromised on over 200 device models due to a leaked cryptographic key, posing significant security risks until manufacturers issue firmware updates.
Read original articleResearchers from security firm Binarly have revealed that Secure Boot, a security feature designed to protect devices from malware, is compromised on over 200 models from major manufacturers including Acer, Dell, Gigabyte, Intel, and Supermicro. The issue stems from a cryptographic key that was leaked in 2022, which was published in a public GitHub repository. This key is crucial for establishing a secure connection between hardware and firmware. The repository contained the private portion of the platform key, protected by a weak four-character password, making it easy to crack. The compromised key allows unauthorized code to be executed during system boot, posing significant security risks until manufacturers issue firmware updates. Binarly's scans identified 215 devices using the compromised key, which can be recognized by a specific certificate serial number. Furthermore, the researchers found that the key compromise is part of a larger supply-chain issue affecting over 300 additional device models, with some keys marked as "DO NOT SHIP" or "DO NOT TRUST." This situation raises serious concerns about the integrity of Secure Boot across a wide range of devices, highlighting the challenges of revoking compromised keys without rendering many devices unusable. Security experts emphasize the urgency for manufacturers to address these vulnerabilities to restore trust in Secure Boot's protective capabilities.
Related
Vulnerability in Popular PC and Server Firmware
Eclypsium found a critical vulnerability (CVE-2024-0762) in Intel Core processors' Phoenix SecureCore UEFI firmware, potentially enabling privilege escalation and persistent attacks. Lenovo issued BIOS updates, emphasizing the significance of supply chain security.
Secure Boot on Gentoo with Shim and Grub
Enabling Secure Boot on Gentoo involves using shim to launch GRUB, ensuring signed executables during boot. Detailed steps cover key generation, package configuration, bootloader installation, and key enrollment for a secure system.
Dev reports Intel's laptop CPUs are also suffering from crashing issues
Dev reports Intel laptop CPUs facing crashing issues, extending to 13th and 14th-Gen processors. Instability persists despite attempted fixes, impacting flagship Core i9 HX series. Reports suggest widespread degradation, raising concerns for users.
Gamers Nexus: Intel 13th, 14th Gen CPU Oxidation Claims [video]
A YouTube video cautions against using Intel CPUs due to stability issues, lack of transparency, fabrication defects, memory instability, and reduced core multipliers. Trust in Intel products eroded, with ongoing validation challenges. Wendell from Level1Techs highlights concerns.
No More Blue Fridays
Future computers aim to avoid crashes from bad updates, like a recent global outage caused by a security company's flawed update. eBPF technology offers secure kernel execution to prevent such incidents.
Instead I would assume, in order
- my config broke it
- OS update broke it
- the bios doesn’t properly handle any case that isn’t “preinstalled OEM windows”
I had a laptop that as far as I could tell, could only boot into windows’ default bootmgr.efi. I could turn off secure boot, and tamper with that efi to boot Linux, but it refused to acknowledge other boot loaders from within the bios. It wouldn’t surprise me in the slightest if secure boot isn’t properly handled. I’ve had too many issues with cheap computers having janky bioses.
Am I correct that Secure Boot purely exists to prevent this attack vector: malware gets root on the OS, hardware allows updating firmware via OS now owned by malware, but Secure Boot means you have to wipe only the hard drive instead of the firmware to eliminate the malware.
It seems like it would be a lot simpler and more reliable to add a button to motherboards that resets the firmware to the factory version (on memory that can't be written by a malicious OS).
1. Allowing unattended/automatic BIOS updates from a running OS at all
2. Being so paranoid about attacks by a spy with physical access to the computer that the keys cannot be replaced or revoked
I'm not a security researcher, but to just shoot the breeze a bit, imagine:
1. The OS can only enqueue data for a proposed BIOS update, actually applying it requires probable-human intervention. For example, reboot into the currently-trusted BIOS, and wait for the user to type some random text shown on the screen to confirm. That loop prevents auto-typing by a malicious USB stick pretending to be a keyboard, etc.
2. Allow physical access to change crypto keys etc, but instead focus on making it easy to audit and detect when it has happened. For example, if you are worried Russian agents will intercept a laptop being repaired and deep-rootkit it, press a motherboard button and record a values from a little LED display, values that are guaranteed to change if someone alters the key set and/or puts on a new signed BIOS. If you're worried, they'll simply replace the chipwork itself, then you'd need a way to issue a challenge and see a signed verifiable response.
So today a decade+ later there still isn't a standard way to automatically enroll a linux distribution's keys during initial install in any of the distributions (AFAIK).
It's unconscionable to tell users this is here to keep you safe, but that you have no control over it & if something goes wrong well then too bad, at best we might provide an update.
(Also that governments can probably force these root-of-trust companies to sign payloads to circumvent security is also pretty icky to me.)
This time it's AMI. Cannot get bigger.
This leads to accumulation of "power", and monopolization of it in systems leads to vulnerability. One point of failure is enough to compromise entire ecosystem.
Just reminds me that apple checked every application you run, for "safety reasons" (rather checks app certificates, but that is nearly the same).
This phrase does not sit well with me.
Or is that just a protection against rootkits?
I still fail to understand what secure boot is protecting against: if a machine is compromised remotely, does secure boot prevents installing a rootkit that's invisible from virus scanners?
High time.
https://www.documentcloud.org/documents/24833831-cellebrite-...
[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFIPK).bytes) -match "DO NOT TRUST|DO NOT SHIP"
, gives me cryptic errors and gpt of no help.
...
then remembered I'm using custom platform keys
tbh. I don't understand why secure boot is build around global root of trusts instead of ad-hoc per device trust (i.e. like custom platform keys but with better support), at most supported by some global PKI to make bootstraping on initial setup easier
this would not eliminate but massively reduce how much "private key" got leaked vulnerabilities can affect secure boot chains (also move most complexity from efi into a user changeable chain loaders, including e.g. net boot, etc.)
PS:
To be clear " I don't understand why" is rhetorical, I do understand why and find it a terrible bad idea.
Its root of trust is the BIOS/Firmware, which can be updated from a running OS. There is no hardware root of trust.
How Secure Boot Works
Secure Boot ensures that a device boots using only software trusted by the Original Equipment Manufacturer (OEM). Here's a high-level overview:
1. Power On and Initialization: The CPU initializes and runs the BIOS/UEFI firmware, which prepares the system for booting.
2. Platform Key (PK) Verification: The firmware verifies the Platform Key (PK), which is used to validate Key Exchange Keys (KEKs).
3. Key Exchange Keys (KEK) Verification: The KEKs validate the allowed (whitelist) and disallowed (blacklist) signature databases.
4. Signature Database Verification: The firmware checks the allowed (db) and disallowed (dbx) signature databases for trusted software signatures.
5. Bootloader Verification: The firmware verifies the bootloader’s signature against the db. If trusted, the process continues.
6. Kernel and Driver Verification: The bootloader verifies the OS kernel and critical drivers’ signatures.
7. Operating System Boot: Once all components are verified, the OS loads.
Apple Secure Boot Process
Apple adds hardware-based security with the Secure Enclave:
1. Secure Enclave Initialization: Separate initialization handles cryptographic operations securely.
2. Root of Trust Establishment: Starts with Apple's immutable hardware Root CA.
3. Immutable Boot ROM Verification: The boot ROM verifies the Low-Level Bootloader (LLB).
4. LLB Verification: The LLB verifies iBoot, Apple's bootloader.
5. iBoot Verification: iBoot verifies the kernel and its extensions. The Secure Enclave ensures cryptographic operations remain protected even if the main processor is compromised.
For more details, check out:
- <https://uefi.org/sites/default/files/resources/UEFI_Spec_2_8...>
- <https://www.apple.com/business/docs/site/Security_Overview.p...>
I would really love to have a hardware root of trust on a Linux or other open system, with a hardware security module of sorts that is programmable, so I decide what the root keys are, and is able to measure the firmware boot process, establishing a proper audit trail or chain of trust.
I can't remember the HN formatting rules, so expect an edit shortly to make this look better.
Edit: I did a little more poking. It's not quite as bad as I thought, because at least in theory, the BIOS will verify a digital signature of a BIOS update before flashing it.
This joke never gets stale, wait it is not a joke ?
I still believe the only reason for this to exist is to eventually turn general computing devices into a locked down Cell Phone Spying Device.
Related
Vulnerability in Popular PC and Server Firmware
Eclypsium found a critical vulnerability (CVE-2024-0762) in Intel Core processors' Phoenix SecureCore UEFI firmware, potentially enabling privilege escalation and persistent attacks. Lenovo issued BIOS updates, emphasizing the significance of supply chain security.
Secure Boot on Gentoo with Shim and Grub
Enabling Secure Boot on Gentoo involves using shim to launch GRUB, ensuring signed executables during boot. Detailed steps cover key generation, package configuration, bootloader installation, and key enrollment for a secure system.
Dev reports Intel's laptop CPUs are also suffering from crashing issues
Dev reports Intel laptop CPUs facing crashing issues, extending to 13th and 14th-Gen processors. Instability persists despite attempted fixes, impacting flagship Core i9 HX series. Reports suggest widespread degradation, raising concerns for users.
Gamers Nexus: Intel 13th, 14th Gen CPU Oxidation Claims [video]
A YouTube video cautions against using Intel CPUs due to stability issues, lack of transparency, fabrication defects, memory instability, and reduced core multipliers. Trust in Intel products eroded, with ongoing validation challenges. Wendell from Level1Techs highlights concerns.
No More Blue Fridays
Future computers aim to avoid crashes from bad updates, like a recent global outage caused by a security company's flawed update. eBPF technology offers secure kernel execution to prevent such incidents.