News AI
August 22nd, 2024

What is an SBAT and why does everyone suddenly care

Secure Boot Advanced Targeting (SBAT) simplifies boot security for dual-boot systems by using security generations. Recent Microsoft updates marked older GRUB versions untrustworthy, raising concerns about user access and update testing.

Read original articleLink Icon
What is an SBAT and why does everyone suddenly care

The article discusses the recent emergence of Secure Boot Advanced Targeting (SBAT) and its implications for dual-boot systems, particularly those running Windows and Linux. SBAT was developed to address vulnerabilities in bootloaders, specifically the GRUB bootloader, which is used by many Linux distributions. The traditional Secure Boot model required revoking individual hashes of untrustworthy code, which became impractical due to storage limitations. SBAT simplifies this by allowing boot components to declare a security generation, which can be incremented when vulnerabilities are fixed. Microsoft recently pushed an update that marked older versions of GRUB as untrustworthy, leading to boot failures for some dual-boot systems that had not updated their GRUB versions. This situation has raised concerns about the testing and deployment of updates, as well as the responsibility of Linux distributions to ensure their bootloaders are secure. The article emphasizes the need for better communication and testing to prevent end users from being locked out of their systems due to security updates.

- SBAT simplifies the Secure Boot process by using security generations instead of individual hashes.

- Microsoft's update marked older GRUB versions as untrustworthy, affecting dual-boot systems.

- The situation highlights the need for better testing of updates to avoid user lockouts.

- Linux distributions must ensure their bootloaders are updated to maintain security.

- The incident raises questions about the balance between security and user accessibility.

Related

Tell HN: Microsoft SecureBoot "Breaking" Changes, Today's Milestone

Tell HN: Microsoft SecureBoot "Breaking" Changes, Today's Milestone

Microsoft's Patch Tuesday updates KB5041585 and KB5041580 for Windows 10 and 11 fix boot issues with older Linux ISO images and automatically blacklist compromised SecureBoot keys, excluding dual-boot systems.

Dual-boot systems fail after Microsoft update

Dual-boot systems fail after Microsoft update

Microsoft's update to fix a GRUB vulnerability caused boot failures in dual-boot systems, affecting Linux distributions. Users reported issues, and Microsoft has not acknowledged or provided support for the problem.

Microsoft's latest security update has ruined dual-boot

Microsoft's latest security update has ruined dual-boot

Microsoft's security update has disrupted dual-boot systems with Windows and Linux, causing boot issues and error messages. A workaround for Ubuntu users involves disabling Secure Boot in the BIOS.

“Something has gone seriously wrong,” dual-boot systems warn after MS update

“Something has gone seriously wrong,” dual-boot systems warn after MS update

Microsoft's update to fix a GRUB vulnerability has caused boot failures in dual-boot systems, affecting Linux distributions like Debian and Ubuntu, while raising concerns about Secure Boot's reliability and security.

Microsoft's latest security update has ruined dual-boot Windows and Linux PCs

Microsoft's latest security update has ruined dual-boot Windows and Linux PCs

Microsoft's security update has disrupted dual-boot systems with Windows and Linux, causing boot issues and error messages. A workaround exists for Ubuntu users, highlighting vulnerabilities in Secure Boot technology.

Link Icon 31 comments
By @userbinator - 5 months
Obviously people might screw up, but the spec included a way to revoke any signed components that turned out not to be trustworthy

"trustworthy" according to who? Remember that dystopia does not appear spontaneously, but steadily advances little-by-little.

What's the summary? Microsoft (understandably) didn't want it to be possible to attack Windows by using a vulnerable version of grub that could be tricked into executing arbitrary code and then introduce a bootkit into the Windows kernel during boot. Microsoft did this by pushing a Windows Update that updated the SBAT variable to indicate that known-vulnerable versions of grub shouldn't be allowed to boot on those systems.

Who is Microsoft to decide what others do on their machines? Should they have the right to police and censor software they have no control of? In the spirit of Linus Torvalds: Microsoft, fuck you!

We are seeing the scenario Stallman alluded to over 2 decades ago slowly become a reality. He wasn't alone either.

https://www.gnu.org/philosophy/right-to-read.en.html

https://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

Things like TPM and "secure" boot were never envisioned for the interests of the user. The fact that it incidentally protects against 3rd party attacks just happened to be a good marketing point.

"Those who give up freedom for security deserve neither."

By @teekert - 5 months
A recent Linux Unplugged episode went into how one can use the TPM to set up a secure and trusted chain of trust for the booting process on Linux [0] using Clevis [1], very interesting!

[0] https://linuxunplugged.com/572

[1] https://fedoramagazine.org/automatically-decrypt-your-disk-u...

By @ab71e5 - 5 months
> Microsoft's stated intention was that Windows Update would only apply the SBAT update to systems that were Windows-only, and any dual-boot setups would instead be left vulnerable to attack until the installed distro updated its grub and shipped an SBAT update itself.

I wonder what went wrong here? If you would read the EFI boot order it would clearly say to boot shim first? Or were these dual boot setups where the user would use the firmware menu to select linux or windows?

Anyway this comes at a time when I want to install linux on my work PC, since it has two nvme slots I think I'll go with installing it on a completely separate drive. Would have not prevented this issue though, which seems a legitimate fix from microsoft, just bad communication.

By @rwmj - 5 months
I really hate the error message from shim (or SB in general) when a security check fails. At tell me what exactly failed and what I could do to fix it.
By @kuon - 5 months
Isn't secure boot the first thing you disable when you install linux?
By @notarealllama - 5 months
<Tinfoil hat> I think there's more than meets the eye here. I think part of the reason MS is enforcing TPM2.0 and now this SBAT update is that there is widespread rootkit level malware and they are trying to stay ahead of the curve. </Tinfoil hat>

When it comes to the realities of dual-booting, I had tons of problems with Win7/8/10 with suspend-to-hiberfile.sys issues and updates 10 years ago breaking grub. 10 years ago I finally decided, "You know what, I'm just going to run Linux, if I really need Windows or Mac, I can run a VM or use a separate spare computer."

Since then I have successfully setup Secure Boot for my distro, learned how to tweak QEMU for performance and passthrough, got a working QEMU macOS VM (although having to update every few months to keep XCode working is a pain), and generally pretty happy with the state of affairs.

By @hypeatei - 5 months
> because otherwise they're shipping a vector that can be used to attack other operating systems and that's kind of a violation of the social contract

I see the end of the chain still ends up at "trust" in humans/companies at some level. Microsoft broke dual boot systems because they think they know what's best for someone else's system and that's not okay.

By @zokier - 5 months
Major question for me is, are the grubs that are getting rejected completely unpatched, or were they patched by distros without updating the "security generation"?

I'd be also really curious to hear how MS was attempting to do dual-boot detection, I hope someone (more skilled than I) would reverse engineer that bit from the update.

By @skywhopper - 5 months
Interesting. The question that immediately popped into my head was: How does the secure boot system determine the “security generation” of GRUB exactly? Sounds like just based on the assertion of GRUB itself (and trusted signature of the distribution that built GRUB)?

The fact that the list of allowed GRUB versions is itself manageable via a Windows Update points to some other issues with this particular security scheme, given Microsoft’s own recent history of mishandling private keys.

By @franga2000 - 5 months
I don't understand what the expected behaviour is here? Let's say you dual-boot two copies of Arch so we don't drag M$ into this. You update one, get the latest bootloader update that increments this security generation thingy. You reboot to go update the other one as well but its number is too low, so it's unbootable. What now?
By @gradschoolfail - 5 months
https://archive.ph/PePOh

Secure Boot Advanced Targeting

By @superkuh - 5 months
Here is a mirror for anyone else getting blocked* by dreamwidth for not using a corporate browser: https://web.archive.org/web/20240822091216/https://mjg59.dre...

* No matter how many times I do the captcha.

By @pas - 5 months
is it possible to update grub from Windows? or is it enough to disable secure boot, boot Linux, upgrade, reenable?
By @elendee - 5 months
This hit me 2 days ago as I was shuffling dual boot systems around trying to recover some old data for a client. Kind of hilarious timing tbh, right after I was done laughing arrogantly about CrowdStrike
By @tannhaeuser - 5 months
Although MS' stance to block old vulnerable grub installs seems reasonable here, I've come to run Windows only for games and a single piece of legacy software (as a backup for my aging x86 Mac) without net access at all. The moment you allow Win updates, everything is up to chances. MS moving around registry keys and other shenanigans to force "telemetry" (aka ads and behavioral data scanning for ML) onto users, even on Windows Pro, should be telling enough. Needless to say, I'm running Win 10.
By @glandium - 5 months
Fun fact. Just as this story was unfolding, I was installing a Debian system on an Acer desktop machine. The Debian installer wouldn't start with secure boot enabled because of this, but also, once I fixed up things, I couldn't get the firmware to recognize any entry added by Debian. It would hide and deactivate them on its own. I ultimately had to use a copy of the EFI partition on a USB key for it to work.
By @Animats - 5 months
Does this interfere with wiping Windows from a system and installing Linux? Or does installing Windows contaminate the TPM module permanently?
By @pjc50 - 5 months
Something seems to be wrong with the whole security model.

> those versions of grub had genuine security vulnerabilities that would allow an attacker to compromise the Windows secure boot chain

This feels like a "my secure compartments are all connected together" moment. If Microsoft want to verify that they're in an all-Microsoft boot chain, sure, whatever, fine. But somehow the compromise of any loader allows compromise of Windows? And in turn Microsoft are able to break grub installations? Why is that acceptable?

(also, I feel a bit "I told you so" about this. Back when all this was being introduced I felt that (a) secure boot increases the risk of locking you out of your machine and/or data loss and (b) a situation where Linux is dependent on the collaboration of Microsoft in order to boot is very dangerous long-term.)

By @SixDouble5321 - 5 months
Easy answer: say no to Microsoft and TPMs.

You can buy a computer with Linux installed, today!

Ubuntu is easy, so is kubuntu.

You can do anything on Linux that you can do on windows and most of the time it's child's play. The past is the past, give up on windows.

By @fortran77 - 5 months
All I can think of is choral music arrangements.
By @mtlmtlmtlmtl - 5 months
This sort of thing is exactly why I have automatic updates disabled on my Windows partition. I've been burned so many times by bad Windows updates breaking stuff. My favourite is when stuff breaks during the "configuring updates" stage after a reboot, leaving Windows in a boot loop with no error codes or anything to help you figure it out. And of course the documentation from MS is utter garbage. Most of the time the only solution I found was to reinstall Windows.

Now I always google around a bit before applying any fresh Windows updates to see of there's any breakage reported.

By @Hydrocarb0n - 5 months
IMO secure boot is a waste of time for most scenarios, if theres closed source EUFI code running god knows what in the background, it dosn't matter how signed and secure your OS kernel is.

Ive never been sucessfully able to dual boot windows and linux on a mobo with secure boot turned on, it seems that is a feature not a bug I'm sure MS would never influence hardware vendors to make it dissadvantage a growing number of linux users.

By @stonethrowaway - 5 months
> Short version: Secure Boot Advanced Targeting and if that's enough for you you can skip the rest you're welcome.

Based. Unfathomably based.

By @teractiveodular - 5 months
Mildly disappointed that this wasn't about CBAT.

https://www.sportskeeda.com/pop-culture/who-hudson-mohawke-d...

By @fuzzer371 - 5 months
So it's a linked list