Security News > 2023 > May > S3 Ep134: It’s a PRIVATE key – the hint is in the name!
"We've hacked their stuff, including source code, development tools, and private keys. We will publish stolen data when timer expires," they said.
One key that they referred to as an Intel OEM debugging key.
Now, again, that's not a key from Intel it's a key that is used for a feature that Intel provides in its motherboard control hardware that decides whether or not you are allowed to break into the system while it's booting, with a debugger.
As Intel wryly states, almost satirically, in its own documentation for these debugging authorisation keys: "It is assumed that the motherboard manufacturer will not share their private keys with any other people."
In short, it's a PRIVATE key, folks the hint is in the name.
If you're someone who has to look after cryptographic keys, whether you are a motherboard manufacturer or not, be careful out there because, as Intel has reminded us all, it's a PRIVATE key.
News URL
https://nakedsecurity.sophos.com/2023/05/11/s3-ep134-its-a-private-key-the-hint-is-in-the-name/