Security News > 2024 > July > Compromising the Secure Boot Process

On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro.

The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022.

In a public GitHub repository committed in December of that year, someone working for multiple US-based device manufacturers published what's known as a platform key, the cryptographic key that forms the root-of-trust anchor between the hardware device and the firmware that runs on it.

The repository included the private portion of the platform key in encrypted form.

The disclosure of the key went largely unnoticed until January 2023, when Binarly researchers found it while investigating a supply-chain incident.

These keys were created by AMI, one of the three main providers of software developer kits that device makers use to customize their UEFI firmware so it will run on their specific hardware configurations.

News URL

https://www.schneier.com/blog/archives/2024/07/compromising-the-secure-boot-process.html