All 'Secure Boot'-Enabled Windows Devices May Be Permanently Vulnerable Due To 'Golden Key' Backdoor, Say Researchers

[Lucian Armasu]

Secure Boot vulnerabilities allow anyone to unlock Windows 8, Windows 8.1, and Windows 10 devices, or to install bootkits and rootkits on them. Microsoft has yet to address the issue publicly.

All 'Secure Boot'-Enabled Windows Devices May Be Permanently Vulnerable Due To 'Golden Key' Backdoor, Say Researchers : Read more

 

[Jeff Fx]

So we're back to where we were with totally open PCs. Is this supposed to be bad?

 

[captaincharisma]

still better than a mac

 

[JakeWearingKhakis]

Umm the update is from the future!!!!!!

"Updated 9/11/2016

 

[Rhinofart]

Just wondering, how is that better than a Mac? They are all about the same these days. Mac, Win, *nix same as Ford, Dodge, Chevy.

 

[abbadon_34]

""A backdoor, which MS put in to Secure Boot because they decided to not let the user turn it off in certain devices, allows for Secure Boot to be disabled everywhere!""

So does mean we can truely disable all the datamining and spyware in Win 10 ? Maybe it is finally safe to upgrade. Just waiting on a nice open source utility.

 

[Darkk]

JAKEWEARINGKHAKIS Aug 11, 2016, 3:34 PM
Umm the update is from the future!!!!!!

"Updated 9/11/2016"

TIME WARP!!!

 

[memadmax]

Friends don't let friends run Win8/10...

No, I don't care that MS came out and said it doesn't apply to desktop machines...

My trust meter with MS is at: -3

 

[virtualban]

one key feature (not bug) shown, 99 still remaining
(and, why am I having trouble posting here? had to logout relogin and still brings me to the next article, witcher3 when clicking comments on the same tab)

 

[kungpaoshizi]

Are you using Chrome Virtualban? I'm using IE (because my work is stupid and won't use Edge) and I have no issues.
Otherwise this really isn't news. They would say the same thing about a POS system that has no ports and it would qualify because you could break it open and connect to jumpers inside.. There's not a single machine that has un-exploitable setup, in existence, when it comes to physical access.

 

[godmodder]

If the attacker has physical access, then all bets are off anyway.

 

[targetdrone]

And let this be an example of why putting a backdoor in any encryption protocol is a bad idea and anyone that suggests such a thing needs to be strangled with mouse cable. 😉

 

[Paul NZ]

""A backdoor, which MS put in to Secure Boot because they decided to not let the user turn it off in certain devices, allows for Secure Boot to be disabled everywhere!""

So does mean we can truely disable all the datamining and spyware in Win 10 ? Maybe it is finally safe to upgrade. Just waiting on a nice open source utility.

Get shutup10

 

[Groza Adrian]

So that means,that by exploiting the vulnerability in secure boot for Lumias and Windows RT tablets we can install android on them?

 

[D34D M34T]

Thank you NSA(which requires this BS).

 

[Christopher1]

This is just insane. WHY did they include this in the code to begin with? I could understand on DEVELOPMENT versions of Windows 8-10. But on other versions? No or you should be required to intentionally turn this functionality on!

 

[jazzy2945]

So to take advantage of this you need to have physical contact with the device and have administrator rights (in other words able to sign in with a password) to use the backdoor. In other words be able to get to a bank vault and have the combination to unluck the safe. Not impossible but very difficult to do.

 

[bigbikefan]

Finally we'd all move to Unix/Linux with no second thought, as the even the game developers should know better...

 

[jazzy2945]

Finally we'd all move to Unix/Linux with no second thought, as the even the game developers should know better...

Unfortunately, Linux is not the answer has many. I have been hearing Linux this and Linux that for the past 20 years or more and still it has not gain more than 1% of the desktop market. I have been playing with Linux for many years and never found it satisfying to what I do and need to do. Why complicate my life when Windows cover my needs? Beside if Linux ever become very popular it will become the target of hackers, same as Windows. Lately there have been found many bugs and backdoor to Linux because at the end nothing is in-vulnerable, you just take what works for you.