MS: Secret "Golden Key" Leaked...Millions of devices now remotely unlockable...
Sunday, August 14, 2016 by DrJBHL | Discussion: Personal Computing
Pretty ironic when you realize MS was on Apple's side of the "unlocking" controversy. MS itself forgot to keep its own keys to Windows tablets, phones, HoloLens and other devices using UEFI Secure Boot safe and secure.
"Secure Boot is a built into the firmware of computer or the software as the case may be, allowing the computer/software to make failsafe checks before booting. Microsoft built Secure Boot to handle different types of malware specifically the rootkit malware which even antivirus tools can’t identify. If Microsoft’s Secure Boot detects tampered files or rootkit malware, it refuses to let the OS boot." - Techworm
"Microsoft kept its security keys in open, and then failed to correctly patch for the issue, resulting in an ongoing issue that “may not be possible to fully resolve.” “A backdoor,” the researchers noted, “which MS put in to secure boot because they decided to not let the user turn it off in certain devices, allows for secure boot to be disabled everywhere!”
The leaked Golden Key’s allows any person the ability to bypass Windows Secure Boot using the profiles Microsoft made public. The key not only allows hackers to replace Windows OS with something else such as Linux, but also “permits the installation and execution of bootkit and rootkits at the deepest level of the device.” - ibid
Truly swift. MS at work making your system securer. Thanks.
Source:
Reply #2 Sunday, August 14, 2016 8:15 PM
Saw this article a few days ago. Is it any wonder MS is in the shape its in.
Reply #3 Tuesday, August 16, 2016 11:52 PM
What a screw up. Gotta love the webpage the dude put up to publish the exploit
https://rol.im/securegoldenkeyboot/
Reply #4 Thursday, October 6, 2016 11:48 AM
Saw this article a few days ago. Is it any wonder MS is in the shape its in.
Yup, MS needs to pull its head out of its proverbial rectum if it's going to survive. With so many users forced to go to Win 10, the 'forced' updates and backdoor Scheduled Maintenance that alters users systems, MS has done more than enough to direct oodles of mass hate towards it. And the trust? I don't think even MS employees even trust MS anymore. I certainly don't!
Reply #5 Thursday, October 6, 2016 12:08 PM
Lovely. Microsoft has made mistakes in the past but lately it's like a hit of the week. Even an old Windows IT guy like me is starting to think it might be time to jump ship.
Reply #6 Friday, October 7, 2016 11:59 PM
Lovely. Microsoft has made mistakes in the past but lately it's like a hit of the week. Even an old Windows IT guy like me is starting to think it might be time to jump ship.
I've been feeling that way for a while.... jumping ship, that is. I didn't want Win 10 in any way, shape or form, doing everything I could to avoid it, but one night after shutdown I had it foisted upon me during 'Scheduled Maintenance'. You can imagine my shock, horror, going to bed with Win 8.1 installed and waking to Win 10... with no way to roll back as my recovery partition was wiped. Then, to add insult to injury, MS kept rubbing salt into the wound by borking my HP 2-in-1 with unnecessary, unwanted driver updates for hardware I didn't even have installed. Thing is, if you find a way to block Windows Update downloading and installing unwanted updates, MS just circumvents your preferences by downloading and installing those updates during the night, even when the machine is turned off. Yup, they can wake it remotely if your internet is on/connected. I've taken to shutting mine off when I shut down my machines for the night, being scheduled Maintenance is currently set to begin at 3.00am. I do expect, though, that MS will reschedule for daytime start just to piss me off with crap I neither need or want.
Now I like Win 10 better than when if was first released, now that I've tweaked it more to my liking and needs, but I don't trust MS to not tamper with my preferences to further its ideals. I will continue to tweak things to my liking, but I think it is inevitable that Win 10 will become a subscription OS and charge users monthly fees to access their own machines. When that happens I WILL jump the Windows ship on this machine and use one of the Linux distros I've been looking into. I currently have Win 8.1 on my other 3 machines, and with use that until support for it ends. By then I will have learnt enough about Linux to just swap over to that when the time comes.
Please login to comment and/or vote for this skin.
Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:
- Richer content, access to many features that are disabled for guests like commenting on the forums and downloading skins.
- Access to a great community, with a massive database of many, many areas of interest.
- Access to contests & subscription offers like exclusive emails.
- It's simple, and FREE!
Reply #1 Sunday, August 14, 2016 10:17 AM
Just can't get good help these days.