Secure Boot is broken at least since 2022 when a ‚platform‘ key, an intermediate in the trust chain, was leaked on github.
„The encrypted [key] file, however, was protected by a four-character password“
And it was found:
„an additional 21 platform keys [in production] contain the strings “DO NOT SHIP” or “DO NOT TRUST.”
https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/
Stefan Eissing /
npub179…nr96e
2024-07-26 07:24:03
Author Public Key
npub179eu5lkc7wklv8f44w6fz4qpc8gpkk2x8e32k7ha43pgvyj4jkqqqnr96ePublished at
2024-07-26 07:24:03Event JSON
{
"id": "1bf25cf8bbfc5677c6c0a146216539d34c03b8451b2ee2d53a095fdd887e4995",
"pubkey": "f173ca7ed8f3adf61d35abb4915401c1d01b59463e62ab7afdac428612559580",
"created_at": 1721978643,
"kind": 1,
"tags": [
[
"proxy",
"https://chaos.social/users/icing/statuses/112851592409270887",
"activitypub"
]
],
"content": "Secure Boot is broken at least since 2022 when a ‚platform‘ key, an intermediate in the trust chain, was leaked on github.\n\n„The encrypted [key] file, however, was protected by a four-character password“\n\nAnd it was found:\n\n„an additional 21 platform keys [in production] contain the strings “DO NOT SHIP” or “DO NOT TRUST.”\n\nhttps://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/",
"sig": "4f5d12b335b11bcf5b6b36679b6cc567e28b8227ff722cef501ac78f1b57890e2f5cb30159250fa681e83e907cb5b8e8e2666468dadb67e718ac8d1cc50de8fa"
}