Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Microsoft Encryption Privacy Security Windows

Researchers Crack Microsoft Feature, Say Encryption Backdoors Similarly Crackable (thehill.com) 86

An anonymous reader writes: Researchers who uncovered a security key that protects Windows devices as they boot up say their discovery is proof that encryption backdoors do not work. The pair of researchers, credited by their hacker nicknames MY123 and Slipstream, found the cryptographic key protecting a feature called Secure Boot. They believe the discovery highlights a problem with requests law enforcement officials have made for technology companies to provide police with some form of access to otherwise virtually unbreakable encryption that might be used by criminals. "Microsoft implemented a 'secure golden key' system. And the golden keys got released from [Microsoft's] own stupidity," wrote the researchers in their report, in a section addressed by name to the FBI.
This discussion has been archived. No new comments can be posted.

Researchers Crack Microsoft Feature, Say Encryption Backdoors Similarly Crackable

Comments Filter:
  • by Anonymous Coward on Wednesday August 10, 2016 @01:14PM (#52678881)

    proof that [anything developed by Microsoft does] not work.

    FTFY.

    • by Anonymous Coward

      Maybe they shouldn't have emailed the key to Hillary?

      • ... by outlawing disclosure of the the key, and declares victory over "sinister forces seeking to undermine our freedom" (whatever the hell that means.)
        moral of the story, don't leave a bunch of old greedy fucks with no comprehension of technology to regulate it.

  • Dear God (Score:4, Informative)

    by TechyImmigrant ( 175943 ) on Wednesday August 10, 2016 @01:15PM (#52678891) Homepage Journal

    That web site is annoying. 8 bit game music and the text jitters.

  • When will the folks in Redmond put down the pipes?

    • by geek ( 5680 ) on Wednesday August 10, 2016 @01:27PM (#52679001)

      When will the folks in Redmond put down the pipes?

      You laugh but it's a bit ironic. This wasn't a crack, it was a leak. MS actually gave everyone the fucking keys. This is great for me though, I spent 4 hours yesterday telling everyone at work that Microsoft is just as fucked on security today as they were 20 years ago. Then this happens and I'm totally vindicated.

      • They locked the door but left the windows open....

  • by Anonymous Coward

    Rotating golden key, moving starfield and crappy text. Virtually unreadable article. WTF?

    • I sure do miss GeoCities and MySpace.

    • Rotating golden key, moving starfield and crappy text. Virtually unreadable article. WTF?

      All I see is some monospace white on black with blue links, and I could change that to white on black if I had hacktheweb installed. Maybe you should work on this how to internet thing.

  • by UnknownSoldier ( 67820 ) on Wednesday August 10, 2016 @01:23PM (#52678955)

    Their security has a been a joke for *decades*.

  • by Anonymous Coward on Wednesday August 10, 2016 @01:25PM (#52678973)

    Microsoft made a signed policy file which can be used with a Microsoft signed UEFI boot loader to turn off Secure Boot, and accidentally (?) published that policy with the Windows 10 anniversary update. Using this policy, Secure Boot can even be disabled on systems that won't allow the owner to disable it. And of course, this can be used to turn off Secure Boot remotely, so basically Microsoft eradicated any benefit that Secure Boot might have had. Now it's just annoying.

    • by AmiMoJo ( 196126 ) on Wednesday August 10, 2016 @01:30PM (#52679021) Homepage Journal

      An update has appeared that claims to fix this issue (KB3172729). Presumably they have revoked that key and replaced it with a new one.

      This isn't really an issue with backdoors though, it's just an issue with public key crypto in general. You have to protect the private key, and not accidentally leak it. And to be fair to Microsoft, they aren't the only ones. Apple leaked the private key for their firmware updates, allowing you to create an undetectable rootkit that lived in, say, the battery firmware and which could not be removed by a full HDD wipe. And Github regularly scans for people accidentally posting their private keys when they commit code.

      • Re: (Score:2, Informative)

        by Anonymous Coward

        The obvious problem is that they can't revoke the key that enables the boot loader, because that would stop countless devices from booting installation media, recovery partitions and restored systems. They can revoke the key that enables the policy, but anybody with admin rights can replace the boot loader with an older version that doesn't have this key blacklisted, and use that to disable Secure Boot. The magnitude of this fuck-up can hardly be overestimated.

        • by gweihir ( 88907 )

          Indeed. The one thing you absolutely need to do right (besides key-generation) in a public-key system is to keep the secret key secret. If you cannot do that, then you have no business building anything with security implications. Yes, MS is utterly incompetent and has been known for ages to be.

        • >The magnitude of this fuck-up can hardly be overestimated.
          OK, I'll try. How about that moment during the battle at the gates of Mordor when Frodo slipped on the ring there by the fires of Mt. Doom and Sauron suddenly realized that his stupidity was without fathom.

      • Apple leaked the private key for their firmware updates

        Citation, please?

    • by guruevi ( 827432 )

      Secure Boot is not a security feature, it is simply intended to make sure you don't install an "unapproved" OS on things like their Surface Pro. Any vendor can thus lock any otherwise relatively open hardware into "their" software under whatever guise (security, export restrictions, terrorism).

  • They read the specification, they reviewed the implementation, and they found a published key. I am unsure how people define "crack" but this seems more like "I reviewed stuff thoughtfully and published the findings".

    • "You hacked into my house!"

      "No, I didn't. I read the sign posted on your door that said 'The spare key is under the third rock on the left along the path leading up to the door.' I lifted that rock, found the key, and opened your door."

      "HACKER!!!!"

  • by Anonymous Coward

    Can someone make a Linux build for these now and make them useful again?

    • again?!

    • My thought exactly. A surface RT might actually be a great device without windows on it. Now, give me this golden key. Or just a damn tool to disable secure boot. I honestly don't want to fiddle much with this Microsoft stuff.
    • by Myria ( 562655 )

      My exploit from last year (CVE-2015-2552) already allowed trivially jailbreaking Surface RT tablets to run unsigned Windows programs.

      This new exploit, however, adds the ability to run unsigned (technically, self-signed) .efi files, before Windows boots. In order to run an alternative operating system, you need to be able to run .efi files, because it is not possible to chainload from an EFI OS.

      So yes, theoretically, you could make an Android distro for Surface RT now.

      • Why an Android distro and not a generic Linux/ HURD/ BSD* or other OS? For example, the hinted at Huwaei-OS. Yeah, a runnable Huawei-OS distro for Surface-RT would put a nice big hungry cat in amongst a large flock of fat wing-clipped pigeons.
  • by Opportunist ( 166417 ) on Wednesday August 10, 2016 @02:37PM (#52679469)

    Dear politicians: There will never be a backdoor key that only your law enforcement will have. Such things tend to be very, very valuable. Being able to decrypt any and all trade secrets is valuable. At a level where nation states start to be interested, not just some petty criminals, or even large criminal entities. Governments are interested. And they tend to have very, very deep pockets. Pockets deep enough that pretty much anyone becomes open for bribes. And if bribes don't work, well, there are other ways to be convincing.

    Any key you have will also be held by Iran, Russia and probably even North Korea within reasonable time. That backdoor game is an odd one: The only winning move is not to play it.

    • by AHuxley ( 892839 )
      What are the options? A mandated "gov inside" backdoor on every phone able to be used to connect to any US network?
      A state and federal designed in PRISM like NSA and GCHQ decryption network set into every hardware company with access by any state task force with federal funding by default?
      Microsoft handed the NSA access to encrypted messages (12 July 2013)
      https://www.theguardian.com/wo... [theguardian.com]
      "Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the p
  • was the part where he was like HEY FBI SEE WHAT YOU DID THIS IS TERRIBLE YOU SHOULD FEEL BAD as if they are not sitting there laughing their asses off thinking "duh that was the point"
  • by Anonymous Coward

    Because if you have the golden key, you can revoke and replace the golden keys and the personal keys held in escrow by Microsoft, and avoid the extremely cooperative Microsoft approach to providing these to any schmuck with a rubber-stamped piece of paper saying "government on it".

    I was at the MIT lecture hall where Brian Lamacchia presented about the "Palladium" software, since renamed "Trusted Computing" and the core of "Secure Boot". The audience was very unhappy with his pretense that all this security

  • Music: "Brand New Key"

    Oh, I blew a software giant to smithereens,
    I got its Golden Key.
    Wonder what other tasks a wandering mind
    Might have for me.

    Is this megalomania?
    Am I out of my tree?
    Cuz I blew a software giant to smithereens,
    I got its Golden Key.

Keep up the good work! But please don't ask me to help.

Working...