Secure Boot Isn't So Secure After All: The Golden Key Is Out
So much for Secure Boot being so secure... After a mistake by Microsoft, the "golden key" is now out in the wild.
Microsoft itself accidentally leaked the "golden key" to Secure Boot so that theoretically users on any SecureBoot-enabled device can bypass this boot-time safety mechanism. This will make it easy to load Linux on more devices, but this leaked golden key is also beneficial to those dealing with boot/root-kits.
Earlier this year two researchers discovered the issue with the golden key being accidentally left in by Microsoft in some debugging tools. With that key, anyone can close the door on Secure Boot.
While these researchers were in contact with Microsoft the past few months, they've now launched the Secure Golden Key Boot site with details on the issue and how Microsoft managed to royally screw up. Go check out that site if you are curious about all of the technical details.