Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Secure Boot Isn't So Secure After All: The Golden Key Is Out

Written by Michael Larabel in Microsoft on 11 August 2016 at 08:56 AM EDT. 52 Comments

MICROSOFT

So much for Secure Boot being so secure... After a mistake by Microsoft, the "golden key" is now out in the wild.

Microsoft itself accidentally leaked the "golden key" to Secure Boot so that theoretically users on any SecureBoot-enabled device can bypass this boot-time safety mechanism. This will make it easy to load Linux on more devices, but this leaked golden key is also beneficial to those dealing with boot/root-kits.

Earlier this year two researchers discovered the issue with the golden key being accidentally left in by Microsoft in some debugging tools. With that key, anyone can close the door on Secure Boot.

While these researchers were in contact with Microsoft the past few months, they've now launched the Secure Golden Key Boot site with details on the issue and how Microsoft managed to royally screw up. Go check out that site if you are curious about all of the technical details.

52 Comments

Related News

Microsoft's CBL-Mariner Linux Distribution Continues Cultivating More Packages

Linux Patch Updated For Rumble Support On Latest Microsoft Xbox Controllers

Microsoft Increasing Linux Security On Hyper-V With VTL/VSM Support

Microsoft's CBL-Mariner Linux Shows Increasing HPC Interest

Microsoft's CBL-Mariner Adds More Desktop Code, Enables WireGuard & Boots systemd-oomd

Microsoft Officially Launches D3D12 GPU Video Acceleration For WSL Linux Use

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

Intel Thunder Bay Is Officially Canceled, Linux Driver Code To Be Removed

Still Have A Use For Adobe Flash? Ruffle Is Working To Safely Emulate It In Rust

Linux 6.4 AMD Graphics Driver Picking Up New Power Features For The Steam Deck

Raja Koduri Departing Intel To Start New Software Company

Codon Looks Very Promising For Super-Fast Python Code

Steam Deck Goes On Sale For Steam's Spring Sale

Wine 8.4 Released With The Early Wayland Graphics Driver Code, 51 Bug Fixes

Debian 12 "Bookworm" Enters Its Hard Freeze