• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Windows 8 Secure Boot Feature: Not So Secure?

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,866 (3.00/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
We have brought you the potential perils of the upcoming UEFI Forum-implemented - www.uefi.org - Windows 8 secure boot feature here, here and here. However, it appears that it may not be so 'secure' after all, since there appears to be a surefire way to circumvent it, at least for the moment, while it's in development.

Softpedia has scored an exclusive interview with security researcher Peter Kleissner, who has created various Windows (XP, Server 2003 etc) "bootkits", which allow OS infection at the highest privilege level, giving unrestricted access to the whole of the PC. His latest one, called Stoned Lite, shows how the Windows 8 secure boot process, still in development, can be subverted, as it stands. He is planning to release details of how the code works at the upcoming International Malware Conference (MalCon) - http://malcon.org - that will take place in India on November 25th. It appears that the real vulnerability exists in the legacy BIOS boot procedure, not in Microsoft's implementation of secure boot, as Kleissner said:
The problem with the legacy startup is that no one verifies the MBR, which makes it the vulnerable point. With UEFI and secure boot, all the boot applications and drivers have to be signed (otherwise they won't be loaded). You can compare it to TPM, although Arie van der Hoeven from Microsoft announced that the secure boot feature is mandatory for OEMs who want to be UEFI certified. It is a good message that security is not an option.


And as Softpedia put it:
Stoned Lite actually works by infecting the MBR, while storing its components "outside the normal file system." Startup files are "hooked" and "patched" before Windows starts, these files being changed in Windows 7.


Kleissner explained that the basic way Stoned Lite works is by using command line escalation:
As payload I use the command line privilege escalation. Once whoami.exe is launched, it elevates the cmd.exe process rights to SYSTEM by overwriting its security token with a duplicated system process one.

Additionally it will patch the password validation function (MsvpPasswordValidate) so you can use any password for any local user account to log on. You will be able to start Stoned Lite from a USB flash drive or CD where it will be only active in memory.


So, this problem is only present if someone has physical access to the computer and is able to boot off a CD or USB stick. Therefore, this security vulnerability will have no impact in many scenarios where the threat of this kind of attack is very low. Examples include the home environment (usually) and data centres with very good physical security and the other measures they have in place. The most likely place for problems could be in workplaces where someone boots a PC after hours and installs a keylogger or other malware on the system. A significant threat, to be sure. However, despite this vulnerability, secure boot still makes conventional malware attacks useless, such as drive-by downloads from malicious or hacked websites and opening attachments from spam emails, among the many infection vectors around.

Still, it makes Microsoft's bold claim in September, that:
Secured boot stops malware in its tracks and makes Windows 8 significantly more resistant to low-level attacks. Even when a virus has made it onto your PC, Windows will authenticate boot components to prevent any attempt to start malware before the operating system is up and running.
a little less reassuring, doesn't it?

Note that Kleissner will not be at MalCon in person, because he will be attending another conference held on the same day, the European Bitcoin Conference in Prague, where he will show "how to re-direct locally initiated BitCoin transactions, but also show how the BitCoin wallet can be secured better against theft." Therefore, someone else will go in his place to deliver the message, or he may pre-record it.

Finally, while this is a big step forward for PC security, like every other security improvement, there's always a hack to get around it with time somehow, somewhere, which can then be patched and hacked and patched... However, in this case, when the secure boot system goes live and a core vulnerability is found in the UEFI or some other low level component, patching won't be so simple, or maybe even impossible, due to its low level nature. So, once again the suspicion remains that this whole 'initiative' is a backdoor to locking out competing operating systems such as Linux and to DRM your whole PC to 'protect' the profits of big content, in a similar way they already do on games consoles.

There's a lot of big corporate interests riding on secure boot, so do not ever rule out the possibility that it will be subverted to further them.

View at TechPowerUp Main Site
 
Joined
Apr 26, 2009
Messages
513 (0.09/day)
Location
You are here.
System Name Prometheus
Processor AMD Ryzen 9 5950x
Motherboard ASUS ROG Strix B550-I Gaming
Cooling EKWB EK-240 AIO D-RGB
Memory G.Skill Trident Z Neo 32GB
Video Card(s) MSI RTX 4070Ti Ventus 3X OC 12GB
Storage WD Black SN850 1TB + 1 x Samsung 970 Evo Plus 2TB
Display(s) DELL U4320Q 4K + Wacom Cintiq Pro 16 4K
Case Jonsbo A4 ver1.1 SFF
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Corsair SF750 Platinum SFX
Mouse Logitech Pro Wireless
Keyboard Vortex Race 3 75% MX Brown
Software Windows 11 Pro x64
When someone has physical access to your computer the "Secure Boot" feature in Windows 8 should be the last thing on your mind. That person doesn't even need to be that skilled, he just needs to boot your system from a Linux distro from an USB flash drive and gain full access to your data.

You could argue that you could encrypt your data, but very few of us actually do that. And I'm sure any method of encryption that allows decryption can also be circumvented (eg, using master keys and back doors that are always there, you just aren't informed about it).

Another issue with all these "reports" is that they talk about a pre-release alpha version of the OS. And this is nice and informative, but in no way representative about the final version of the OS. I will keep my tin-foil hat away until the OS actually ships.
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,866 (3.00/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
When someone has physical access to your computer the "Secure Boot" feature in Windows 8 should be the last thing on your mind. That person doesn't even need to be that skilled, he just needs to boot your system from a Linux distro from an USB flash drive and gain full access to your data.

You could argue that you could encrypt your data, but very few of us actually do that. And I'm sure any method of encryption that allows decryption can also be circumvented (eg, using master keys and back doors that are always there, you just aren't informed about it).

Another issue with all these "reports" is that they talk about a pre-release alpha version of the OS. And this is nice and informative, but in no way representative about the final version of the OS. I will keep my tin-foil hat away until the OS actually ships.

You bring up a good point: does a secure boot enabled computer implement full disc encryption as standard? I'd have to look more into the spec to say for sure.

If it's not encrypted then yeah, your PC and your data are toast, as you say.
 
Joined
Nov 4, 2005
Messages
11,654 (1.73/day)
System Name Compy 386
Processor 7800X3D
Motherboard Asus
Cooling Air for now.....
Memory 64 GB DDR5 6400Mhz
Video Card(s) 7900XTX 310 Merc
Storage Samsung 990 2TB, 2 SP 2TB SSDs and over 10TB spinning
Display(s) 56" Samsung 4K HDR
Audio Device(s) ATI HDMI
Mouse Logitech MX518
Keyboard Razer
Software A lot.
Benchmark Scores Its fast. Enough.
It really doesn't matter if its encrypted if you are low level hooking into the system anyway, you could intercept the key and you have access.


Rainbow tables are making even high end encryption look like old WEP codes with modern computing power on the GPU.
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,866 (3.00/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
It really doesn't matter if its encrypted if you are low level hooking into the system anyway, you could intercept the key and you have access.


Rainbow tables are making even high end encryption look like old WEP codes with modern computing power on the GPU.

Yup, I'll second that. This is DRM all over, isn't it? Fatally flawed - not a single system left standing and all because it treats the recipient as also the attacker, trying to allow them to use the data in prescribed ways only. Ultimately then, the 'attacker' has the key, it's just hard to get to and use, because they are also the recipient. Therefore, it's only a matter of time.
 

OneMoar

There is Always Moar
Joined
Apr 9, 2010
Messages
8,740 (1.71/day)
Location
Rochester area
System Name RPC MK2.5
Processor Ryzen 5800x
Motherboard Gigabyte Aorus Pro V2
Cooling Enermax ETX-T50RGB
Memory CL16 BL2K16G36C16U4RL 3600 1:1 micron e-die
Video Card(s) GIGABYTE RTX 3070 Ti GAMING OC
Storage ADATA SX8200PRO NVME 512GB, Intel 545s 500GBSSD, ADATA SU800 SSD, 3TB Spinner
Display(s) LG Ultra Gear 32 1440p 165hz Dell 1440p 75hz
Case Phanteks P300 /w 300A front panel conversion
Audio Device(s) onboard
Power Supply SeaSonic Focus+ Platinum 750W
Mouse Kone burst Pro
Keyboard EVGA Z15
Software Windows 11 +startisallback

this has nothing todo with Microsoft OR secure-boot this is by your own admission a bios flaw
and now that we know HOW the exploit is done its a simple matter to patch it
GG security researchers
another spun-thread by qubit ... nothing to see here move along people
 
Last edited:

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,866 (3.00/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
http://images.cheezburger.com/completestore/2010/4/18/129161241205636600.jpg
this has nothing todo with Microsoft OR secure-boot this is by your own admission a bios flaw
and now that we know HOW the exploit is done its a simple matter to patch it
GG security researchers
another spun-thread by qubit ... nothing to see here move along people

Spin, huh? Have you seen the title of the original Softpedia article I linked to? Look, I'll show you: Bootkit Researcher P. Kleissner: Microsoft's Secure Boot a Major Improvement, Likely Still Not Bulletproof (Exclusive Interview)

See? My title says pretty much the same thing, don't it? And as you've said so yourself, my article explains why. Now here's that humble pie you've been meaning to eat... :shadedshu

Now say something that's other than thread crapping or keep quiet.
 
Joined
Jan 2, 2009
Messages
9,899 (1.78/day)
Location
Essex, England
System Name My pc
Processor Ryzen 5 3600
Motherboard Asus Rog b450-f
Cooling Cooler master 120mm aio
Memory 16gb ddr4 3200mhz
Video Card(s) MSI Ventus 3x 3070
Storage 2tb intel nvme and 2tb generic ssd
Display(s) Generic dell 1080p overclocked to 75hz
Case Phanteks enthoo
Power Supply 650w of borderline fire hazard
Mouse Some wierd Chinese vertical mouse
Keyboard Generic mechanical keyboard
Software Windows ten
It really doesn't matter if its encrypted if you are low level hooking into the system anyway, you could intercept the key and you have access.


Rainbow tables are making even high end encryption look like old WEP codes with modern computing power on the GPU.

You tried out some of the password crackers that use GPU?

There's a great demo you can get on AMDS website for a rar archive password cracker I believe ( think it was there I saw it) performance is impressive.

I mean really complex stuff would still take a day to crack, but what's a day? Can leave it running whilst you do other stuff :laugh:
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,472 (4.25/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
WTF?! Stop calling it Windows 8 Secure Boot, it is a UEFI thing, it has nothing to do with Windows 8!

You are a news reporter, you should be able to get something this simple right!
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,866 (3.00/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
WTF?! Stop calling it Windows 8 Secure Boot, it is a UEFI thing, it has nothing to do with Windows 8!

You are a news reporter, you should be able to get something this simple right!

I have got it right. I was wondering when you'd get here and have a go at me about it, lol. And I mean that in a kind way. :)

Look, it's something that's implemented in Windows 8, so it's a Windows 8 feature. Nothing more, nothing less. It's obviously not a feature of any earlier versions of Windows, since they didn't implement it. The fact it also happens to be an industry standard that anyone can use is neither here nor there. And I did actually say "UEFI Forum-implemented - www.uefi.org - Windows 8 secure boot feature" to really clarify it, too.
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,472 (4.25/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
I have got it right. I was wondering when you'd get here and have a go at me about it, lol. And I mean that in a kind way. :)

Look, it's something that's implemented in Windows 8, so it's a Windows 8 feature. Nothing more, nothing less. It's obviously not a feature of any earlier versions of Windows, since they didn't implement it. The fact it also happens to be an industry standard that anyone can use is neither here nor there. And I did actually say "UEFI Forum-implemented - www.uefi.org - Windows 8 secure boot feature" to really clarify it, too.


Try again, it is a feature supported by Windows 8, it is a implemented in UEFI.

I guess you would call x86-64 "Windows XP x86-64" then, since XP was the first Windows OS to support it. The logic is the same, right? The fact that it happens to be an industry standard developed and implemented completely outside of Windows by totally different companies is neither hear nor there...:rolleyes:

In fact, lets just go ahead and start calling UEFI "Windows Vista UEFI" since that was the first Windows OS to support UEFI. It is neither here nor there that Windows Vista has nothing to do with its implementation and design. Or for that matter it doesn't even matter that Windows Vista isn't even required to use the feature, it works with plenty of other OSes, that doesn't matter. It is a feature supported by Windows Vista, so you should just start referring to it as "Windows Vista UEFI".
 
Last edited:

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,866 (3.00/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
Try again, it is a feature supported by Windows 8, it is a implemented in UEFI.

I guess you would call x86-64 "Windows XP x86-64" then, since XP was the first Windows OS to support it. The logic is the same, right? The fact that it happens to be an industry standard developed and implemented completely outside of Windows by totally different companies is neither hear nor there...:rolleyes:

I had a feeling you wouldn't be convinced... lol

Re your Windows example, I have the actual OEM DVD box of the 64-bit version of XP in my paw as we speak and you know what it's called? "Microsoft Windows XP Professional x64 Edition". Yup, industry standard feature of '64-bit processing' is embedded right there in the product name. You surely must have seen these in your shop? qubit 1, NT 0 ;)

Here, look at this snippet from InfoWorld:

Reports of a newly developed bootkit aimed at Windows 8 are tantalizing, given how much positive and negative attention the OS's "secure boot" feature has garnered.

Exactly the same way I've said it. So they surely must be wrong as well? I guess you're gonna say that the quotes make a difference?
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,472 (4.25/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
I had a feeling you wouldn't be convinced... lol

Re your Windows example, I have the actual OEM DVD box of the 64-bit version of XP in my paw as we speak and you know what it's called? "Microsoft Windows XP Professional x64 Edition". Yup, industry standard feature of '64-bit processing' is embedded right there in the product name. You surely must have seen these in your shop? qubit 1, NT 0 ;)

Yep, it sure is right there in the name of Windows. However notice how Windows is not in the name of the x86-64 instruction set? It isn't called "Windows XP x86-64", that isn't the name of the instruction set, just like "Windows 8 Secure Boot" isn't the name of the Secure Boot feature. Calling it "Windows 8 Secure Boot" implies that the feature is a Microsoft invention, which is wrong. You don't get the difference, do you...

Here, look at this snippet from InfoWorld:



Exactly the same way I've said it. So they surely must be wrong as well? I guess you're gonna say that the quotes make a difference?

Yes, they are. Just because someone else does it that makes it right? This site's news posts should be above others, and above simply reposting what everyone else says. And most importantly the news posts should be absolutely correct information. I've pointed out that you are wrong multiple times, and you still refuse to correct the incorrect information, in fact you choice to continue to post the incorrect information even after you know it is incorrect.
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,866 (3.00/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
Yep, it sure is right there in the name of Windows. However notice how Windows is not in the name of the x86-64 instruction set? It isn't called "Windows XP x86-64", that isn't the name of the instruction set, just like "Windows 8 Secure Boot" isn't the name of the Secure Boot feature. Calling it "Windows 8 Secure Boot" implies that the feature is a Microsoft invention, which is wrong. You don't get the difference, do you...



Yes, they are. Just because someone else does it that makes it right? This site's news posts should be above others, and above simply reposting what everyone else says. And most importantly the news posts should be absolutely correct information. I've pointed out that you are wrong multiple times, and you still refuse to correct the incorrect information, in fact you choice to continue to post the incorrect information even after you know it is incorrect.
I "know" it's incorrect? I've just laboured several posts explaining to you why I am actually correct and it really is quite obvious, but you insist on your petty, irritating "corrections". :rolleyes: btw I happened to come across that article well afterwards and it made a useful example. I didn't name it according to what they said. Just to be clear...

Anyway, I can't be bothered to argue it any more with you.
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,472 (4.25/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
I "know" it's incorrect? I've just laboured several posts explaining to you why I am actually correct and it really is quite obvious, but you insist on your petty, irritating "corrections". :rolleyes: btw I happened to come across that article well afterwards and it made a useful example. I didn't name it according to what they said. Just to be clear...

Anyway, I can't be bothered to argue it any more with you.

You've failed to express why you are correct. Your example of Windows have 64-bit edition is poor at best, and the argument of "other people are doing it too" is crap as well.

So again, why do you think Windows 8 Secure Boot is correct when secure boot is a UEFI feature, not a Windows 8 feature?
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,866 (3.00/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
You've failed to express why you are correct. Your example of Windows have 64-bit edition is poor at best, and the argument of "other people are doing it too" is crap as well.

So again, why do you think Windows 8 Secure Boot is correct when secure boot is a UEFI feature, not a Windows 8 feature?

I've failed nothing. My explanation was in the first reply to you and was clear as day. I'm not going to waste any more time on this, so feel free to have the final post on this if you want.
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,472 (4.25/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
I've failed nothing. My explanation was in the first reply to you and was clear as day. I'm not going to waste any more time on this.

Yes, I get it, every feature that is supported by Windows becomes a feature Windows implemented. From now on we shall refer to the 64-bit instruction set as "Windows XP x86-64", and UEFI as "Windows Vista UEFI", because by your logic that is accurate.

And just to be clear, you know it is incorrect, you even acknowledge that in the first sentence of your article. It is a UEFI feature, yet you made the title to sound like it is a feature of Windows 8.
 
Last edited:
Joined
Mar 2, 2009
Messages
5,061 (0.92/day)
Processor AMD Ryzen 5 7600
Motherboard Gigabyte B650 Aorus Elite AX
Cooling Thermalright Peerless Assassin 120 SE
Memory Kingston Fury Beast DDR5-5600 16GBx2
Video Card(s) Gigabyte Gaming OC AMD Radeon RX 7800 XT 16GB
Storage TEAMGROUP T-Force Z440 2TB, SPower A60 2TB, SPower A55 2TB, Seagate 4TBx2, Samsung 870 2TB
Display(s) AOC 24G2 + Xitrix WFP-2415
Case Montech Air X
Audio Device(s) Realtek onboard
Power Supply Be Quiet! Pure Power 11 FM 750W 80+ Gold
Mouse Logitech G304
Keyboard Redragon K557 KAIA RGB Mechanical Keyboard
Software Windows 10
Newtekie's stretching this too far.

Automotive safety bodies of government, or policies related to it, "IMPLEMENT" the installation of seatbelts and/or airbags in cars.

It would be even more obvious in the past where seatbelts have to be required by government.

Therefore seatbelts were "features" of the government policy and not "features" of the cars that have seatbelts?
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,472 (4.25/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
Newtekie's stretching this too far.

Automotive safety bodies of government, or policies related to it, "IMPLEMENT" the installation of seatbelts and/or airbags in cars.

It would be even more obvious in the past where seatbelts have to be required by government.

Therefore seatbelts were "features" of the government policy and not "features" of the cars that have seatbelts?

Ah, seatbelts, a good example. By Quibit's logic, we should be calling them "Saab Seatbelts" because Saab was the first car manufacturer to make them standard in their production cars. It is neither here nor there that someone else entirely developed them, Saab used them so by Qubit's logic they shall be called "Saab Seatbelts".

Now he can start series of negative news posts about how Saab Seatbelts can actually cause deaths in car accidents.

So to answer the question, seatbelts are a George Cayley invention. So if anything they should be "George Cayley Seatbelts", or just "Seatbelts". But you certainly wouldn't refer to them as "Saab Seatbelts" just because Saab supported their use and implemented them in their cars, would you?

With Secure Boot, you can call it "UEFI Secure Boot" or just "Secure Boot", but calling it "Windows 8 Secure Boot" is wrong.
 
Joined
Sep 1, 2010
Messages
7,023 (1.42/day)
So what's this fuss all about anyway? Everything has security holes, anything that was encrypted can be decrypted and so on. There are far more dangerous vulnerabilities targeted at infrastructure and other important facilities nobody cares about. It's funny how today one can tear hair in grief rather than support and help the ones who actually do something.

/rant
 
Joined
May 16, 2011
Messages
1,430 (0.30/day)
Location
A frozen turdberg.
System Name Runs Smooth
Processor FX 8350
Motherboard Crosshair V Formula Z
Cooling Corsair H110 with AeroCool Shark 140mm fans
Memory 16GB G-skill Trident X 1866 Cl. 8
Video Card(s) HIS 7970 IceQ X² GHZ Edition
Storage OCZ Vector 256GB SSD & 1Tb piece of crap
Display(s) acer H243H
Case NZXT Phantom 820 matte black
Audio Device(s) Nada
Power Supply NZXT Hale90 V2 850 watt
Software Windows 7 Pro
Benchmark Scores Lesbians are hot!!!
Ah, seatbelts, a good example. By Quibit's logic, we should be calling them "Saab Seatbelts" because Saab was the first car manufacturer to make them standard in their production cars. It is neither here nor there that someone else entirely developed them, Saab used them so by Qubit's logic they shall be called "Saab Seatbelts".

Now he can start series of negative news posts about how Saab Seatbelts can actually cause deaths in car accidents.

So to answer the question, seatbelts are a George Cayley invention. So if anything they should be "George Cayley Seatbelts", or just "Seatbelts". But you certainly wouldn't refer to them as "Saab Seatbelts" just because Saab supported their use and implemented them in their cars, would you?

With Secure Boot, you can call it "UEFI Secure Boot" or just "Secure Boot", but calling it "Windows 8 Secure Boot" is wrong.

I would appreciate your list of other OS's implementing this feature. Thanks.
 
Joined
Apr 26, 2009
Messages
513 (0.09/day)
Location
You are here.
System Name Prometheus
Processor AMD Ryzen 9 5950x
Motherboard ASUS ROG Strix B550-I Gaming
Cooling EKWB EK-240 AIO D-RGB
Memory G.Skill Trident Z Neo 32GB
Video Card(s) MSI RTX 4070Ti Ventus 3X OC 12GB
Storage WD Black SN850 1TB + 1 x Samsung 970 Evo Plus 2TB
Display(s) DELL U4320Q 4K + Wacom Cintiq Pro 16 4K
Case Jonsbo A4 ver1.1 SFF
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Corsair SF750 Platinum SFX
Mouse Logitech Pro Wireless
Keyboard Vortex Race 3 75% MX Brown
Software Windows 11 Pro x64
Calm down people, everyone is wrong, especially me.

While qubit might be bringing a Charlie Demerjian vibe to TPU, I must give him the benefit of the doubt since he seems to be hating on the entire IT industry, not just the two or three companies. The "Secure Boot" feature seems to be misunderstood as we don't all know exactly what it is.

We browsed the "reports" (not just the TPU versions) and since all of them are heavily biased they try to make Windows 8 (and Microsoft) the bad guy here. It wouldn't be news if it wasn't about a new, shiny (unreleased) product.

The attack described in this article seems to not be geared towards Windows 8 to be fair. Since the attack patches the MBR and then uses an inherent OS problem to obtain elevated rights it looks like Vista, Windows 7, Windows Server 2008 (R1/R2) and possibly others that support UEFI (or any hybrid UEFI version) can be attacked in the exact same way, and I don't see it now how it is related to UEFI or the secure boot feature.

To this looks to be nothing more then a puny OS vulnerability (like hundreds before it and hundreds after it) made to look like UEFI/Microsoft are the bad guys here. It will get patched, before or after the OS ships. Even more it is a vulnerability that first attacks the legacy part of the OS, and I thought that UEFI is the step away from legacy.

So it looks to me like UEFI and Microsoft should make the secure boot feature even more closed and draconic in nature in order to protect their customers. And in this way the reports are contradicting in nature, since half of them complain about the feature locking out Linux and other fluffy things like that while the other half complain about it letting in governments and other not-so-fluffy things.

I remember the same reaction when Microsoft introduced the driver signature enforcement in Vista, everyone automatically switched to panic mode, but in the end all was good.

Like then, everyone is now overreacting, trying desperately for their 15 minutes in the spotlight, and in a way, "Windoze 8 is the D3vil" articles will bring in many visitors to any site, visitors that will translate into add revenue.
 
Joined
Mar 26, 2010
Messages
9,762 (1.91/day)
Location
Jakarta, Indonesia
System Name micropage7
Processor Intel Xeon X3470
Motherboard Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156)
Cooling Enermax ETS-T40F
Memory Samsung 8.00GB Dual-Channel DDR3
Video Card(s) NVIDIA Quadro FX 1800
Storage V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB
Display(s) Samsung 21 inch LCD Wide Screen
Case Icute Super 18
Audio Device(s) Auzentech X-Fi Forte
Power Supply Silverstone 600 Watt
Mouse Logitech G502
Keyboard Sades Excalibur + Taihao keycaps
Software Win 7 64-bit
Benchmark Scores Classified
i feel no matter how hard they try to secure it
it still has a hole
no application that secure 100%
 
Joined
May 16, 2011
Messages
1,430 (0.30/day)
Location
A frozen turdberg.
System Name Runs Smooth
Processor FX 8350
Motherboard Crosshair V Formula Z
Cooling Corsair H110 with AeroCool Shark 140mm fans
Memory 16GB G-skill Trident X 1866 Cl. 8
Video Card(s) HIS 7970 IceQ X² GHZ Edition
Storage OCZ Vector 256GB SSD & 1Tb piece of crap
Display(s) acer H243H
Case NZXT Phantom 820 matte black
Audio Device(s) Nada
Power Supply NZXT Hale90 V2 850 watt
Software Windows 7 Pro
Benchmark Scores Lesbians are hot!!!
Top