1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Windows 8 Secure Boot Feature: Not So Secure?

Discussion in 'News' started by qubit, Nov 20, 2011.

  1. mediasorcerer New Member

    Joined:
    Sep 15, 2011
    Messages:
    979 (0.84/day)
    Thanks Received:
    225
    Location:
    coast ,melbourne
    Thanx for the post qubit, interesting development.Thats the first thing i thought when i first heard of windows 8 secure boot feature=it will be cracked. haha
     
    qubit says thanks.
  2. Lipton

    Lipton

    Joined:
    Jan 1, 2010
    Messages:
    68 (0.04/day)
    Thanks Received:
    12
    I honestly have no idea why UEFIs Secure Boot is being brought up here.

    "The researcher claims that the real issue exists in legacy boot procedures, not in the Redmond company's new feature." debunks this whole 'article' and the Softpedia headline is sensational driven by speculation.
     
    Frick says thanks.
  3. Yellow&Nerdy?

    Yellow&Nerdy?

    Joined:
    Oct 7, 2009
    Messages:
    388 (0.21/day)
    Thanks Received:
    56
    Surprise surprise. Seems like Windows 8 might be another Vista.
     
  4. Lipton

    Lipton

    Joined:
    Jan 1, 2010
    Messages:
    68 (0.04/day)
    Thanks Received:
    12
    This exploits the legacy BIOS. Not UEFI and has nothing to do with the Windows 8 support of UEFI Secure Boot.
     
    Easy Rhino says thanks.
  5. newtekie1

    newtekie1 Semi-Retired Folder

    Joined:
    Nov 22, 2005
    Messages:
    20,131 (6.12/day)
    Thanks Received:
    6,193
    • Linux
    • Linux
    • Linux
    • Linux
    • Oh and OSX

    Here is a statement from a Kernal Developer at Red Hat:

    I'm not sure this exploits the legacy BIOS but rather it exploits the legacy boot method on MBR drives, injecting a signed key before the OS boots, which you are correct in that it has nothing to do with Windows 8. And the simplest fix would just be to require boot drives use GPT when Secure Boot is enabled in UEFI.
     
    Last edited: Nov 21, 2011
    Damn_Smooth says thanks.
    Crunching for Team TPU 50 Million points folded for TPU
  6. Damn_Smooth

    Damn_Smooth New Member

    Joined:
    May 16, 2011
    Messages:
    1,435 (1.11/day)
    Thanks Received:
    478
    Location:
    A frozen turdberg.
    So Linux is switching to secure boot also? Or they have to because of UEFI?
     
  7. newtekie1

    newtekie1 Semi-Retired Folder

    Joined:
    Nov 22, 2005
    Messages:
    20,131 (6.12/day)
    Thanks Received:
    6,193
    They don't have to, as Secure Boot is supposed to have the option to be disabled in the UEFI interface. Most of the free distros probably won't see Secure Boot support. However, enterprise supported version of linux, such as Red Hat and the others that see heavy use in the enterprise world, will be using Secure Boot for sure.
     
    Damn_Smooth says thanks.
    Crunching for Team TPU 50 Million points folded for TPU
  8. scaminatrix

    scaminatrix

    Joined:
    Mar 1, 2010
    Messages:
    3,579 (2.07/day)
    Thanks Received:
    794
    Location:
    By the Channel Tunnel, Kent, England
    :laugh: well, at least you can't say he's biased!
     
  9. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    9,873 (3.87/day)
    Thanks Received:
    3,503
    Location:
    Quantum well (UK)
    Great post. :toast:

    But sheesh, I didn't think I hated the whole IT industry? :eek: :)

    The vulnerability isn't in the OS itself. From the looks of it, the UEFI still contains legacy BIOS code that's causing the problem, as the MBR isn't checked. Once that code is updated, this vulnerability will be fixed. Therefore, it's fair to say that any OS, Linux etc at this point would be vulnerable to Stoned Lite.

    Hopefully you're right about all this being an overreaction. Only time will tell for sure, but in the meantime, the previous stories I linked to explain why it's a potential problem and people shouldn't be complacent about it.

    Secure boot also sounds like it will make security software redundant, doesn't it? I suspect that it won't in practice, though.
     
  10. [H]@RD5TUFF

    Joined:
    Nov 13, 2009
    Messages:
    5,615 (3.05/day)
    Thanks Received:
    1,707
    Location:
    San Diego, CA
    I really hope this is true, as I don't want to have to give up linux.
     
  11. newtekie1

    newtekie1 Semi-Retired Folder

    Joined:
    Nov 22, 2005
    Messages:
    20,131 (6.12/day)
    Thanks Received:
    6,193
    You won't have to anyway, secure boot can be disabled by the user in UEFI. That is in the spec for Secure Boot. However, the option isn't required, so we will probably see some OEM machines that have that option missing from UEFI. So just build your own machines and you won't have that problem.:)
     
    Crunching for Team TPU 50 Million points folded for TPU

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page