Saturday, October 29th 2011

Windows 8 Secure Boot: Handy Malware Backdoor for Nosy Governments?

by
qubit
 Discuss (84 Comments)
We've written before how Microsoft's new secure boot feature in Windows 8 could likely be used to shut out competition and create the ultimate in walled garden consumer lock-ins - something that is very undesirable from a competition, price and consumer choice viewpoint. However, it now appears that governments could lean on Microsoft in order to install secret snooping malware on user's PCs.

Ross Anderson, professor of Security Engineering at the University of Cambridge Computer Laboratory, has written in the Light Blue Touchpaper blog, about this issue. He starts off by explaining how secure boot could limit the purchase Metro apps to only the official Microsoft app store, saying. "Even if users can opt out, most of them won't. That's a lot of firms suddenly finding Steve Ballmer's boot on their jugular." That sounds very well put and really doesn't paint a pretty picture, does it? It's exactly the same tactic as all these firms that require you to opt out of receiving their junk mail, toolbars etc when installing software, knowing full well that the majority won't.

However, this control can turn from monopolistic to sinister, because governments could potentially lean on Microsoft to give them an official key in order to install malware on user's PC's, which could be next to impossible to remove. The particular example he gives is that of Tubitak, the Scientific and Technological Research Council of Turkey, saying that he has removed their key from his web browser, but how would he identify all foreign governments' keys?
We've also been starting to think about the issues of law enforcement access that arose during the crypto wars and that came to light again with CAs. These issues are even more wicked with trusted boot. If the Turkish government compelled Microsoft to include the Tubitak key in Windows so their intelligence services could do man-in-the-middle attacks on Kurdish MPs' gmail, then I expect they'll also tell Microsoft to issue them a UEFI key to authenticate their keylogger malware. Hey, I removed the Tubitak key from my browser, but how do I identify and block all foreign governments' UEFI keys?
Sounds nasty, doesn't it? This isn't something that anyone should want on their computer.

Anderson has also written an 8-page paper (PDF) entitled "Can We Fix the Security Economics of Federated Authentication?" which covers this problem in great detail.

The Free Software Foundation has also also started a petition against secure boot, which people are encouraged to sign.

Related News

Add your own comment

84 Comments on Windows 8 Secure Boot: Handy Malware Backdoor for Nosy Governments?

#76
Solaris17
Super Dainty Moderator
FrickYou see this is the problem with "qubit news". The post is full of potentials and maybes but people ignore that.
and you sir seem like a troll since post #1 I see nothing wrong with this type of journalism. He isnt using slander, He is simply pointing out what COULD happen if this WERE to become a problem. Just because software engineers have had the ability to backdoor your PC for the past 30 years is irrelevant, but true. The fact of the matter is that however unlikely it may be it is something that can be a real problem either now or down the raod, and what if this secure boot is adopted and developed further? what if companys start doing it? what if they FORCE you to have it enabled? what if they dont have an opt-out to scan your PC for updates in the future? what if that turns into some anti pr0n act and they start filtering you on the PC level? unlikely? How unlikely is it? their have been a number of bills attempting to be passed that censor the net. what makes doing it on the hardware level diffirent? I see nothing wrong with these news stories, you may think their biased or what have you. But I think he does a good job of showing you all the angles and the not so immediate effects of what things could be. Of course I dont have the mind of a child. So when I read this I can put together what he is saying as fact and what could happen.
Posted on Reply
#77
OneMoar
There is Always Moar
Solaris17and you sir seem like a troll since post #1 I see nothing wrong with this type of journalism. He isnt using slander, He is simply pointing out what COULD happen if this WERE to become a problem. Just because software engineers have had the ability to backdoor your PC for the past 30 years is irrelevant, but true. The fact of the matter is that however unlikely it may be it is something that can be a real problem either now or down the raod, and what if this secure boot is adopted and developed further? what if companys start doing it? what if they FORCE you to have it enabled? what if they dont have an opt-out to scan your PC for updates in the future? what if that turns into some anti pr0n act and they start filtering you on the PC level? unlikely? How unlikely is it? their have been a number of bills attempting to be passed that censor the net. what makes doing it on the hardware level diffirent? I see nothing wrong with these news stories, you may think their biased or what have you. But I think he does a good job of showing you all the angles and the not so immediate effects of what things could be. Of course I dont have the mind of a child. So when I read this I can put together what he is saying as fact and what could happen.
paranoia is the gateway to ignorance
and no
NONE of his post cite ANY facts 100% of his posts are conjecture or lose assumptions based on oddball sources and personal bias
I am done with this thread and pretty much any thread by qubit I can only hope that eventually something will be done before techpowerup's good name is ruined by people like him
Posted on Reply
#78
Solaris17
Super Dainty Moderator
OneMoarparanoia is the gateway to ignorance
thanks hemmingway, are you part of the dead poets society as well? It almost seems like your trying to classify me with your book quote. I'll have you know i fear nothing from secure boot and i honestly dont think the govt will use my PC to its advantage. But their is no need to attack someone for mentioning what could happen. If thats the case im going to yell in BOLD text at everyone who reccomends a new PSU when theirs a graphics card problem. Because obviously going by liner logic the PSU could never cause an issue with a graphics card.

Posted on Reply
#79
OneMoar
There is Always Moar
no the point is techpowerup isnt the-register or the national inquirer
techpower up does not report baseless-conjecture or link to sites like the above OR at least It never used to. if I wanted to read about WHAT IFS and MABYS and other assorted tin foil hat _news_ I would read slashdot or phoronix
and as much as I hate my self for using this card I can't think of any better way to put it
the foss user thought process
> disagree with lowly windows user > claim to be Superior > fail > blame Microsoft > tell everyone that mean ol corporations and "the man" are out to get them > be proven wrong by the majority of users >QQ
Posted on Reply
#80
Solaris17
Super Dainty Moderator
OneMoarno the point is techpowerup isnt the-register or the national inquirer
techpower up does not report baseless-conjecture or link to sites like the above OR at least It never used to. if I wanted to read about WHAT IFS and MABYS and other assorted tin foil hat _news_ I would read slashdot or phoronix
and as much as I hate my self for using this card I can't think of any better way to put it
the foss user thought process
> disagree with lowly windows user > claim to be Superior > fail > blame Microsoft > tell everyone that mean ol corporations and "the man" are out to get them > be proven wrong by the majority of users >QQ
so he should be linking here?
Posted on Reply
#81
OneMoar
There is Always Moar
Solaris17so he should be linking here?
no he should't be linking at all in fact he should't be writing at all
everyone of his posts is a mixture of assumptions and FUD he has YET you show any credible proof of anything he is reporting
every-post I read by him reads like he is desperately searching for a way to connect his dots in such a manor that gives credit to his theory anyone or anything that is coperate or not "open" is evil and is out to get him
qubitSo yeah, you're damn right I'm negative about this technology and I'm going to keep writing news articles about it. Remember, governments and big corporations like nothing better than to restrict and control the population for their own gain and profits.
yeaaaaaaaaaaaaaaaaaaaaaaa take the tin foil hat off please
I should add that that kind of reporting is EXACTLY whats wrong with journalism today and its the kind of thing I can't stand
Posted on Reply
#82
OneMoar
There is Always Moar
frankly I really don't care the more he writes the more people think he is out of his gourd sooner or later the shit will hit the fan
/out
Posted on Reply
#83
sneekypeet
Retired Super Moderator
OneMoarno he should't be linking at all in fact he should't be writing at all
everyone of his posts is a mixture of assumptions and FUD he has YET you show any credible proof of anything he is reporting
every-post I read by him reads like he is desperately searching for a way to connect his dots in such a manor that gives credit to his theory anyone or anything that is coperate or not "open" is evil and is out to get him

yeaaaaaaaaaaaaaaaaaaaaaaa take the tin foil hat off please
OneMoarfrankly I really don't care the more he writes the more people think he is out of his gourd sooner or later the shit will hit the fan
/out
One Moar thing....please use the edit instead of multiple posts;)
Posted on Reply
#84
qubit
Overclocked quantum bit
OneMoarno he should't be linking at all in fact he should't be writing at all
everyone of his posts is a mixture of assumptions and FUD he has YET you show any credible proof of anything he is reporting
every-post I read by him reads like he is desperately searching for a way to connect his dots in such a manor that gives credit to his theory anyone or anything that is coperate or not "open" is evil and is out to get him

yeaaaaaaaaaaaaaaaaaaaaaaa take the tin foil hat off please
I should add that that kind of reporting is EXACTLY whats wrong with journalism today and its the kind of thing I can't stand
Because I can see that you're making a lot of sense... :rolleyes:
OneMoarfrankly I really don't care the more he writes the more people think he is out of his gourd sooner or later the shit will hit the fan
/out
In your opinion, of course. Note the following:

- It's not possible to please everyone all the time. A lot of people appreciate my articles - thankyou :toast:
- You trash my news, but naturally offer no reasonable counter argument
- If you don't like my articles, then why do you read them and then whinge pathetically every time? They are very simple to avoid
- There's the comments section of TPU. If you have to whinge about them, do it there and quit crapping and derailing my news threads
- You say I'm talking rubbish, but that's just your opinion. I see nothing that makes your opinion more valid than mine and I know you don't either
- Please don't double post
- You really are very rude and offensive. How would you like it if someone kept calling for you to lose your job? You've already had some of your worst posts deleted. :nutkick: Get a life
Posted on Reply
Add your own comment
Apr 25th, 2024 16:12 EDT change timezone

Latest GPU Drivers

New Forum Posts

Popular Reviews

Controversial News Posts