AMIBIOS Source Code and AMI's UEFI Signing Key Leaked

btarunr · Apr 7, 2013

An FTP server in Taiwan that could be publicly accessed, leaked the source code of AMI Aptio UEFI BIOS, including AMI's unique UEFI signing test key. The utterly irresponsible act of holding such sensitive data on public FTPs is suspected to be committed by motherboard vendor Jetway. In doing so, the company may have compromised security of every motherboard (across vendors) running AMI Aptio UEFI BIOS. Most socket LGA1155 and FM2 motherboards, and some socket AM3+ motherboards run AMI Aptio.

Among the leaked bits of software include the source code of AMI BIOS, Aptio, and AMI's UEFI test signing key, which is used by all its clients to sign their BIOS updates. Signing ensures that BIOS updating software verifies the update is genuine, and coming from the motherboard manufacturer. With this key out, malware developers can develop malicious BIOS updates, hack motherboard vendors' customer support websites, and replace legitimate BIOS updates with their malicious ones. Control over the system BIOS could then give hackers access to most ring-0 OS functions.

"By leaking this key and the firmware source, it is possible (and simple) for others to create malicious UEFI updates that will be validated & installed for the vendor's products that use this firmware. If the vendor used this same key for other products - the impact could be even worse," writes Adam Caudill, who along with Brandon Wilson, discovered the open FTP server. "This kind of leak is a dream come true for advanced corporate espionage or intelligence operations. The ability to create a nearly undetectable, permanent hole in a system's security is an ideal scenario for covert information collection," he added.

View at TechPowerUp Main Site

FordGT90Concept · Apr 7, 2013

Look on the bright side: this may mean BIOS can be updated to eliminate secure boot (aka DRM).

The Von Matrices · Apr 7, 2013

I guess people with Samsung laptops can now finally use them with operating systems other than Windows.

cdawall · Apr 7, 2013

Go jetway!

spectatorx · Apr 7, 2013

"Malicous firmware/bios/uefi" a.k.a. firmware/bios/uefi allowing user to do with bought device anything user wish to.

Frick · Apr 7, 2013

spectatorx said:
"Malicous firmware/bios/uefi" a.k.a. firmware/bios/uefi allowing user to do with bought device anything user wish to.

Or, you know, allowing people to install serious malware.

Animalpak · Apr 7, 2013

So maybe the virus now can be inside the motherboard not anymore on HardDisk ?

And then how you clean the motherboard bios ? Buying new one ?

_JP_ · Apr 7, 2013

Animalpak said:
So maybe the virus now can be inside the motherboard not anymore on HardDisk?

Yes, it WILL be in the motherboard, not the HDD.

Animalpak said:
And then how you clean the motherboard bios ? Buying new one ?

No. You just have to remove the infected chip out and install a clean one, or just reprogram (with an external programmer) the infected one, just like in the CIH days.

Kreij · Apr 7, 2013

AMI responded two days ago

TheoneandonlyMrK · Apr 7, 2013

Kreij said:
AMI responded two days ago

Cheers that's reassuring to know.

Sabishii Hito · Apr 7, 2013

I forgot AMI's HQ was only about 20 minutes away from where I live.

Ferrum Master · Apr 7, 2013

good news... I hated that thing... DRM is double edged sword that is implemented in very wrong fashion... shoo shoo get lost... I want to really own the device I buy, not just lend it...

syeef · Apr 7, 2013

Kreij said:
AMI responded two days ago

"Unnamed Taiwan Vendor" lol.

Rebel333 · Apr 7, 2013

This might excellent news, does this mean we are going to see more customizable bios, such as adding memory timings, overclocking CPU, GPU, changing voltages, etc in Samsung laptops?

cadaveca · Apr 7, 2013

Rebel333 said:
This might excellent news, does this mean we are going to see more customizable bios, such as adding memory timings, overclocking CPU, GPU, changing voltages, etc in Samsung laptops?

Nope.

I've got AMI UEFI editing tools. I posted I had them many months ago.

When you go to update BIOS, the BIOS is checked if it is "official" BIOS. This is the mechanism that prevents you from flashing BIOS from a different product to your board.

So, now, someone could write "I LOVE SPAGETTINI" a billion times, and your board would flash it to the BIOS chip, thinking it was a BIOS.

And I got my softwares off of Jetway's FTP as well. This is hardly new news, honestly, Jetway's FTP was open for a long long time(literally years), as was ASUS's(again, years, you can find lots of posts about it), and several other board makers. Today, all these FTP's are blocked from open public access.

Seems like Adam Caudill was just looking for some traffic! Publically leaking that key and other infos is very much a dick move.

Jorge · Apr 7, 2013

It's sad and malicious that some companies are so callous.

PopcornMachine · Apr 7, 2013

Well I guess no other hum had done something incredibly insanely stupid today.

Someone had to step up and do it.

That's the problems with the keys and certificates and stuff. Good in theory, but you've got to consider the weakest link in the chain.

Depresses that I too am a member of this ignoble group.

Ok, rant over. Have a nice day.

Steven B · Apr 7, 2013

there are some leaked tools out there already that will allow you to flash boards with a BIOS not for that board. However this is great, because now vendors will have to one up their security, i mean do you guys think their security was so low that any motherboard maker could hack eath other's UEFI? Some vendors don't allow such easy access to their UEFI's as they have ot make up their own modules, for instance memory OC profiles is a custom module, as is UEFI profile sharing, and other stuff like that. I mean sure there are some vendors who don't use much security, some very big ones too, but other vendors can put on good security, which will probably become even greater with this.

I am sure AMI with their nice monopoly will do something about it.

ironwolf · Apr 8, 2013

The vendor had the following to say:

MadMan007 · Apr 8, 2013

Kreij said:
AMI responded two days ago

^ And that's all we need to know. Nothing to see here people, move along.

hkbeta · Apr 8, 2013

great article... or not

Let me tell you something else. On a public FTP there is the source code for Windows 8. And on the same *public* FTP there is the complete source code for World of Warcraft (all of them). And on another public ftp you can find a program that let's you decrypt any encrypted ZIP and RAR file. And of course there's a FTP where you can find... nevermind, I think you got the point.

So techpowerup editors please start and write about all of the above, no need for a link to the FTP, if I tell you it's true, then it's true. Or should I write this on a blog to believe me?

W1zzard · Apr 8, 2013

hkbeta said:
Let me tell you something else. On a public FTP there is the source code for Windows 8. And on the same *public* FTP there is the complete source code for World of Warcraft (all of them). And on another public ftp you can find a program that let's you decrypt any encrypted ZIP and RAR file. And of course there's a FTP where you can find... nevermind, I think you got the point.

So techpowerup editors please start and write about all of the above, no need for a link to the FTP, if I tell you it's true, then it's true. Or should I write this on a blog to believe me?

You can find the leaked AMI source code yourself, it's not that difficult.

Baum · Apr 8, 2013

posting a link just poses more risk than use for tpu...
use your giyf skills or you are wrong here anyway

well i wasn't able to get the source code myself just to see it out of curiosity :rolleyes:

btarunr · Apr 8, 2013

hkbeta said:
So techpowerup editors please start and write about all of the above, no need for a link to the FTP, if I tell you it's true, then it's true. Or should I write this on a blog to believe me?

www.google.com

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	Gigabyte B550 AORUS Elite V2
Cooling	DeepCool Gammax L240 V2
Memory	2x 16GB DDR4-3200
Video Card(s)	Galax RTX 4070 Ti EX
Storage	Samsung 990 1TB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

System Name	BY-2021
Processor	AMD Ryzen 7 5800X (65w eco profile)
Motherboard	MSI B550 Gaming Plus
Cooling	Scythe Mugen (rev 5)
Memory	2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s)	AMD Radeon RX 7900 XT
Storage	Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s)	Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case	Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s)	Realtek ALC1150, Micca OriGen+
Power Supply	Enermax Platimax 850w
Mouse	Nixeus REVEL-X
Keyboard	Tesoro Excalibur
Software	Windows 10 Home 64-bit
Benchmark Scores	Faster than the tortoise; slower than the hare.

System Name	My Surround PC
Processor	AMD Ryzen 9 7950X3D
Motherboard	ASUS STRIX X670E-F
Cooling	Swiftech MCP35X / EK Quantum CPU / Alphacool GPU / XSPC 480mm w/ Corsair Fans
Memory	96GB (2 x 48 GB) G.Skill DDR5-6000 CL30
Video Card(s)	MSI NVIDIA GeForce RTX 4090 Suprim X 24GB
Storage	WD SN850 2TB, Samsung PM981a 1TB, 4 x 4TB + 1 x 10TB HGST NAS HDD for Windows Storage Spaces
Display(s)	2 x Viotek GFI27QXA 27" 4K 120Hz + LG UH850 4K 60Hz + HMD
Case	NZXT Source 530
Audio Device(s)	Sony MDR-7506 / Logitech Z-5500 5.1
Power Supply	Corsair RM1000x 1 kW
Mouse	Patriot Viper V560
Keyboard	Corsair K100
VR HMD	HP Reverb G2
Software	Windows 11 Pro x64
Benchmark Scores	Mellanox ConnectX-3 10 Gb/s Fiber Network Card

System Name	Moving into the mobile space
Processor	7940HS
Motherboard	HP trash
Cooling	HP trash
Memory	2x8GB
Video Card(s)	4070 mobile
Storage	512GB+2TB NVME
Display(s)	some 165hz thing that isn't as nice as it sounded

System Name	Smooth-Operator
Processor	AMD Ryzen 7 3800x
Motherboard	Asrock x570 Taichi
Cooling	AMD Wraith Prism
Memory	2x16GB 3200MHz CL16@CL14 DDR4
Video Card(s)	Sapphire Radeon RX 580 8GB NITRO+
Storage	2x4TB WD HGST 7K6 7200RPM 256MB
Display(s)	Samsung S24E370DL 24" IPS Freesync 75Hz
Case	Fractal Design Focus G Window Blue
Audio Device(s)	Creative X-Fi Titanium PCIe x1
Power Supply	Corsair HX850 80+ Platinum
Mouse	Gigabyte Aorus M3
Keyboard	Zalman ZM-K300M
Software	Windows 10 x64 Enterprise/Ubuntu Budgie amd64

AMIBIOS Source Code and AMI's UEFI Signing Key Leaked

btarunr

Editor & Senior Moderator

FordGT90Concept

"I go fast!1!11!1!"

The Von Matrices

cdawall

where the hell are my stars

spectatorx

Frick

Fishfaced Nincompoop

Animalpak

_JP_

Kreij

Senior Monkey Moderator

TheoneandonlyMrK

Sabishii Hito

Ferrum Master

syeef

Rebel333

New Member

cadaveca

My name is Dave

Jorge

PopcornMachine

Steven B

ironwolf

MadMan007

hkbeta

New Member

W1zzard

Administrator

Baum

btarunr

Editor & Senior Moderator

System Name	Black MC in Tokyo
Processor	Ryzen 5 7600
Motherboard	MSI X670E Gaming Plus Wifi
Cooling	Be Quiet! Pure Rock 2
Memory	2 x 16GB Corsair Vengeance @ 6000Mhz
Video Card(s)	XFX 6950XT Speedster MERC 319
Storage	Kingston KC3000 1TB \| WD Black SN750 2TB \|WD Blue 1TB x 2 \| Toshiba P300 2TB \| Seagate Expansion 8TB
Display(s)	Samsung U32J590U 4K + BenQ GL2450HT 1080p
Case	Fractal Design Define R4
Audio Device(s)	Plantronics 5220, Nektar SE61 keyboard
Power Supply	Corsair RM850x v3
Mouse	Logitech G602
Keyboard	Dell SK3205
Software	Windows 10 Pro
Benchmark Scores	Rimworld 4K ready!

Processor	i9 9900KS ( 5 Ghz all the time )
Motherboard	Asus Maximus XI Hero Z390
Cooling	EK Velocity + EK D5 pump + Alphacool full copper silver 360mm radiator
Memory	16GB Corsair Dominator GT ROG Edition 3333 Mhz
Video Card(s)	ASUS TUF RTX 3080 Ti 12GB OC
Storage	M.2 Samsung NVMe 970 Evo Plus 250 GB + 1TB 970 Evo Plus
Display(s)	Asus PG279 IPS 1440p 165Hz G-sync
Case	Cooler Master H500
Power Supply	Asus ROG Thor 850W
Mouse	Razer Deathadder Chroma
Keyboard	Rapoo
Software	Win 10 64 Bit

System Name	LenovoⓇ ThinkPad™ T430
Processor	IntelⓇ Core™ i5-3210M processor (2 cores, 2.50GHz, 3MB cache), Intel Turbo Boost™ 2.0 (3.10GHz), HT™
Motherboard	Lenovo 2344 (Mobile Intel QM77 Express Chipset)
Cooling	Single-pipe heatsink + Delta fan
Memory	2x 8GB KingstonⓇ HyperX™ Impact 2133MHz DDR3L SO-DIMM
Video Card(s)	Intel HD Graphics™ 4000 (GPU clk: 1100MHz, vRAM clk: 1066MHz)
Storage	SamsungⓇ 860 EVO mSATA (250GB) + 850 EVO (500GB) SATA
Display(s)	14.0" (355mm) HD (1366x768) color, anti-glare, LED backlight, 200 nits, 16:9 aspect ratio, 300:1 co
Case	ThinkPad Roll Cage (one-piece magnesium frame)
Audio Device(s)	HD Audio, RealtekⓇ ALC3202 codec, DolbyⓇ Advanced Audio™ v2 / stereo speakers, 1W x 2
Power Supply	ThinkPad 65W AC Adapter + ThinkPad Battery 70++ (9-cell)
Mouse	TrackPointⓇ pointing device + UltraNav™, wide touchpad below keyboard + ThinkLight™
Keyboard	6-row, 84-key, ThinkVantage button, spill-resistant, multimedia Fn keys, LED backlight (PT Layout)
Software	MicrosoftⓇ WindowsⓇ 10 x86-64 (22H2)

System Name	RyzenGtEvo/ Asus strix scar II
Processor	Amd R5 5900X/ Intel 8750H
Motherboard	Crosshair hero8 impact/Asus
Cooling	360EK extreme rad+ 360$EK slim all push, cpu ek suprim Gpu full cover all EK
Memory	Gskill Trident Z 3900cas18 32Gb in four sticks./16Gb/16GB
Video Card(s)	Asus tuf RX7900XT /Rtx 2060
Storage	Silicon power 2TB nvme/8Tb external/1Tb samsung Evo nvme 2Tb sata ssd/1Tb nvme
Display(s)	Samsung UAE28"850R 4k freesync.dell shiter
Case	Lianli 011 dynamic/strix scar2
Audio Device(s)	Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro headset
Power Supply	corsair 1200Hxi/Asus stock
Mouse	Roccat Kova/ Logitech G wireless
Keyboard	Roccat Aimo 120
VR HMD	Oculus rift
Software	Win 10 Pro
Benchmark Scores	laptop Timespy 6506

System Name	HELLSTAR
Processor	AMD RYZEN 9 5950X
Motherboard	ASUS Strix X570-E
Cooling	2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory	4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s)	Sapphire Pulse RX 7900XTX. Water block. Crossflashed.
Storage	Optane 900P[Fedora] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO+SN560 1TB(W11)
Display(s)	Philips PHL BDM3270 + Acer XV242Y
Case	Lian Li O11 Dynamic EVO
Audio Device(s)	SMSL RAW-MDA1 DAC
Power Supply	Fractal Design Newton R3 1000W
Mouse	Razer Basilisk
Keyboard	Razer BlackWidow V3 - Yellow Switch
Software	FEDORA 41

System Name	WorkStation
Processor	Intel i7 3770k @ 4.4GHz
Motherboard	ASRock Z77 Extreme6
Cooling	Corsair H110 Water Cooler AIO
Memory	Corsair Vengeance 8GB DDR3 1600MHz
Video Card(s)	MSI GTX680 Twin Frozr III OC
Storage	WD 1TB Sata III
Display(s)	Samsung 22-inch LED 1080p
Case	Corsair Carbide Air 540
Audio Device(s)	Onboard Realtek 898 HD
Power Supply	Corsair CS750M Gold
Software	Windows 8.1 Pro x64

System Name	Vulcan
Processor	i6 6600K
Motherboard	GIGABYTE Z170X UD3
Cooling	Thermaltake Frio Silent 14
Memory	16GB Corsair Vengeance LPX 16GB (2 x 8GB)
Video Card(s)	ASUS Strix GTX 970
Storage	Mushkin Enhanced Reactor 1TB SSD
Display(s)	QNIX 27 Inch 1440p
Case	Fractal Design Define S
Audio Device(s)	On Board
Power Supply	Cooler Master V750
Software	Win 10 64-bit

Processor	Ryzen 7 5700X
Memory	48 GB
Video Card(s)	RTX 4080
Storage	2x HDD RAID 1, 3x M.2 NVMe
Display(s)	30" 2560x1600 + 19" 1280x1024
Software	Windows 10 64-bit

System Name	ChaosMoes
Processor	Intel® Core™ i5-3570K no OC yet
Motherboard	Asrock Z77 Extreme4
Cooling	Scythe Ninja 3 Rev. B
Memory	16GB 2xPatriot DIMM 8 GB DDR3-1866 Kit (PV38G186C9KRD, Viper 3 Venom Red)
Video Card(s)	ASRock Radeon RX 590 Phantom Gaming X 8GB GDDR5 188€@13.07.19 Amazon Sale
Storage	Samsung 840 Pro SSD 256GB, + ST32000645NS Seagate Constellation 109€ reichelt.de 2012
Display(s)	27" Phillips PHL 276E9Q 189€ @ Saturn(Germany) 1.09.2018
Case	Zaria A20 !!!THANK YOU TECHPOWERUP.COM!!!
Audio Device(s)	onboard Sound
Power Supply	SeaSonic Prime Ultra Titanium 750W
Mouse	Logitech M705
Keyboard	Microsoft SideWinder X4 Keyboard
Software	Windows 10 Pro x64