Post by cjm on Aug 15, 2016 7:27:14 GMT
Bungling Microsoft singlehandedly proves that golden backdoor keys are a terrible idea
Microsoft leaked the golden keys that unlock Windows-powered tablets, phones and other devices sealed by Secure Boot – and is now scrambling to undo the blunder.
These skeleton keys can be used to install non-Redmond operating systems on locked-down computers. In other words, on devices that do not allow you to disable Secure Boot even if you have administrator rights – such as ARM-based Windows RT tablets – it is now possible to sidestep this block and run, say, GNU/Linux or Android.
What's more, it is believed it will be impossible for Microsoft to fully revoke the leaked keys.
And perhaps most importantly: it is a reminder that demands by politicians and crimefighters for special keys, which can be used by investigators to unlock devices in criminal cases, will inevitably jeopardize the security of everyone.
Microsoft's misstep was uncovered by two researchers, MY123 and Slipstream, who documented their findings here in a demoscene-themed writeup published on Tuesday. Slip believes Microsoft will find it impossible to undo its leak.
...
For debugging purposes, Microsoft created and signed a special Secure Boot policy that disables the operating system signature checks, presumably to allow programmers to boot and test fresh OS builds without having to sign each one.
If you provision this magic policy, that is, if you install it into your firmware, the Windows boot manager will not verify that it is booting an official Microsoft-signed operating system. It will boot anything you give it provided it is cryptographically signed, even a self-signed binary – like a shim that loads a Linux kernel.
The Register understands that this debug-mode policy was shipped on retail devices, and discovered by curious minds including Slip and MY123. The policy was effectively deactivated on these products but present nonetheless.
Now that golden policy has leaked onto the internet. It is signed by Microsoft's Windows Production PCA 2011 key. If you provision this onto your device or computer as an active policy, you'll disable Secure Boot. The policy is universal; it is not tied to any particular architecture or device. It works on x86 and ARM, on anything that uses the Windows boot manager.
...
To reiterate, these Microsoft-signed resources – the debug-mode policy and the EFI installation tool – are only meant to be used by developers debugging drivers and other low-level operating system code. In the hands of Windows RT slab owners, whose devices are completely locked down, they become surprisingly powerful.
It's akin to giving special secret keys to the police and the Feds that grant investigators full access to people's devices and computer systems. Such backdoor keys can and most probably will fall into the wrong hands: rather than be used exclusively for fighting crime, they will be found and exploited by criminals to compromise communications and swipe sensitive personal information.
Anyone who thinks government servers holding these keys are safe need only be reminded of the OPM megahack; anyone who thinks these keys cannot be extracted from software or hardware need only spend a weekend with a determined reverse-engineer and a copy of IDA Pro.
The Secure Boot policies Microsoft is rushing to revoke can't be used to backdoor conversations or remotely hijack systems, but they remind us that this kind of information rarely stays secret.
Microsoft leaked the golden keys that unlock Windows-powered tablets, phones and other devices sealed by Secure Boot – and is now scrambling to undo the blunder.
These skeleton keys can be used to install non-Redmond operating systems on locked-down computers. In other words, on devices that do not allow you to disable Secure Boot even if you have administrator rights – such as ARM-based Windows RT tablets – it is now possible to sidestep this block and run, say, GNU/Linux or Android.
What's more, it is believed it will be impossible for Microsoft to fully revoke the leaked keys.
And perhaps most importantly: it is a reminder that demands by politicians and crimefighters for special keys, which can be used by investigators to unlock devices in criminal cases, will inevitably jeopardize the security of everyone.
Microsoft's misstep was uncovered by two researchers, MY123 and Slipstream, who documented their findings here in a demoscene-themed writeup published on Tuesday. Slip believes Microsoft will find it impossible to undo its leak.
...
For debugging purposes, Microsoft created and signed a special Secure Boot policy that disables the operating system signature checks, presumably to allow programmers to boot and test fresh OS builds without having to sign each one.
If you provision this magic policy, that is, if you install it into your firmware, the Windows boot manager will not verify that it is booting an official Microsoft-signed operating system. It will boot anything you give it provided it is cryptographically signed, even a self-signed binary – like a shim that loads a Linux kernel.
The Register understands that this debug-mode policy was shipped on retail devices, and discovered by curious minds including Slip and MY123. The policy was effectively deactivated on these products but present nonetheless.
Now that golden policy has leaked onto the internet. It is signed by Microsoft's Windows Production PCA 2011 key. If you provision this onto your device or computer as an active policy, you'll disable Secure Boot. The policy is universal; it is not tied to any particular architecture or device. It works on x86 and ARM, on anything that uses the Windows boot manager.
...
To reiterate, these Microsoft-signed resources – the debug-mode policy and the EFI installation tool – are only meant to be used by developers debugging drivers and other low-level operating system code. In the hands of Windows RT slab owners, whose devices are completely locked down, they become surprisingly powerful.
It's akin to giving special secret keys to the police and the Feds that grant investigators full access to people's devices and computer systems. Such backdoor keys can and most probably will fall into the wrong hands: rather than be used exclusively for fighting crime, they will be found and exploited by criminals to compromise communications and swipe sensitive personal information.
Anyone who thinks government servers holding these keys are safe need only be reminded of the OPM megahack; anyone who thinks these keys cannot be extracted from software or hardware need only spend a weekend with a determined reverse-engineer and a copy of IDA Pro.
The Secure Boot policies Microsoft is rushing to revoke can't be used to backdoor conversations or remotely hijack systems, but they remind us that this kind of information rarely stays secret.