Home
JAQForum Ver 24.01
Log In or Join  
Active Topics
Local Time 04:39 25 Nov 2024 Privacy Policy
Jump to

Notice. New forum software under development. It's going to miss a few functions and look a bit ugly for a while, but I'm working on it full time now as the old forum was too unstable. Couple days, all good. If you notice any issues, please contact me.

Forum Index : Microcontroller and PC projects : Windows Secure Boot compromised....

Author Message
Grogster

Admin Group

Joined: 31/12/2012
Location: New Zealand
Posts: 9306
Posted: 06:36am 27 Jul 2024
Copy link to clipboard 
Print this post

It's not been a good week for Microsoft, security wise.

Granted - the CrowdStrike issue was not a MS issue PER-SE', but....

Windows Secure-Boot compromised...
Smoke makes things work. When the smoke gets out, it stops!
 
Mixtel90

Guru

Joined: 05/10/2019
Location: United Kingdom
Posts: 6781
Posted: 06:59am 27 Jul 2024
Copy link to clipboard 
Print this post

And this one doesn't appear to be a Microsoft issue either. They seem to be doing quite well at the moment. :)
Mick

Zilog Inside! nascom.info for Nascom & Gemini
Preliminary MMBasic docs & my PCB designs
 
Rickard5

Guru

Joined: 31/03/2022
Location: United States
Posts: 463
Posted: 11:03am 27 Jul 2024
Copy link to clipboard 
Print this post

Wow you guys seamed shocked :). in my limited experience I'm so totally Shocked it's taken 45 + Years to figure it out, I mean I'm a Boarish Americans, I'm one of those America First, I wake up to God, Guns, and Bacon. While I Believe the USA Should be eon the top of the Tech world, we've waisted 50 years with INTEL Garbage, and now here we are 65 years latter, and the world is becoming an ARM World! My Mac, Phone, TV, and everything else is run by the Acorn RISC Machine! the world would have been better with ARM and RISC O/S than MicroSH%T Winblows on INTEL! I my self Chose unwisely in my youth, I was a Novel CNE, a SUN Certified Solution Provider, and an AT&T System V admin, you know  the Better More Secure Faster, superior Network Operating systems I can go on for hours how the ONLY Airline unaffected was a DFW Based Southwest that runs their whole airline on a C64 and Geos on 4 180k Floppies!
I may be Vulgar, but , while I'm poor, I'm Industrious, Honest,  and trustworthy! I Know my Place
 
Mixtel90

Guru

Joined: 05/10/2019
Location: United Kingdom
Posts: 6781
Posted: 11:15am 27 Jul 2024
Copy link to clipboard 
Print this post

Don't count your chickens...

Rule 1
Any system is only as secure and stable as far as it's next bug.

Rule 2
There is always another bug.

That airline had better have a good stock of spare C64s, power supplies, drives and floppy disks as none of them are manufactured now and some of the hardware has the availability of unicorn poo.  :)
Mick

Zilog Inside! nascom.info for Nascom & Gemini
Preliminary MMBasic docs & my PCB designs
 
JohnS
Guru

Joined: 18/11/2011
Location: United Kingdom
Posts: 3800
Posted: 01:08pm 27 Jul 2024
Copy link to clipboard 
Print this post

Is it right that to exploit the problem needs physical access to the machine?

John
 
Mixtel90

Guru

Joined: 05/10/2019
Location: United Kingdom
Posts: 6781
Posted: 02:41pm 27 Jul 2024
Copy link to clipboard 
Print this post

Not once a machine is compromised. With the secure boot compromised the rogue code is hidden but active. It can grab another payload without being discovered. It's in a firmware location where it can disable a virus scanner temporarily or permanently so that it can be loaded and installed - even after a complete reinstallation of the OS on a new hard disk.

This sort of thing is a nightmare.
Mick

Zilog Inside! nascom.info for Nascom & Gemini
Preliminary MMBasic docs & my PCB designs
 
Print this page


To reply to this topic, you need to log in.

© JAQ Software 2024