PKfail: 800+ Major PC Models have Insecure ‘Secure Boot’
Hundreds of PC models from vendors such as HP, Lenovo, Dell, Intel, Acer and Gigabyte shipped with useless boot protection—using private keys that aren’t private.
“Secure Boot is completely broken,” scream the headlines. Why? A team of researchers from Santa Monica have found countless flaws in the way major PC vendors manage the crypto keys that keep your PC’s boot process trustworthy. And the problem started at least 12 years ago.
The researchers are calling it PKfail. In today’s SB Blogwatch, we scramble to rotate our keys.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Poopy Paris pictograms.
Big BIOS Bother
What’s the craic? Dan Goodin reports: Secure Boot is completely broken
“Virtually all major device manufacturers”
In 2012, an industry-wide coalition … adopted Secure Boot to protect against a long-looming security threat: … Malware that could infect the BIOS—the firmware that loaded the operating system each time a computer booted up. … Key players in security—among them Microsoft and the US National Security Agency—regard Secure Boot as an important, if not essential, foundation of trust in securing devices.
…
[But] Secure Boot is completely compromised on [many] device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: A cryptographic key underpinning Secure Boot on those models that was compromised in 2022. … Security experts say it effectively torpedoes the security assurances offered by Secure Boot … because the private portion of them is an open industry secret.
…
The researchers soon discovered … a much bigger supply-chain breakdown that raises serious doubts about the integrity of Secure Boot on … additional device models from virtually all major device manufacturers [e.g.,] HP, Lenovo. … An additional 21 platform keys contain the strings “DO NOT SHIP” or “DO NOT TRUST” [and] were never intended to be used in production systems. Instead, AMI provided them to customers or prospective customers for testing.
How many models? Count on Sergiu Gatlan to tell us: PKfail Secure Boot bypass lets attackers install UEFI malware
“Monitor firmware updates”
The UEFI device makers who used untrusted test keys across 813 products. … Successfully exploiting this issue allows threat actors with access to vulnerable devices … to deploy UEFI malware like CosmicStrand and BlackLotus.
…
Vendors are advised to generate and manage the Platform Key by following cryptographic key management best practices, such as Hardware Security Modules, [and] replace any test keys. … Users should monitor firmware updates issued by device vendors and apply any security patches addressing the PKfail supply-chain issue as soon as possible.
Horse’s mouth? Alex Matrosov and rest of the Binarly team: PKfail: Untrusted Platform Keys Undermine Secure Boot
“VU#455367”
Secure Boot has always been the holy grail of platform security, and many security features at the operating system layer depend on its integrity. … An attacker with access to the private part of the … Platform Key (PK) … can easily bypass Secure Boot.
…
[We] discovered a significant supply chain security incident. … It affects both x86 and ARM devices. [It] highlights multiple security problems related to device supply chain security:
• Poor cryptographic materials management. …
• Non-production cryptographic keys. …
• No rotation of the platform security cryptographic keys per product line. …
• Same platform security-related cryptographic keys for … different device manufactures.
…
The devices … are still deployed in the field, and the key is also being used in recently released enterprise devices. [We’re] closely working with the CERT/CC team on VU#455367 to help mitigate PKfail.
What’s the threat model here? acdha explains:
If you steal my laptop [and] install malware which takes over the boot process, you get that data as soon as I type in my password. … Imagine if you get 15 minute alone in someone’s office: … Not enough time to open the case up but plenty to toss a USB drive in and reboot.
…
Until Secure Boot is … robust, nobody can easily tell whether hardware they’ve lost control of can be trusted. [But] it’s begrudging lowest-bidder compliance and clearly not something many vendors are taking pride in.
What a mess. And u/ACCount82 isn’t surprised:
Secure Boot [is] one of the most worthless and, at times, anti-consumer “security measures” imaginable. Not at all surprised to see vendors treat it with all the care and respect it deserves.
Aside from Binarly’s generic ideas, what can IT do? devslash0 urges you to “get your own key:”
Both PK and KEK used by Secure Boot are user-replaceable and I generated and installed my own keys within the first day of owning my ThinkPad. It’s just common sense. Why on Earth would you allow keys issued by a 3rd party to remain on your system beyond the setup phase?
Why indeed? Hizonner agrees with both:
Platform keys can be replaced given physical access to the computer. … The problem here is in trusting, nay expecting, your average motherboard maker to either know anything about key management or give a **** about key management.
This problem lasted at least 12 years, though? Riddler876 seems to imply an implication:
They’re test keys with “DO NOT SHIP” in them. … Let’s find out how that was allowed to ship for so long.
But who could have seen this coming? At the time, bill_mcgonigle told you so:
We told them so. … Comments from when Secure Boot was being implemented were full of warnings that these sorts of problems were inevitable.
Meanwhile, for balance, here’s u/COMPUTER1313:
Printer drivers: “Allow us to introduce our horrors.”
And Finally:
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.