1. Главная
2. Ned in the Cloud

Ned and Chris explore a newly discovered flaw in UEFI Secure Boot that’s led to a critical OEM blunder that allows rootkit attacks, and the only fix is a potentially daunting firmware update.



Secure Boot’s Achilles’ Heel


Ned and Chris dive into a freshly uncovered flaw in the Secure Boot process of PCs using UEFI firmware. They trace the evolution of boot processes from ENIAC’s manual grind to today’s automated systems, highlighting the crucial role of cryptographic keys in blocking unauthorized code. Along the way, they expose a serious blunder where some OEMs carelessly included untrusted platform keys in their UEFI firmware, opening the door to rootkit attacks. The fix? A firmware update—if you’re brave enough to handle it.


Links

• Binarly post (https://www.binarly.io/blog/pkfail-un...)
• Keys in the Intel Boot Process (https://eclypsium.com/blog/the-keys-t...)
• How Bootguard works (https://trmm.net/Bootguard/#chain-of-...)
• Securing the Boot Process (https://dl.acm.org/doi/fullHtml/10.11...)
• Bootstrapping (https://en.wikipedia.org/wiki/Bootstr...)
• X86 Boot Process with BIOS (https://wiki.gentoo.org/wiki/System_I...)
• BlackLotus UEFI Bootkit (https://www.binarly.io/blog/the-untol...)

play_arrow

1,791

89

Моя душа настроена на осень... - В музыке Сергея Чекалина "Летний день".

play_arrow

461

7

Новинка 2021, Свежачок фильмец только на канале Отдых Дома МОЛОДОЙ МУЖ Новые мелодрамы Россия

play_arrow

80

7

Sunset Trio in a nutshell | policeverse

play_arrow

2,412

37

69000 शिक्षक भर्ती || 69.26 गुणांक से कम Gen वालें छात्र छात्राओं को ख़तरा ||

play_arrow

146

7

Carrier Split AC Error Code Problem Solution || Error Codes Problem Solve In This Video ||

play_arrow

50,400

625

KV-2 + Gravity Force = 💀💀💀

play_arrow

914

24

aesthetic forest video | aesthetic Polaroid photo | DAZZ Cam tutorial | cinematic visual

play_arrow

1,560

105

ЧИТЕРСКИЕ КОДЫ ШИНДО ЛАЙФ РОБЛОКС! ВСЕ КОДЫ Shindo Life roblox