FWIS3

In memory of our guiding lights - Russ, Mike and Charlie - “To be a star, you must shine your own light, follow your own path, and don't worry about the darkness, for that is when the stars shine brightest”

Skip to content

Hahaha whoops

Post a reply

Hahaha whoops

Postby Cyborg Girl » Fri Aug 12, 2016 10:49 am

Remember how Windows Secure Boot was supposed to prevent boot sector malware, and also coincidentally block unsupported OSes from being installed?

Well, now it won't do either for much longer.

http://arstechnica.com/security/2016/08 ... olden-key/

D'oh!

I will just quote the discoverers:

About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of backdooring cryptosystems with a "secure golden key" is very bad! Smarter people than me have been telling this to you for so long, it seems you have your fingers in your ears.


This is why, when you use SSH, you set up a different private key for each of your client machines, rather than having one private key and copying it to all of them. That way, if one machine gets hacked, you can at least contain the damage...

But wait, this is Microsoft; they use RDP, not SSH. And in fact, they made the same mistake with RDP.

snoot:
User avatar
Cyborg Girl
Boy Genius
 
Posts: 2138
Joined: Mon May 27, 2013 2:54 am
Top

Re: Hahaha whoops

Postby Thumper » Fri Aug 12, 2016 11:35 am

Gullible Jones wrote:Remember how Windows Secure Boot was supposed to prevent boot sector malware, and also coincidentally block unsupported OSes from being installed?

Well, now it won't do either for much longer.

http://arstechnica.com/security/2016/08 ... olden-key/

D'oh!

I will just quote the discoverers:

About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of backdooring cryptosystems with a "secure golden key" is very bad! Smarter people than me have been telling this to you for so long, it seems you have your fingers in your ears.
I've been preaching this for years! :P

This is why, when you use SSH, you set up a different private key for each of your client machines, rather than having one private key and copying it to all of them. That way, if one machine gets hacked, you can at least contain the damage...

But wait, this is Microsoft; they use RDP, not SSH. And in fact, they made the same mistake with RDP.

snoot:
Look for the Helpers. You will always find people who are helping.
-Mr. Rogers' Mom
User avatar
Thumper
Ichi-Ban Tomodachi
 
Posts: 4224
Joined: Tue May 28, 2013 5:20 pm
Location: OH - IO
Top
Post a reply

Return to Sci-Tech… and Stuff

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Group
cron