Is your device permanently compromised?If your device has been affected, you might receive compensation in form of a 2" x 3" sticker, a hacky sack, or a holographic book marker. 200 Different models guaranteed fucked, another 300 in question.
>>101571380>Secure Boot permanently compromisedAnd that's a good thing.
>>101571380*yawn* I'm so tired of these pointless FUD articles.If you actually read the vulnerability reports on most of these, the attacker has to have local access to your machine and needs to literally have access to your CPU or mobo component to make the attack. If you have an intruder in your house you have more things to worry about than your 5 TB anime collection getting leaked.
>>101571380secure boot: offmitigations=off
>>101571380What is secureboot and why is this important?
>>101571560me on the left
>>101571588-Ofasteverything running as root
>>101571608It stops evil maids from tampering with your OS.
>>101571723Passwords not maskedProjected onto the wall of a coffee shop
>>101571760Evil maid is still and always will be possible (physical access/rubber ducky usb, etc...)physical access is not needed anymore for rootkits boomer.
>>101571560Yawnposters will go to the gulag
>>101571380>Secure Boot
>>101571770even better,password is 123
>>101571380good. this was used exclusively as drm for windows
Maybe that one moron always shilling tpms and secboot can finally fuck off.
>>101572293no password and an applescript clicking ok automatically
>>101571815The gulag is, ironically, really well protected against westoid shenanigans so it can't be that bad.
>>101571608basically unsigned drivers cant hijack your os anymore. everything needs a signature from microsoft. this is partially why the crowdstrike shit happened btw. crowdstrike made a faulty driver and microsoft signed it.
>>101571560>the attacker has to have local access to your machine???https://www.youtube.com/watch?v=SPl7zfC-CmQany malware that has high privs could do this...
>>101571560My wives Miku and Rin
>>101573090>basically unsigned drivers cant hijack your os anymore.many cases of malware stealing signing keys and signing their own code, faggot. similar shit has happened with apple as well. >basicallybasically you're wrong.
This is why you should be using TPM
>>101573026I just mail my computer directly to NSA headquarters and buy a new one every year
>>101571380You require physical access if they already have physical access. You're already fucked anyway.
>>101575207>You require physical accessno. see >>101573970
>>101573970>if you give someone a copy of your private key they can sign things with it
>>101576107... that's the whole point of the article: they found the keys. and you can sign things parts of many systems that are high privilege with those keys.
>>101576198Which is why resetting the platform key is the first thing I do when I buy a new system.
>>101571380>Keys were labelled do not trustGood thing I wipe the keystore and self-sign, then!
>>101571380>Have "compromised" secure boot>Nothing is different from before except that you're immune to any rootkit older than whenever the Microsoft key leaked (although you probably weren't vulnerable to anything that old anyway)Wow, it's nothing.
>>101571560That is one perfectly flat migu with a cute tummyalso rin i guess
>>101574153>many cases of malware stealing signing keys and signing their own codeonly if its installed locally and with trustedinstaller privilege with is greater than admin, you stupid cunt jit
>>101571560dumb tranime poster the clownstrike attack just proved that windows has a contingency where 15 back to back failed reboots bypasses tpm, bitlocker, etc and drops the user into safe mode with admin none of this stuff matters
I don't use secure boot. I don't even use UEFI. So this is not my problem.
>>101571502>HVCI enabledFucking retard.
>>101578911malware that writes itself to your ssd's firmware and stays resident even if the drive is wiped existed ten years agothats the whole reason we sign drivers nowgood luck with that shit
>>101571801>physical access>rubber ducky>on my LINUX OS (the best OS there is btw) which I never leave without locking, requiring my 30000000000 characters password to open, whilst everything being LUKS encrypted, and with secureboot confirming my bios has not been tampered withlmaolol evenAlso I force my maids to dress as slutty anime maids, it's legal in my country
>>101576220Right?>COMPLETELY BROKEN>PERMANENTLY COMPROMISED>oh actually a key leakedWhat kind of loser doesn't>install gentooimmediately anyway.Out of 3 computers with secure boot enabled, only the gaymen desktop has any keys that aren't my own. To dual boot for a single game that doesn't play well with penguins.
>>101571560These little girls belong to Islam.
>>101571380But i dont use insecureboot
you safe?>[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI PK).bytes) -match "DO NOT TRUST|DO NOT SHIP"
>>101571560>If you have an intruder in your house you have more things to worry about than your 5 TB anime collection getting leaked.Unsuspected relatives and/or having been a witness to a crime. Don't ask me how I know.
>>101580845how you know?
>>101571380Implying there was ever such a thing as secure boot