site Search:


 
    All Forums Hot Topics Gallery






how-to block ads


 
Search Topic:
Uniqs:
59
Share Topic
view:
normal
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


norwegian
Premium
join:2005-02-15
Outback
Reviews:
·WestNet Broadband

AMIBIOS Source Code and AMI's UEFI Signing Key Leaked

I just read about this Here »AMIBIOS Source Code and AMI's UEFI Signing Key Leaked in the hardware forum.
Thanks go to Octavean See Profile for posting it.

»www.techpowerup.com/182484/AMIBI···ked.html

An FTP server in Taiwan that could be publicly accessed, leaked the source code of AMI Aptio UEFI BIOS, including AMI's unique UEFI signing test key.

Among the leaked bits of software include the source code of AMI BIOS, Aptio, and AMI's UEFI test signing key, which is used by all its clients to sign their BIOS updates.

Official AMI comment can be found here

•Recent disclosures via the personal blog site of an industry blogger and researcher detailed the discovery of a “leaky” FTP server from an unnamed Taiwan-based vendor containing AMI UEFI BIOS source code and suspected security key data among various internal data
•AMI would like to clarify that this leak is not the fault of AMI and is not a result of a security lapse on AMI’s behalf
•In response, AMI states that this is not a general security threat which could “create a nearly undetectable, permanent hole in a system’s security” if the manner in which production-level BIOS is signed and created uses a production key.

All of the boot protection measures of the new Windows 8 secure boot becomes null and void I would think with something like this if the bios could be flashed without too much user intervention, however I would imagine there would have to be some defined prompts for users if their system bios was requested to be updated with tools like Win Flash as part of the exploit kit.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke



kickass69

join:2002-06-03
Lake Hopatcong, NJ

Goes to show old school BIOS is still the better way to go.


Sunday, 07-Apr 19:58:34 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics