• Thu. Nov 28th, 2024

Hard to believe but Secure Boot BIOS security has been compromised on hundreds of PC models from big brands because firmware engineers used four-letter passwords

Byadmin

Jul 26, 2024



Now, I’ll admit my own password hygiene isn’t always the best, though I have graduated from the days when I used “xxxxxx” for a few non-critical accounts under the reverse psychology assumption that it’s so obviously insecure, nobody would bother trying it. Genius, I know. But even I realise a four-character password is a big no-no.

And yet that’s exactly what was used to protect an encrypted file that was critical to the fundamental integrity of the Secure Boot, a UEFI BIOS security layer designed to ensure that a device boots using only the software that is trusted by the PC maker itself.



Source link