+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 29 of 29
General Chat Thread, Windows 8 Secure boot - Blocking hardware and software like nobodies business in General; Originally Posted by CAM Can't really leave the blame squarely in Microsoft's court though and eyes should fall on hardware ...
  1. #16


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by CAM View Post
    Can't really leave the blame squarely in Microsoft's court though and eyes should fall on hardware manufacturers and how they handle non-secure boot support. If worst comes to worst and Linux distros are forced to release a signed version, we may see one signed version rise to the top and provide the stability Linux needs for developers to work with it (instead of one billion distros with their own quirks and changes).
    The problem here is that if a key is released to a linux distribution, then to comply with the GPL it would have to be released to everyone, which null and voids the whole point of doing it.

    We can still install Linux on Mac's, so I'm not sure where the idea that this is apple's fault comes from?

  2. #17


    Join Date
    Mar 2009
    Location
    Leeds
    Posts
    6,589
    Thank Post
    228
    Thanked 856 Times in 735 Posts
    Rep Power
    296
    Wouldnt installing win8 pe in a similar way to lilo be a possible answer?

  3. #18

    Join Date
    May 2006
    Location
    West Bromwich
    Posts
    2,190
    Thank Post
    299
    Thanked 215 Times in 185 Posts
    Rep Power
    56
    How will this affect the upgrade path from Windows 7 to Windows 8? Would this mean that you would need new hardware to support the new security? If so then I can hardly see companies and schools going out a buying all new kit just to install an upgrade. Doesn't make sense.

    If indeed this is the case then MS should take this opportunity to eradicate support for old technology in their latest OS.

  4. #19
    morganw's Avatar
    Join Date
    Apr 2009
    Location
    Cambridge
    Posts
    816
    Thank Post
    46
    Thanked 132 Times in 126 Posts
    Rep Power
    39
    Quote Originally Posted by HodgeHi View Post
    How will this affect the upgrade path from Windows 7 to Windows 8? Would this mean that you would need new hardware to support the new security? If so then I can hardly see companies and schools going out a buying all new kit just to install an upgrade. Doesn't make sense.

    If indeed this is the case then MS should take this opportunity to eradicate support for old technology in their latest OS.
    Old hardware should be okay, but the restriction is necessary for new hardware that will be marketed as Windows 8 Certified. I imagine if you are selling OEM Windows 8 licences you will only be able to do so on such hardware as part of the agreement.

  5. #20

    Join Date
    Jan 2009
    Posts
    3
    Thank Post
    5
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by CAM View Post
    Looks to em like a decision influenced by the mobile market. Phone rooting is a big headache for device and OS manufacturers and Windows 8 has clear indications that it will be intended run on such devices. UEFI's signed rooting will make it harder to root and power the device on in seconds.

    Of course, for desktop computers the answer is to buy a UEFI motherboard capable of disabling secure boot. The question is how many cheap motherboards will come without such functionality.

    Can't really leave the blame squarely in Microsoft's court though and eyes should fall on hardware manufacturers and how they handle non-secure boot support. If worst comes to worst and Linux distros are forced to release a signed version, we may see one signed version rise to the top and provide the stability Linux needs for developers to work with it (instead of one billion distros with their own quirks and changes).
    Eh? Rooting phones is not a big issue for mobile phone providers (outside of MS and Apple enviro's) and in fact many see it as a way of selling more handsets. Look at Samsung who recently supplied Galaxy S2 handsets to the Cyanogen team so they could port CM7 to it, then look to HTC who confirmed they would unlock the boot loader on their new phones. Publically the phone manufacturers might not be seen to like phone ROM cooking (I avoid the use of the term hacking for the obvious negative connotations of the word) but certainly the Android suppliers like HTC and Samsung love it. It makes their device far more saleable to the people who don't like the idea of not being able to do what they want with it how they want and whilst Apple might publically moan about Jailbreaking it's massively helped with hardware sales. The only negative I can think of is for the app makers who rely on adverts for their free games when rooted you can use a custom HOSTS file and block all the adverts, apart from that I cannot think of a serious negative that would upset Google, HTC, Samsung and the like but I could easily be wrong...

    You only have to look at Modaco and XDA to see how fast development is happening for these 3rd party ROMs far far faster than the OEM will ever commit to and in fact many of these ROMs make the device infinitely more usable - Proxy support Android i'm looking at you!

    Whilst I am still running a stock ROM on my S2 I am running a custom kernel and rooted which allows me to do things I would not be otherwise able to do and makes the phone much better for "me".

    Samsung and HTC at least recognise that and realise it helps with sales otherwise they would not do what they have done.

    TBH this UEFI secure boot thing is nothing more than the latest shot across the bows and I wager it will come to nothing previous examples:

    PIII unique processor serial numbers - Outcry and option to disable added to BIOS options
    TPM platform - What happened to that?

    MS need to look at all these secure platforms and see what's happened to them:

    Xbox - hacked
    Xbox360 - hacked
    PS1/2/3 - hacked
    Apple OS X hardware check - hacked
    Blu-ray secure platform - hacked
    HDCP - hacked

    In short even if they do implement this and ram it down our throats (which won't happen due to Linux etc crowd fighting it) it'll be broken in very short order

  6. #21
    mthomas08's Avatar
    Join Date
    Jun 2008
    Posts
    1,615
    Thank Post
    135
    Thanked 165 Times in 146 Posts
    Rep Power
    62
    Quote Originally Posted by Rich44 View Post
    MS need to look at all these secure platforms and see what's happened to them:

    Xbox - hacked
    Xbox360 - hacked
    PS1/2/3 - hacked
    Apple OS X hardware check - hacked
    Blu-ray secure platform - hacked
    HDCP - hacked
    To be honest, is there anything that hasnt been hacked? If its's popular it's going to get ripped in to, some do it just for kicks or another challenge.

  7. #22


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by mthomas08 View Post
    To be honest, is there anything that hasnt been hacked? If its's popular it's going to get ripped in to, some do it just for kicks or another challenge.
    Done:
    Security researcher defeats Windows 8 secure boot

  8. #23

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,170
    Thank Post
    868
    Thanked 2,696 Times in 2,286 Posts
    Blog Entries
    11
    Rep Power
    772
    It has been said by Dell and other OEMs that they will have a switch in the BIOS to turn it off, it will just be shipped with it on for security and compliance (like the developer switch in android) or like the virtualisation extentions for CPUs that are switched off by default because of threats like blue/red pill stuff.

    This kind of restriction is not new and if you cant turn something off in the BIOS are you really skilled enough to be installing an OS anyway. Besides a twenty second youtube video will fix this and teach people how.

    The one area where it may be a concern is in the ARM line of heavily consumer devices where this kind of lockin is already common (iPhone anyone).

  9. #24


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    8,893
    Thank Post
    226
    Thanked 2,673 Times in 1,971 Posts
    Rep Power
    786
    Quote Originally Posted by mthomas08 View Post
    To be honest, is there anything that hasnt been hacked?
    I'm sure there are more examples, but the Cinavia audio watermarking tech found on DVDs and Blu-ray's, and Amazon's Topaz eBook format used on Kindle's have yet to be cracked.

  10. #25


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    8,893
    Thank Post
    226
    Thanked 2,673 Times in 1,971 Posts
    Rep Power
    786
    Quote Originally Posted by CyberNerd View Post
    Done
    If only it was true...


  11. #26


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    8,893
    Thank Post
    226
    Thanked 2,673 Times in 1,971 Posts
    Rep Power
    786
    Update on Ars Technica story...

    I've gotten clarification from Peter Kleissner on the nature of the exploit, and have updated the story. Stoned Lite uses an attack on legacy BIOS, not UEFI, so systems "built for Windows 8" would not be affected by the current version of the exploit. The exploit also works on Windows 7.
    It should come as no surprise, that turning off the Secure Boot option in your UEFI BIOS, prevents Secure Boot from doing its job.

  12. #27

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,705
    Thank Post
    904
    Thanked 1,320 Times in 802 Posts
    Blog Entries
    1
    Rep Power
    445
    Quote Originally Posted by Arthur View Post
    If only it was true...

    I love the fact its tomwarren trying to slate other writers, he is not great to say the least and Ars is normally of a far far higher standard.

  13. #28
    mthomas08's Avatar
    Join Date
    Jun 2008
    Posts
    1,615
    Thank Post
    135
    Thanked 165 Times in 146 Posts
    Rep Power
    62
    Quote Originally Posted by MK-2 View Post
    Haven't you just described Apple there with their ring fenced hardware and software?

    I'd prefer to wait and see when it eventually comes out. All these sites thrive on rumour, speculation and such.
    Agreed, looks like MS is following the Apple path. Still, if it does happen I would like to see what insults Apple lovers use then?

  14. #29


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    8,893
    Thank Post
    226
    Thanked 2,673 Times in 1,971 Posts
    Rep Power
    786
    Peter Kleissner has posted a video showing his bootkit in action.

    This shows how to use Stoned Lite to get SYSTEM rights on Windows 8 through the cmd privilege escalation (done by a driver loaded by the bootkit). The infector is just 14 KB of size and bypasses the UAC.

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Blocking .EXE and COM etc on a new Windows 2003 Domain Help!
    By bigb3n in forum Network and Classroom Management
    Replies: 11
    Last Post: 22nd February 2013, 03:30 PM
  2. Windows 7 pH sensor and software
    By ZeroHour in forum Educational Software
    Replies: 0
    Last Post: 28th October 2010, 04:44 PM
  3. Windows XP Boot Log
    By secman in forum Windows
    Replies: 36
    Last Post: 29th November 2005, 10:35 AM
  4. Using Bandwith And Software
    By nuttygeek in forum Windows
    Replies: 9
    Last Post: 6th October 2005, 12:39 PM
  5. More focus on RIS and Software Deployment
    By ajbritton in forum Comments and Suggestions
    Replies: 4
    Last Post: 5th September 2005, 11:41 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •