Hahaha whoops
Posted: Fri Aug 12, 2016 10:49 amRemember how Windows Secure Boot was supposed to prevent boot sector malware, and also coincidentally block unsupported OSes from being installed?
Well, now it won't do either for much longer.
http://arstechnica.com/security/2016/08 ... olden-key/
D'oh!
I will just quote the discoverers:
This is why, when you use SSH, you set up a different private key for each of your client machines, rather than having one private key and copying it to all of them. That way, if one machine gets hacked, you can at least contain the damage...
But wait, this is Microsoft; they use RDP, not SSH. And in fact, they made the same mistake with RDP.
Well, now it won't do either for much longer.
http://arstechnica.com/security/2016/08 ... olden-key/
D'oh!
I will just quote the discoverers:
About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of backdooring cryptosystems with a "secure golden key" is very bad! Smarter people than me have been telling this to you for so long, it seems you have your fingers in your ears.
This is why, when you use SSH, you set up a different private key for each of your client machines, rather than having one private key and copying it to all of them. That way, if one machine gets hacked, you can at least contain the damage...
But wait, this is Microsoft; they use RDP, not SSH. And in fact, they made the same mistake with RDP.
