Microsoft Accidentally Provides Example of Dangers of Encryption ‘Back Doors’

Microsoft Accidentally Provides Example of Dangers of Encryption ‘Back Doors’

http://reason.com/blog/2016/08/10/microsoft-accidentally-provides-example

This example again shows that encryption back doors are a bad idea.

Security failures have created “golden keys” which unlock Windows devices protected by Secure Boot.

Microsoft Secure Boot key debacle causes security panic

http://www.zdnet.com/article/microsoft-secure-boot-key-debacle-causes-security-panic/

Microsoft has one particular boot policy (“golden key” debug) which loads early on and disables operating system checks – allows a user to boot whatever they wish, including self-signed binaries.

The policy has been leaked online and can be used by users with admin rights to bypass Secure Boot on locked devices, as long as devices have not received the July patch update.

“About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of backdooring cryptosystems with a “secure golden key” is very bad!,” the team added. “Microsoft implemented a “secure golden key” system. And the golden keys got released from MS['s] own stupidity.”