“A backdoor,” the researchers noted, “which MS put in to secure boot because they decided to not let the user turn it off in certain devices, allows for secure boot to be disabled everywhere!”
Hackers who are also able to either acquire admin rights or physical access to devices could then also install and execute rootkits and bootkits, presenting a grave security threat for users.
Secure Boot works with several policies that are followed by the boot manager of Windows. For purposes of testing and tweaking, Microsoft has one boot policy that loads early in the process and disables the checks for operating systems. Developers can use this policy to boot other systems such as self-signed binaries.
This “golden key” policy, however, was inadvertently shipped out along with retail devices, and discovered by Slipstream and MY123. The policy was deactivated in the devices, but they were included nonetheless.
The researchers have now leaked the policy online. The policy, signed by the Windows Production PCA 2011 key of Microsoft, can be provisioned into devices as an active policy, which will disable Secure Boot.
Making matters worse is the fact that it is a universal policy, and not tied to a single device or architecture. The “golden key” can be used on both ARM and x86, on any device that uses the boot manager of Windows.
The researchers have since reported their discovery to Microsoft, initially ignoring the report around March to April and then later awarding a bug bounty a few months after. Microsoft has released security patches as an attempt to solve the problem, but so far has failed in affecting the capabilities of the “golden key.”
Evidence for the FBI to examine
Over the past winter, the FBI has locked horns with Apple over its efforts to bypass the boot security system of iOS, with the intent to make it easier to decrypt data on iPhones and other devices.
In February, Apple’s chief executive Tim Cook issued a statement in response to FBI demands, writing that, “We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them.
But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.”
Cook concluded, “while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”
Sure enough, after Microsoft did create a backdoor for Windows Phone and other Secure Boot devices, it subsequently leaked the tools for unlocking that backdoor.
The researchers involved in documenting Microsoft’s screwup observed,
“About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of backdooring cryptosystems with a “secure golden key” is very bad! Smarter people than me have been telling this to you for so long, it seems you have your fingers in your ears. You seriously don’t understand still? Microsoft implemented a “secure golden key” system. And the golden keys got released from MS own stupidity. Now, what happens if you tell everyone to make a “secure golden key” system? Hopefully you can add 2+2…”
You can view the full report here, where the researchers detail the flaw with more information.