Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Uefi secureboot Firmware efi-stub WASM

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • SupplyChainAttacks

    • Or the GitHub link below

    https://github.com/binarly-io/SupplyChainAttacks/blob/main/M...

  • fiedka

    a visual toolkit for exploring and editing firmware images, running on web platforms

    • Maybe someone could add key manifest inspection to this OSS tool, https://fiedka.app.

    Hopefully Intel and OEMs will make official statements soon.

    If you're copying a firmware file from the OEM's website to Binarly's website, then receiving a text report, they would have an IP address, browser fingerprint and device model number, but little else.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • sbctl

    :computer: :lock: :key: Secure Boot key manager

    • The question is whether you have any UEFI drivers or not. If they're in the ESP you can just look there to check, but UEFI drivers can also be loaded from PCI cards or baked in the firmware itself.

    If you're using a TPM for Secure Boot, you can use the command in https://github.com/Foxboron/sbctl/wiki/FAQ#option-rom to know for sure.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Show HN: Sbctl – Secure Boot key manager

    1 project | news.ycombinator.com | 20 Oct 2023

  • Enabling secure boot for your Arch installation is very easy now with the "sbctl" tool

    2 projects | /r/archlinux | 7 Jul 2023

  • sbctl fails to find EFI system partition

    1 project | /r/archlinux | 3 Jul 2023

  • Millions of PC Motherboards Were Sold With a Firmware Backdoor

    4 projects | /r/hardware | 1 Jun 2023

  • The vendor-locking is for your own safety. Do not resist.

    2 projects | /r/linuxmemes | 20 May 2023