"
To exploit the vulnerability, an attacker must either gain administrative privileges or physical access to a target device [...]
"
There's a big difference between a device being jailbreak-able and being vulnerable.
"vulnerable to a user with administrative privileges" shouldn't count as "vulnerable".
It's shutting the door after the horse has escaped. All security measures have failed at that point - the least of a user's troubles in somebody installing a new OS.
As for physical access, somebody could install a new HDD or motherboard or computer - where do you stop?
Microsoft's justification of this "security feature" is borderline insanity.
There's a nice saying for this: "it's a six ton safe in the middle of a desert." No matter how secure your safe is, someone can just airlift it out and will have practically limitless time to tear it apart.
Two steps forward, one sidestep and an enthusiastic lunge backwards in the name of security.
They've been trying to do this with Windows-proper for the last 5 years, banking on the apathy of manufacturers to block other operating systems from running by not allowing other secure keys (or disabling the disabling of secure boot).
This is just the extension of that, except they control the hardware too.
Given open Linux distributions have a habit of making devices Just Work™ indefinitely —well that's what my 2008 desktop CPU, 2010 laptop tell me— I'm not surprised they want to make sure their hardware rots so people have to upgrade to a newer, stronger-walled garden.
> Given open Linux distributions have a habit of making devices Just Work™ indefinitely
2006 Conroe is still perfectly capable of running the latest Windows OS. And anecdotally I had to rescue an Ubuntu installation few days ago simply because the root partition got filled and system didn't boot. Go figure.
Users should have the option of choosing or not choosing to use a locked bootloader. For some users, the benefits of an unlocked bootloader exceed the costs of not letting Microsoft handle "security" for them.
If a company is selling hardware, why should it matter what the purchaser does with it afterwards?
For the answer to that question, we might ask Apple.
Whatever the answer is, it is certainly not "for the security of the user" if the user explicitly wants to install their own choice of OS.
So I have a Surface RT; I've looked around for a guide to get it moved to Ubuntu so I can play around with Swift Linux.
Can anybody point me to a recent article so I can make this paper weight useful? Maybe something like this http://hackaday.com/2014/05/01/mirror-mirror-on-the-wall/
The answer to what you're asking is quoted in that very article:
> An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded on a target device. In addition, an attacker could bypass the Secure Boot Integrity Validation for BitLocker and the Device Encryption security features.
Microsoft is patching the device, despite it being a dead product, to avoid screwing actual users of the product. Sorry to the ones of people using it with Linux, I guess, but being able to subvert BitLocker and device encryption is kind of bad, yeah?
I personally think if you have physical access then it's game over anyway.
Besides, AFAIK if a drive is encrypted then you would not be able to decrypt it without the correct key, unless they did something very un-crypto-like with BitLocker...
> then you would not be able to decrypt it without the correct key
You're correct. So an attacker will now attempt obtaining the correct key, by targeting the pre-decryption stages and infecting any layer that has access to the decryption key. If the bootloader's the one that asks for the user for the disk decryption key, then the bootloader would be the prime target of infection. And so on, it's turtles all the way down, until the hardware; which is what gives Intel the excuse to ship locked down firmware with their processors and motherboards.
Anyone who thinks "Embrace Extend, Extinguish", amongst other bad business practices, are a thing of the past for Nadella-helmed Microsoft, this should be a tall frosty glass of reality.
While it's not directly related, I'd argue the antiques of the dark pattern Windows 10 upgrades show a glimpse of a company culture that is yearning to have enough monopoly power again to become anti-consumer as they were in their heyday (90s, early 2000s). If Nandella didn't view that is being wrong, then this shouldn't be a surprise either imo.
to have enough monopoly power again to become anti-consumer as they were in their heyday (90s, early 2000s).
I'd say they weren't as anti-consumer back then as they are now. In particular, backwards compatibility was highly valued and I don't remember much in the way of forced "upgrades" or aggressive feature-removals/UI changes in the late 90s/early 2000s.
The way I see it, Microsoft had respect for consumers back then, but zero for its competition. Now it's the other way around - Microsoft will actually build nice apps for iOS and let you build a platform on Azure and all that, but if you use their stuff, then you better OBEY OBEY OBEY.
Well, not patching a security flaw is not exactly a good business practice either.
Now, locking the Windows RT bootloader was a bad practice to begin with, and it's a good thing Microsoft stopped doing that. Then again, it's hard to blame them, seeing that Apple keeps locking down everything they can lay their hands on with virtually no criticism outside the Slashdot crowd perhaps. Everyone just keeps nodding and saying "This is the right thing for protecting their users and ecosystem. Look at all the fragmentation and malware mess that Android suffers from".
And what is with that "Embrace, Extend and Extinguish"? It's 2016. Next thing, IBM will come selling their Watson SaaS and everyone would have to buy it because "nobody ever got fired for buying IBM "?
"it's CURRENT YEAR" is hardly refutation of the fact that it's still happening. Especially when you follow it up with a strawman about IBM.
now, let me channel dang for a second here:
HN looks down on these types of posts filled with logical fallacy (ad hominem, appeal to ridicule, moving goalposts). You would have made your point with the first two sentences alone.
This patch does seem unnecessary, I grant you that much, but I don't think it's an example of EEE.
Surface RT tablets were sold as locked down devices from the start, just like many other tablets on the market today. You can't really apply EEE if the 'Embrace' part is missing.
> An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded on a target device. In addition, an attacker could bypass the Secure Boot Integrity Validation for BitLocker and the Device Encryption security features.
So if Microsoft didn't patch this, you could equally accuse them of leaving bad security flaws in Windows 8.1.
Wow. Yes, that changes this completely. Being able to let unsigned code boot on your device is very different from being able to let code you have signed boot, which is what we need for users to have effective control over their computing.
WinRT is a discontinued platform for which maybe 6 people in the world purchased devices. There may well be a tall frosty glass of reality to be drunk, but it's hiding behind the list of issues that are way too small for Nadella or anyone else in senior leadership at a company the size of Microsoft to get involved in.
They provided a build of Windows 10 for old Lumias, so it would be a gesture of goodwill to crank out "Windows 10 Mobile for Tablets" for those 'maybe 6 people'.
After all, what is a Surface RT except a large screen phone that doesn't make phone calls.
Microsoft is still the king of the (enterprise) desktop. They've been more open on the server front, because they realised that they can't win that war.
I'm sure if they got enough linuxers on their azure platform they'd love to tighten the rope again. This is all still in the embrace phase, but it's likely to stay there - MS has nothing to loose but also not that much opportunity to win. Amazon and Google are just too far ahead IMO.
I personally think this is click bait. One of the features that is advertised about this device is secure boot and bit locker. I'm not sure that they ever offered a supported way to disable those features. It sounds like they were patching a problem with that.
Also blocking the install of Linux...iPads and iPhones. Why is this a crisis but that's OK?
I'm curious: If I understand modern software licenses correctly, companies have long ago stopped actually selling software. They sell licenses that permit a carefully picked set of activities that can be performed with a software.
Given MS' security model* described in this thread ("vulnerable to attackers with administrative access") I wonder if RT tablets and similar hardware are actually still sold. Wouldn't it - from the company's POV - be easier to just sell a license?
*(MS is by far not the only one acting like this, but they somehow seem to draw the most attention when locking down things)
The distinction isn't too relevant because all of the machine's software is click-wrapped in a license you must accept. With the BIOS/firmware being the sole exception, they can just lock it down with technical means (ie. crypto and certs), avoiding the conversation.
