logo
welcome
Ars Technica

Ars Technica

Secure Boot-neutering PKfail debacle is more prevalent than anyone knew

Ars Technica
Summary
Nutrition label

76% Informative

A supply chain failure that compromises Secure Boot protections on computing devices extends to a much larger number of models than previously known.

The debacle was the result of non-production test platform keys used in hundreds of device models for more than a decade .

These cryptographic keys form the root-of-trust anchor between the hardware device and the firmware that runs on it.

The private portion of one of the test keys was published in a post on GitHub .