hypnosec writes: A Red Hat developer, Matthew Garrett, has claimed that there are ways to modify Microsoft’s cryptographic keys and users can replace the keys that are shipped by default with their own keys allowing them to run any software and as a matter of fact keep Microsoft’s software from running on the system. The whole problem around secure boot is that Windows 8 requires Microsoft as its root of trust meaning that only that code or application or software can be executed onto a Windows 8 system which is signed by Microsoft. The developer has found a way of getting rid of all the keys supplied by Microsoft and in a way turning tables on Microsoft. This particular finding is a results of Windows 8 certification requirement itself "insists that the key databases be completely modifiable." This gives users the power to delete the cryptographic keys supplied by the manufacturer and even those of Microsoft. This deletion would render the system in what is called a "Setup Mode" whereby it will boot just about anything – even something without a valid signature.
Sign up for the Slashdot Daily Newsletter! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Win a FREE Moto Z2 Force Edition smartphone from Wirefly ×