If you stole a hardware key (which I am speaking of), you've just smashed Secure Boot on all the devices that use it, forever. You can boot whatever software you want on your PlayStation, or Xbox, or Windows Secure-Boot-Enabled PC, or iPad, or similar. Every device with that key has had their locks smashed and there's no going back. Once you've done that, downgrading firmware, modifying firmware, undoing software updates, it all becomes a lot easier.

Bonus points if you stole a Windows signing key and a Windows Update CDN Certificate. Send out fake Windows updates, approved by Microsoft, to do whatever you want. Maybe even force them to use your own middleman update server and only recognize your own keys. Fun stuff.

Got the Apple signing key? Revoke any app you like and have it instantly lock out from millions of iPhones. Break every app for everybody on iPhone and give Apple employees and users a miserable week and cause a political panic. Sky's the limit.

UEFI Secure Boot signing keys can be updated at runtime, and old keys can be explicitly marked as untrusted. Validation of key updates is performed by the firmware, not the OS, so this can't be trivially subverted.

Right, agree. What I'm asking is: why can't the OEM over-the-air-update Secure Boot on all the online devices? Is there no channel to re-key Secure Boot from an online source?

I agree that anyone who wants to muck about their device on purpose could just not connect to the Internet, but I'm focused on protecting the users who don't want to be victims of hacks.

(My only mental model for this is the bugs in the early protection on the original XBox and how Microsoft fixed it with OTA updates and specific games they released that patched the bug).

> Is there no channel to re-key Secure Boot from an online source?

There is no such method. Any such method would be potentially vulnerable if the device was jailbroken (from a purely software hack) - in which case, you would need some sort of permanent key to verify the re-keying which defeats the point. As a result, the Secure Boot key is burned into the chip and unchangeable.

They key is burned into the device.

> Got the Apple signing key? Revoke any app you like and have it instantly lock out from millions of iPhones. Break every app for everybody on iPhone and give Apple employees and users a miserable week and cause a political panic. Sky's the limit.

How are you getting to the iPhones? You need to be able to intercept any internet connection too.

nb I'm not sure there is such a single signing key.

> Send out fake Windows updates, approved by Microsoft, to do whatever you want.

Send them... How? You're planning on setting up a MITM attack on everyone's internet access?

At a nation state level attack that is completely possible.

If a state wants something from you, they'll send armed agents at your door.

If 'your' state that is. There are any number of states unfriendly to each other.

Having stolen the key, the thieves themselves could push such an update and lock the OEM out. Imagine millions of Apple devices getting an update, locking Apple out while simultaneously installing some nefarious code which uploads all saved credentials to the thieves' server. Sure, the time window is short (if the breakin was detected), but having full-access to millions of people personal data could be a long term money-trove while simultaneously bankrupting Apple through damages. One could short-sell companies by leaking sensitive data, impersonate people and send messages, blackmail people, even simple ransomware would be devastatingly profitable.

You’d have to impersonate Google’s web servers to push the update, wouldn’t you? That would mean both hijacking the DNS and faking or stealing the TLS cert. That’s not impossible, but it’s pretty much a moderately-well-equipped-nation level attack.

If a 'heist' to steal such a key would be pulled off, adding credentials (or stealing them) to the update-server (even for a one-time update push) doesn't seem out of the realm of possibilities.

If you own the OS, you should be able to install updates from anywhere.

If someone copies the key with pencil and paper, the original remains in place. There will be nothing to show that anything happened... until signed malware is detected in the field. (Which is exactly where we are now - with signed malware from a bunch of different keys.) The amount of damage depends on how long the signed malware was out there, and what its uptake rate is.

Sure, it won't destroy or infect the entire world. It's still pretty bad, though. And so far I haven't seen anything saying how long it was out there.

Also: How did so many keys get compromised? There may be a bigger (or more systemic) problem.

" ... cutting new keys and pushing an update to supplant the old key ..."

What about the keys to say Windows updates?

If someone manages to nick the key you can be sure that they would push a new one and revoke the "old" one whilst simultaneously deploying nasties.

100M (whatevs) is chicken feed compared to the rewards from compromising something like Windows updates. Bear in mind that a simple pecuniary minded criminal gang might leverage a lot of coin mining or whatever for a while and generate an awful lot of electricity usage but a state level actor gets the real crown jewels: information.

Anyway, that's far too complicated when there are far easier ways to crack rather a lot of the world. Look at the Solarwinds compromise. That sort of thing won't (and wasn't) be the last.

Supply chain attacks in the IT world are probably the worst in terms of fall out and the potential losses are vast in comparison to a bit of shiny carbon falling down the back of a sofa. However, for some reason, in this most bizarre modern world we find ourselves in, we still fixate on a bloody diamond!

The beauty of stealing a signing key is you don't necessarily tip off the company by getting yourself a copy of it. (The diamonds were removed, but the key stays where it is)

If you were clever enough to get the key you might hold it until it was truly valuable for your exploit.

Bonus points for letting everyone think, the diamonds are still there.

Depends on which key is stolen. You can't update the certs on distributed users without some root certificate key. If that key is compromised, there is no trust root which the clients can trust anymore. The thief can revoke all the keys the original institution holds, so they have no path for changing keys.

To do that revocation, they'd have to be able to attack the update channel itself. And practically speaking, that attack is hard to pull off; you can probably successfully update most devices, which might be good enough.