25 May 2023 by Phillip JohnstonIn our recent panel dicussions, such as Over-the-Air Updates and Fleet Management at Scale, we touched on the topics of code signing, security keys, and key management. The whole strategy of code signing hinges upon protecting your keys. If they are compromised, anyone will be able to create and sign an image that can be successfully installed on your systems. You can mitigate this risk by creating a key rotation and/or revocation strategy, allowing you to stop compromised keys from being usable. Failing to incorporate these capabilities puts you at significant risk. In May 2023, …
Continue reading “Case Study: MSI UEFI Signing Key Leak”
To access this content, you must purchase a Membership - check out the different options here. If you're a member, log in.