Oddbean new post about login | logout Binarly has an analysis of the private key leaks that took place at Lenovo in September 2022 and MSI in April 2023. The report's main finding was that multiple companies were apparently using the same Intel Boot Guard private keys to sign different types of firmware images. https://binarly.io/posts/Dissecting_Intels_Explanation_of_Key_Usage_in_Integrated_Firmware_Images_IFWI/index.html
Binarly is the real deal. I took a class on UEFI exploitation from the founder and it was fun. nostr:nevent1qqsypgqq2dx2pvfq9thfeafyu7594cf5vhqlqchwy2lt4we7f86fz7gprfmhxue69uhkummnw3ezucm0d9hxvatwv35hgtnrdaksygzcz09scz9e23m9jah7npn75w9jk9fyuwd37adty2ejdcjcxw48vcpsgqqqqqqskk94f9