Presenter: Alex Matrosov, Binarly & Fabio Pagani, Binarly

Several key management failures have impacted UEFI vendors in recent years. During this talk, we’ll discuss data breaches that exposed private keys — including Boot Guard keys — and explore both the immediate and ongoing consequences these incidents have had on the ecosystem. Additionally, we’ll discuss how products were shipped with expired, debug, or non-production certificates, which have further increased security risks. Using the latest data from the UEFI ecosystem, we’ll provide fresh insights into these persistent, long-standing issues and their current impact.