Can't fall for this if you just don't update anything 🧠

The Dutch police came out with a warning two days ago about this. Had no idea they were on top of this.

Fun fact. If you tell the hacker no, they can’t legally hack you 👍

Oh boy i love the fact that google ad services never checks their clients!

Security through obscurity. Works great until it doesn't.

_Hey guys, our security team recommends a really great way to lock down our private keys we got from Intel. They said backup the drives, don't isolate them from our primary network to a local one, and just leave them plugged in and able to be contacted externally at any time and hope our network guard tells us when something goes wrong. It works wonders!_

Sucks this happened but im happy they didnt pay at the very least. Paying is what emboldens the choice to keep doing it. MY graphics card is MSI based but I download it directly through their software.

*Linux kernel source codes got leaked* Linus: Oh no, anyway

I got an “DH L” phish google ad result recently when I searched “track DHL.” The page was clearly a phish for tracking numbers. Two days later I saw a news report about thieves stealing tracking numbers and registering accounts as their victims with courier services in order to redirect packages and steal their contents. Example was a woman who’s laptop was redirected to a drug store pickup location where someone picked it up with fake credentials.

I love, how your channel is a responsible "white-hat" information source. Actually, this is not the first time when I had this kind of crucial information first instead of any mainstream information source which should be served like this because it should be their main purpose. Thank you very much for your work for the community!

This is why I almost always wait for something to break before updating. I find that firmware/BIOS updates cause more problems than they're worth, usually. Still running the same BIOS from late 2020 without issue.

I wonder if this can lead to open source firmware developed using clean room reverse engineering.

bout to update off the FIRST item on google for my work laptop that I see thanks Mental Cat!

This also allows people to take more ownership of their own hardware. Too bad they didn't leak the Intel ME signing keys. Those are the holy grail for a libre BIOS. Me cheering on this hack is a result of the "you bought it but you don't own it" way most silicon root of trust implementations work.

Well shoot, as an MSI owner i appreciate this video

"it's only very illegal if you get caught" what a phrase

Not just custom firmware but what I'd love to see is an accessible guide to what goes on inside these firmwares - for educational purposes. It may help someone write new ground-up firmware for the purpose of experimenting with a new OS. (Yes, I have pretensions).

Checking my motherboard quickly just to be sure. Oh... Not.. Good..

Good thing the MSI Z-690a has coreboot ported to it so there's a way out of this proprietary hell for those willing to look

Hopefully some AMD BIOS building tools have leaked in the mix. Adding CPU support on AM4/Unlocking pcie 4.0 on non-500 series boards/swapping agesa should be possible with an inhouse tool. There's too much effort for reverse engineering these, so basically no one does it.

Even better, we can hack bioses again instead of being locked into what they say we can do with the hardware we pay for.

Speaking of buggy MSI firmware: I spent most of my time at MSI-sponsored QuakeCon 2003 (HUGE LAN party event where Doom³ and Call of Duty were previewed to the public) troubleshooting my nForce 2 system that stopped POSTing when I cleared my CMOS. That’s because MSI’s latest firmware defaulted to a higher bus speed than many supported CPUs… including mine. This was before EFI but after dedicated jumpers for setting bus speed disappeared… a trend Abit kinda started for enthusiast boards. All I had was a “Safe Mode” jumper… and even that didn’t help. It would get me into CMOS Setup with the FSB grayed out and set to “Default.” I couldn’t actually boot with the Safe Mode jumper so it was functionally no better than popping the battery or using the CMOS Reset jumper since I still couldn’t POST after using it. Once I realized it was defaulting to the wrong bus speed I had to borrow someone else’s CPU/RAM to get into CMOS Setup and manually set the correct bus speed. Only then could I switch back to my CPU or downgrade the board’s firmware… which was several more hours of frustration. The Internet connection was so overwhelmed it almost took a day to get the PDF manual that led me to Safe Mode and another day to get the old FW from MSI. Even when downloads finished they’d be corrupt. That’s just how it is with a LAN party so huge. After nVidia and AMD, MSI was a major sponsor at QuakeCon 2003 where they were pushing their new SFF systems to compete with Shuttle… so once I had it figured out I walked right over to their booth and gave them an earful. Why would they ever initialize default settings to a higher FSB than most supported CPUs?! Insane. Needless to say, I was upset. I skipped class, drove half-way across the country, and spent a fortune to stay at the Adam’s Mark hotel only to waste more than two of my three event days due to their incompetence. I didn’t even sleep. I held a grudge. When I built an HTPC for Doom³ I skipped MSI’s SFF offerings and went straight to their competitor with the Shuttle SN45G2 (“SoundStorm” MCP-T + nF2 Ultra 400). Unfortunately, that also had a disappointing issue with FSB defaults. My mobile Barton was essentially an unlocked Athlon XP 3200+, bin-sorted because it was stable even at lower voltages than other 3200+ CPUs… thus perfectly capable of 400 FSB. There was no default yet it was always unstable when you manually set 400. You had to make it look like a locked 400 FSB CPU (“L12 trick”) and then it was perfectly stable. In my case that involved a tiny wire bridging two pins in the CPU socket. It seems there was some hidden spec you couldn’t adjust which was automatically set according to the default FSB while assuming no default was the slowest. Other enthusiast boards supported mobile Bartons at 400 FSB just fine without this trick. Not as bad as MSI’s gaffe since I could still POST at the defaults but automatic settings that aren’t exposed to the user on an enthusiast board is no bueno.

this is concerning. thank you for publishing. my entire system is Msi based and runs multiple Msi firmware (except the psu). i didn't build a $2k open-source hacker's portal intentionally, but here we are.

A classic case of certificate revocation - make sure your OS is up-to-date because spoofed certificates don't include certificate revocation lists (or if any spoofed ones)

I wonder if anyone at MSI is facing unemployment today?

MSI and other corpos from that segment of the market should get the message: Open source your drivers, or get hacked.

"Google ads" People actually see those? It's the current year and people still don't have ublock origin or any other basic adblocker installed on their browsers?

The Intel Bootguard keys can't be "updated" by any mean, they are carved into the chipset (e-fuses) They serve to sign the bootloader part of the BIOS The other keys Are for MSI to sign there firmware (not the bootloader but the EFI stuff after that, like the AMI Bios protection crap). Not related to signed software and drivers AFAIK. It's a really great news, now I want a MSI board actually. Finally a recent board I can actually own instead of rent. I like hackers that make hardware ownable instead of rentable. Did they left an XMR address for tip?

My question is, is Afterburner in there somewhere and could we potentially see a bunch of open source GPU overclocking software start popping up for Windows and Linux.

I like how you segued to a positive outcome from this going forward. Good job at making lemonade from lemons!

I love your content man, really appreciate it. Thanks.

Assymmetric cryptography was never intented to protect you. Although theory behind cryptography itself is good (allegedly), _they_ went for a great length to make certificate *infrastructure* as vulnerable as possible. That's exactly what you see now. We can only guess how many private keys from our CA repos are held by agencies. My bet is *a lot*.

Glad i checked the old youtube, taking an ethics course for data science and this article will do great. Thanks, Mental Outlaw!

Just as a side note you showed MalwareBytes Anti-malware as random software. I used it in the XP/Vista days. It was quite good actually

MSI goes brrrrrrrrrrrrrrrrrrr💀💀💀💀💀💀

11:34 "it's only illegal if you get caught." ...it's only prosecuted if you get caught. This is a significant difference.

Imagine an open source BIOS creation tool where you pick and choose the features you want. Most of us won't run more than the one CPU we have already socketed into the board, neither do we need support for dozens of different RAM modules. Lots of things take up the limited file size in a BIOS, getting rid of the stuff you don't need would free up space for other cool features. And it just so happens many MSI boards have this cool option to flash a BIOS without even a CPU installed, just plug in a USB drive and press a BIOS flash button and wait, so it'd be easy to unbrick boards after flashing a bad custom BIOS.

Hey mental outlaw, Could you do a really quick video on discord, mentioning tencent etc. How would you make it impossible to retrieve messages once they've been deleted - do they even get deleted, etc. Does china have every message you've ever been sent, also the fact that discord doesn't really delete any of your data at all when you delete your account. Sorry i don't know much so i was hoping you could do a video on it

If only this meant that coreboot can be made to work on my msi motherboard now, alas probably not.

So is this an active threat to MSI users, like will my PC be compromised just by doing nothing? Or can it only be compromised by downloading fake MSI software?

They should have had backup keys for everything letting them dump the compromised keys for the backups that should have been kept in cold storage for just an event. People are super near sighted.

I didn't know of Odyssey, so thanks. Yes, links mostly don't work in KZbin comments in recent years.

good to know. I have an old 9 year old computer with an msi motherboard and I was going to update the bios a few weeks ago because something wasn't working too good.

every piece of closed source software (especially relating to hardware) that gets released from the slimy hands of security-unconscious engineers is a win in my book. if any of these groups had donation addresses, i would tip them.

And I tought its gonna be gpl food content from now on :) I will watch that part of the Luke Smith transformation as well dont worry.

What to say, other than congratulations! It must have hurt but it sounds like the responsible (for your company) AND the smart (for you and your family) thing to do. Do what you love and do best! Good luck and have fun.

Glad I don’t use any MSI products. That would be nuts if someone made their own custom firmware from this leaked data. Interested to see where this goes

I’m more interested in those Intel BootGuard keys, what issues will crop up with those?

Damn, just bought and installed a new msi motherboard like 1 month ago and it's the very first time I've bought anything from them.

What hardware can be affected by this? I mean, there's MSI gpus but those you update through the Nvidia/Amd software. So Mobos?

Loved the deepfake voice in this video! ALMOST got me.

First thought is, fuck, what's the brand of my motherboard again?! But no, it was on my old computer I had MSI.

Bios source code would be cool.

Please refrain from calling a criminal “our boy”.

I have a question. Can those private Intel/MSI keys be used to disable Bootguard and reprovision Secure Boot root database with our own firmware keys? In any case... Instead going to make new firmware with the leaked code, would be better to just improve Coreboot/UEFI with it.

GamersNexus is firing up the renderfarm for a new Video. Back to you, Steve!

Honestly the way they're handling this, they deserve it.

I am hoping some good comes from this in that the modding community can use this to unlock some of the chip set voltage and OC lockouts on the graphic cards

why are you not verified

Watching this video on my MSI laptop. FML.

Imma be so mad if they didnt include a "May the 4th be with you/Revenge of the 5th" message with this attack.

I don'y have any MSI hardware but I do have afterburner, should I still look out?

Thanks, bro...great video..u rock dude

I hope the coreboot team can review the leaked code to be able to reverse engineer and recreate it with enough differences to have plausible deniability.

Oh boy! and I have an MSI Mobo.

10:09 "You see what you did was illegal, but it could've been done better if you follow these steps" I love this guy

Gotta love electronics news during mercury retrograde.

can you let us know when the MSI software update comes out to fix things?

Heyyy the Farming Outlaw is back in the shed working hard on that security.

One "problem" is that many makers (Sony for example) remove drivers from their website for unsupported hardware. If it came with Windows 7 for example, it's no longer available for download. So people have to search online to find it. I shouldn't do this but I but old hardware and get it going again and I sometimes do this.

Oh no ! I can't source my beloved software updates from my beloved big shiny bright *DOWNLOAD NOW* button... We truly can't have anything anymore these days :(

I have received a total of 4 broken motherboards from MSI and there customer support was utterly useless. The basically stole my money. I swore to never use MSI products ever again... Looks like that is serving me well.

i just got rid of my old msi graphics card a few weeks ago😅 good timing

I hate bloat ware, but MSI's Dragon w/e is now a must. I use it to control my RGB settings, but it's clunky and probably is more of a resource hog than it should be, but at least you can trust the updates from it.

The keys can be revoked at the certificate authority. Seems kind of blown out of proportion.

Kind of dig it, I had an old MSI device with a locked bios and the only guy that put out updates was charging a ton. Maybe now anyone can roll a new bios

MSI software is absolutely abysmal. I made a mistake of buying an MSI motherboard years ago, and whether it comes from terrible management or incompetent programmers, they've never been able to produce a remotely reliable piece of software.

L for MSI but I feel bad for end users.

If this results in MSI open source BIOS's I will sell my other hardware and just own MSI motherboards. Fingers crossed for core boot on MSI

I like how at the end outlaw giving tips to them cause he wants to get it out

HeLP! So are MSI motherboards at risk from this hack or only the known laptop product list?

Hey MO did you know mullvad was raided? Not connected with this but thought you’d have put out a video about it

Congratulations. You are being open sourced. Please do not resist.

But we still get our drivers from official sites and but other programs

If Kenny has million number of fans i am one of them . if Kenny has ten fans i am one of them. if Kenny have only one fan and that is me . if Kenny has no fans, that means i am no more on the earth . if world against the Kenny, i am against the world. i love #Kenny till my last breath.. .. Die Hard fan of Kenny . Hit Like If you Think Kenny Best player & Smart In the world

>be google >>Make your own search engine >>>Prioritize SCAMS and SPAM for revenue >>>>"Woah, where did all these scams come from?" 😮

Another good video. Do one about Nostr

I believe my pc updated about a week ago, however, idk when the false updates started to surface. Are we for sure certain that only manual BIOS updates are the only concern. As for the firmware updates is it through the update page in the system settings? If so how concern should i be?

the mic quality improvement is giving me an internal existential crisis lmao

man no motherboard company is safe to go with these days

ChatGPT refactoring plugin would be insane for turning 'illegal' code into 'legal' code

Thank goodness hackers haven't leaked the KSI source code and keys. Otherwise kiddos would be getting a prime high!

Great! I just received a $1300 computer from them yesterday!

Laffable... These companies have all been hacked for years. It's only being acknowledged now because it's being used in other areas. (That exposes the trails back) I've done this a long time and I can honestly say I have never hacked anybody. Can you ?

could the hacker host the files on IPFS peer-to-peer hypermedia protocol? and i don't know how to use i2P so hackers probably should host the files on IPFS or a Torrent Link.

I don't know, man, I'm no pc geek by any means, but i consider myself far more tech savvy than your average person, especially for my age (I'm 50), and this is the first time I'm hearing of winget. Will definitely be using it from now on, though, and trying to spread awareness.

5:35 I am honoured to have made the cut

The more stuff goes online the more easier it is to break in to. Computers went from individual islands of general computing to dumb terminals that provide these companies a SaaS platform to make money off of at the expense of the product (at home users). No you aren't a user of the software that's online, you're a product sold to advertisers. That's why advertisements are starting to show up in Windows 11 and even 10 to some extent.

My msi hardware isnt even officially supported anymore, so no worries for me 😅