It’s True — There is no such backdoor that only its creator can access.

Microsoft has accidentally leaked the Secret keys that allow hackers to unlock devices protected by UEFI (Unified Extensible Firmware Interface) Secure Boot feature.

What’s even worse?

It will be impossible for Microsoft to undo its leak.

Secure Boot is a security feature that protects your device from certain types of malware, such as a rootkit, which can hijack your system bootloader, as well as, Secure Boot restricts you from running any non-Microsoft operating system on your device.

In other words, when Secure Boot is enabled, you will only be able to boot Microsoft approved (cryptographically signature checking) operating systems.

https://thehackernews.com/2016/08/uefi-secure-boot-hack.html

I am going to rebuild quite a few VMs in my lab with 2016 TP5 and nano servers and this will help speed up the process.

$SRV1    = "2016_DC01"		                # Name of VM running Server Operating System
$SRAM    = 2GB				                # RAM assigned to Server Operating System
$SRV1VHD = 50GB				                # Size of Hard-Drive for Server Operating System
$VMLOC   = "D:\HyperV"			            # Location of the VM and VHDX files
$NetworkSwitch1 = "PrivateSwitch1"	        # Name of the Network Switch
$WSISO   = "C:\14300.1000.160324-1723.RS1_RELEASE_SVC_SERVER_OEMRET_X64FRE_EN-US.ISO"	        # Windows Server 2016 Technical Preview5 ISO
#$WSVFD   = "C:\autoattend\attendfile.vfd"	    # Windows Server 2008 Virtual Floppy Disk with autounattend.xml file

# Create VM Folder and Network Switch
mkdir $VMLOC -ErrorAction SilentlyContinue
$TestSwitch = Get-VMSwitch -Name $NetworkSwitch1 -ErrorAction SilentlyContinue; if ($TestSwitch.Count -EQ 0){New-VMSwitch -Name $NetworkSwitch1 -SwitchType Private}

# Create Virtual Machines
New-VM -Name $SRV1 -Path $VMLOC -MemoryStartupBytes $SRAM -NewVHDPath $VMLOC\$SRV1.vhdx -NewVHDSizeBytes $SRV1VHD -SwitchName $NetworkSwitch1

# Configure Virtual Machines
Set-VMDvdDrive -VMName $SRV1 -Path $WSISO
Set-VMFloppyDiskDrive -VMName $SRV1 -Path $WSVFD
Start-VM $SRV1

PowerShell is very structured, but there are exception, removing an alias is one of many.

# Create a new alias
New-Alias -Name Test -Value TestValue
# Check if the alias was created
Get-Alias Test
# Remove that sucker
# Naturally in PowerShell you'd think it is remove-alias, but it is not
Remove-Item alias:Test

Can you tell the difference?

A new technique called “visual spoofing” provides a way for Internet phishing scams to convincingly mimick the web sites of banks and credit card companies. The technique alters the user interface of the web browser, substituting images for parts of the browser interface that would normally help users detect the fraud.

Read some more here:

https://websec.github.io/unicode-security-guide/visual-spoofing

Finally, more than a year after purchasing the voucher, I passed the Linux Foundation Certified System Administrator exam, Which gets me both, an MCSA for Linux on Azure and well, the Linux Foundation certification. I choose the CentOS path.