Public bug reported:

I just installed new Nvidia drivers in a meeting room and, as I have
Secure Boot enabled, was prompted for the password to enter on next
reboot.  Surprisingly, the password I entered (twice) was in clear text
both times I entered it, which gives others around me an opportunity to
read what this password is.

This isn't an issue with DKMS/Secure Boot per se, except that people are
likely to use a password that they already use elsewhere (as it is
something you need to remember) and shoulder surfers could potentially
use that password to attack the user in other places.

ProblemType: Bug
DistroRelease: Ubuntu 19.10
Package: dkms 2.7.1-1ubuntu1
ProcVersionSignature: Ubuntu 5.0.0-20.21-generic 5.0.8
Uname: Linux 5.0.0-20-generic x86_64
ApportVersion: 2.20.11-0ubuntu3
Architecture: amd64
CurrentDesktop: i3
Date: Thu Jul 11 10:06:22 2019
InstallationDate: Installed on 2019-05-07 (64 days ago)
InstallationMedia: Ubuntu 18.04.2 LTS "Bionic Beaver" - Release amd64 (20190210)
PackageArchitecture: all
SourcePackage: dkms
UpgradeStatus: Upgraded to eoan on 2019-05-08 (63 days ago)

** Affects: dkms (Ubuntu)
     Importance: Undecided
         Status: New

** Tags: amd64 apport-bug eoan

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

  Passwords in Secure Boot MOK prompt aren't obscured

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to