Does this allow circumvention/dumping of the SecureBoot keys? Its an impressive looking piece of kit for sure, but the English leaves me confused as to what they were able to actually accomplish.
I would assume that the signature scheme uses some sort of public key system, so dumping the keys in the boot ROM wouldn't let you sign new code. Gaining access to the bootloader code would allow you to analyze it and potentially find vulnerabilities. There's no guarantee that vulnerabilities could be found, but the chances are a lot better than if you were just poking at it blind.
It looks like they did succeed in dumping the full contents of the boot ROM. They don't appear to have done anything with that dump (yet).
It looks like they did succeed in dumping the full contents of the boot ROM. They don't appear to have done anything with that dump (yet).