Uncategorized

TPM: A Practical Guide (free ebook)

http://www.springer.com/us/book/9781430265832

It looks like this APress Open Book is also (or only) available via Springer now.

See also: https://firmwaresecurity.com/2016/12/19/apress-tpm-book-free-ebook-option/

Standard
Uncategorized

TPM firmware updates (and BiosSledgehammer)

The below tweet made me realize I’ve not been looking enough for TPM utilities. I’ve seen tools from HP, Dell, and Lenovo. Still looking for tools from other OEMs. The only community tool I can find is BiosSledgehammer, which only works on HP systems.

https://github.com/texhex/BiosSledgehammer

BiosSledgehammer: Automated BIOS update, TPM firmware update and BIOS settings for HP devices.

http://h20566.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05381064

http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05192291

http://www.dell.com/support/home/us/en/4/Drivers/DriversDetails?driverId=2105J

http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05192291

http://support.lenovo.com/us/en/downloads/ds038226

https://www.dell.com/support/article/us/en/04/SLN300914/trusted-platform-module–tpm–upgrade-downgrade-process-for-windows-7-and-10-operating-system-upgrade-downgrade?lang=EN

Standard
Uncategorized

PEXternalizer (and USB Sanitizer)

Pci Express eXternalizer lets you pull a PCIE1x port outside of your case using a usb3 cable.

 

https://github.com/securelyfitz/PEXternalizer

https://www.securinghardware.com/

Joe is always making fun toys.

https://github.com/securelyfitz/USBSanitizer

https://www.securinghardware.com/

Standard
Uncategorized

Wikileaks: Vault 7: Dark Matter

Today, March 23rd 2017, WikiLeaks releases Vault 7 “Dark Matter”, which contains documentation for several CIA projects that infect Apple Mac firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA’s Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain ‘persistence’ on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware. Among others, these documents reveal the “Sonic Screwdriver” project which, as explained by the CIA, is a “mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting” allowing an attacker to boot its attack software for example from a USB stick “even when a firmware password is enabled”. The CIA’s “Sonic Screwdriver” infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter. “DarkSeaSkies” is “an implant that persists in the EFI firmware of an Apple MacBook Air computer” and consists of “DarkMatter”, “SeaPea” and “NightSkies”, respectively EFI, kernel-space and user-space implants. Documents on the “Triton” MacOSX malware, its infector “Dark Mallet” and its EFI-persistent version “DerStarke” are also included in this release. While the DerStarke1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0. Also included in this release is the manual for the CIA’s “NightSkies 1.2” a “beacon/loader/implant tool” for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008. While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization’s supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise.

https://wikileaks.org/vault7/darkmatter/?cia

https://wikileaks.org/vault7/darkmatter/document/SonicScrewdriver_1p0/
https://wikileaks.org/vault7/darkmatter/document/DerStarke_v1_4_DOC/
https://wikileaks.org/vault7/darkmatter/document/DerStarke_v1_4_RC1_IVVRR_Checklist/
https://wikileaks.org/vault7/darkmatter/document/Triton_v1_3_DOC/
https://wikileaks.org/vault7/darkmatter/document/DarkSeaSkies_1_0_URD/

 

Standard
Uncategorized

awesome-safety-critical

This is a list of resources about programming practices for writing safety-critical software. Disclaimer: I don’t work on safety-critical software so the resources presented here are not necessarily authoritative or latest documents on topic.

https://github.com/stanislaw/awesome-safety-critical

On a related note, SEI just made their Secure C and Secure C++ books freely-available (registration required), those are worth reading:

http://www.sei.cmu.edu/news/article.cfm?assetID=495412

 

Standard