Ph0wn: a Capture The Flag (CTF) dedicated to smart devices

August 30, 2018 ~ hucktech ~ Leave a comment

France in December!

For reminder, ph0wn is a smart devices CTF. https://t.co/rp9hZWEhVN. Located in Sophia Antipolis (France). https://t.co/VUfAn8Kf6D

— Axelle Ap. @cryptax @mastodon.social (@cryptax) August 27, 2018

https://ph0wn.org/

Kees Cook: Making C Less Dangerous [for the Linux kernel]

August 30, 2018 ~ hucktech ~ Leave a comment

Here are my slides from "Making C Less Dangerous [for the Linux kernel]" https://t.co/ePvz7B4Xzw

— Kees Cook (@kees_cook) August 27, 2018

Click to access danger.pdf

Facebook releases Bowler, Python refactoring tool

August 30, 2018 ~ hucktech ~ Leave a comment

We recently released Bowler – a tool for refactoring Python code safely and efficiently.

Docs: https://t.co/gH3CbFGy1k

GitHub: https://t.co/r5E3ybJB5D

PyCon Australia Presentation: https://t.co/TVRImMOjIw

— Meta Open Source (@MetaOpenSource) August 29, 2018

https://pybowler.io/

https://github.com/facebookincubator/bowler

ZeroNights CFP open

August 30, 2018 ~ hucktech ~ Leave a comment

#ZeroNights 2018 CFP is OPEN: Offensive and defensive research (15/30/45min). Submit your talk! https://t.co/nEiSzd8ptI pic.twitter.com/8jis3TMKXT

— ZeroNights (@ZeroNights) August 27, 2018

https://2018.zeronights.org/

Bought a ticket to #ZeroNights 2018, looking forward to meet @d_olex, @h0t_max, @evdokimovds, @solardiz and others there.

— Nikolaj Schlej (@NikolajSchlej) August 30, 2018

HITB-GSEC presentations online

August 30, 2018 ~ hucktech ~ Leave a comment

HITB-GSEC is happening, slides are uploaded in near real-time, day 1 presentations are up:

https://twitter.com/HITBGSEC/status/1034984965308440576

https://twitter.com/HITBGSEC/status/1035029344622653440

https://gsec.hitb.org/materials/sg2018/

Genode 18.08 released

August 30, 2018 ~ hucktech ~ Leave a comment

The latest release of the Genode OS has changes to microcode updates, as well as other firmware-related interface changes.

Genode 18.08 comes up with device drivers ported from Linux 4.16, microcode update mechanism for Intel CPUs, novel UI for the upcoming Sculpt VC edition making capability-based security graspable, SMP support in our custom kernel https://t.co/OjSn7hVkgf pic.twitter.com/pMLzU0jtHP

— Genode Labs (@GenodeLabs) August 30, 2018

https://genode.org/documentation/release-notes/18.08#New_Intel_Microcode_update_mechanism

https://genode.org/documentation/release-notes/18.08

DarkRISCV, an open source RISC-V core for FPGAs

August 30, 2018 ~ hucktech ~ Leave a comment

“The Rise of the Dark RISC-V?” by me for @HacksterIO. DarkRISCV, an open source RISC-V core for FPGAs. #RISCV #FPGA https://t.co/JVaheA7Mz9

— Alasdair Allan (@aallan) August 30, 2018

https://github.com/darklife/darkriscv

https://blog.hackster.io/the-rise-of-the-dark-risc-v-ddb49764f392

Booting the Mac: bless, and what makes a volume bootable

August 30, 2018 ~ hucktech ~ 1 Comment

Booting the Mac: bless, and what makes a volume bootable https://t.co/ACNYgbeeYk

— Howard Oakley, Eclectic Light Co (@howardnoakley) August 30, 2018

The last piece in the puzzle that is the booting of a Mac is understanding how any given volume is made bootable, and how it can be made the next startup volume.[…]

Booting the Mac: bless, and what makes a volume bootable

c-efi – UEFI Reference Specification Protocol Constants and Definitions

August 30, 2018 ~ hucktech ~ Leave a comment

The c-efi project provides the protocol constants and definitions of the UEFI Reference Specification as native C11 code. The scope of this project is limited to those protocol definitions. The protocols are not actually implemented. As such, this project serves as base for any UEFI application that needs to interact with UEFI, or implement (parts of) the UEFI specification. Additionally to providing a C library, this project also serves as documentation base for UEFI programming in C. It provides target-triples for UEFI, bootstrap helpers, and a bunch of documentation how to get started.

https://github.com/c-util/c-efi

Heardwear.io 2018 schedule posted

August 29, 2018 ~ hucktech ~ Leave a comment

Multiple sources of firmware security training!

Schedule for #hardwear_io 2018 is up! Check it out and choose your favorite Talks and Workshops to attend -> https://t.co/6oh2m0ZGIe #Hardware # Security #Cybersecurity

— hardwear.io (@hardwear_io) August 29, 2018

https://hardwear.io/schedule.php

AArch64-UEFI-LLVM-HelloWorld: uses GNU-EFI and CLang on ARM

August 29, 2018 ~ hucktech ~ Leave a comment

https://github.com/tnishinaga/aarch64-uefi-llvm_helloworld

UEFI HelloWorld application with clang + lld + gnu-efi(header only)

This is a nonstandard build environment for UEFI, using GNU-EFI with clang (not efi-clang) on ARM not Intel. Last time I looked, GNU-EFI was Intel-centric and GCC-centric, so this is impressive.

Tianocore UEFI hackathon

August 29, 2018 ~ hucktech ~ Leave a comment

We're happy to announce the first public TianoCore hack-a-thon as part of @osfc_io 2018, which will be focused on Signed UEFI Capsule Updates.

More Information: https://t.co/DQJmvZesco pic.twitter.com/qi6q47GffA

— tianocore (@tianocore) August 29, 2018

https://github.com/tianocore/tianocore.github.io/wiki/2018-EDK-II-Capsule-Hack-a-thon

“This is the first time Intel has staged a public TianoCore hack-a-thon event.”

miasm-bootloader: Bootloader emulation with Miasm (case of NotPetya)

August 29, 2018 ~ hucktech ~ Leave a comment

Bootloader emulation with @MiasmRe (case of NotPetya) by @adriengnt #awesome https://t.co/rGeVgDhNqY pic.twitter.com/44cplvbCPf

— Guillaume Valadon (@guedou) August 29, 2018

https://github.com/aguinet/miasm-bootloader

efi-devel – UEFI Development Utilities for developers using Meson

August 29, 2018 ~ hucktech ~ Leave a comment

This new hello-world UEFI application project is interesting in that it uses Meson to build UEFI binaries.

https://github.com/efi-util/efi-devel

https://mesonbuild.com/

Two TPM vulnerabilities: CVE-2017-16837 and CVE-2018-6622

August 29, 2018 ~ hucktech ~ Leave a comment

https://twitter.com/campuscodi/status/1034865139042983937

https://www.bleepingcomputer.com/news/security/researchers-detail-two-new-attacks-on-tpm-chips/

Click to access security18_slides_han.pdf

https://github.com/kkamagui/papers/tree/master/usenix-security-2018

coreboot user group in Berlin this Thursday

August 27, 2018 ~ hucktech ~ Leave a comment

This thursday @coreboot_org usergroup meeting at @afra_berlin starting from 18:30 (open end). If you like you can flash your laptop. #coreboot. There will be also a x230 with FullHD mod.

— @lynxis@chaos.social (@lynxislazus) August 27, 2018

Intel ME JTAG PoC for INTEL-SA-00086

August 27, 2018 ~ hucktech ~ Leave a comment

Ready to uncover Intel ME background? Use our PoC to activate JTAG and dump ME ROM https://t.co/PXDCrssolB

— Mark Ermolov (@_markel___) August 27, 2018

Almost year has passed since we reported the INTEL-SA-00086 vulnarability and we have published JTAG activation PoC for Intel ME. You can use JTAG for researching ME core (via DbC debug cable). Step-by-step instructions at https://t.co/TWbgEbrmNm pic.twitter.com/9lCJPYfLBF

— Maxim Goryachy (@h0t_max) August 27, 2018

Vulnerability INTEL-SA-00086 allows to activate JTAG for Intel Management Engine core. We developed our JTAG PoC for the Gigabyte Brix GP-BPCE-3350C platform. Although we recommend that would-be researchers use the same platform, other manufacturers’ platforms with the Intel Apollo Lake chipset should support the PoC as well (for TXE version 3.0.1.1107).[…]

https://github.com/ptresearch/IntelTXE-PoC

Spectre & Meltdown vulnerability/mitigation checker for Linux

August 26, 2018 ~ hucktech ~ Leave a comment

"Check for Spectre, Meltdown, and L1 Terminal Fault Vulnerabilities with Spectre-meltdown-checker Script" https://t.co/cL87yg3ED4 #tech #feedly

— ladore (@ladore) August 26, 2018

A shell script to tell if your system is vulnerable against the several “speculative execution” CVEs that were made public in 2018.

CVE-2017-5753 [bounds check bypass] aka ‘Spectre Variant 1’
CVE-2017-5715 [branch target injection] aka ‘Spectre Variant 2’
CVE-2017-5754 [rogue data cache load] aka ‘Meltdown’ aka ‘Variant 3’
CVE-2018-3640 [rogue system register read] aka ‘Variant 3a’
CVE-2018-3639 [speculative store bypass] aka ‘Variant 4’
CVE-2018-3615, CVE-2018-3620, CVE-2018-3646 [L1 terminal fault] aka ‘Foreshadow & Foreshadow-

https://www.cnx-software.com/2018/08/17/check-spectre-meltdown-l1-terminal-fault-linux/amp/

https://github.com/speed47/spectre-meltdown-checker/

Booting the Mac: Visual Summary

August 26, 2018 ~ hucktech ~ 1 Comment

Booting the Mac: Visual Summary https://t.co/JabWmsxJ68 pic.twitter.com/ihN4sLTRaj

— Howard Oakley, Eclectic Light Co (@howardnoakley) August 25, 2018

This article provides a simplified visual summary of the various stages which take place when a modern Intel Mac starts up in macOS 10.12 or 10.13, from pressing the Power button through to running the kernel and its extensions.[…]

Booting the Mac: Visual Summary

BootProcess

What’s stored in Mac NVRAM?

August 26, 2018 ~ hucktech ~ 1 Comment

What’s stored in NVRAM? https://t.co/y5VdLEKSLH

— Howard Oakley, Eclectic Light Co (@howardnoakley) August 24, 2018

NVRAM stores key settings which your Mac cannot obtain from disk during startup. Variables vary according to the model, version of macOS, and EFI firmware in use. Included among these are the following:[…]

What’s stored in NVRAM?