I’ve been eagerly waiting for this video since I couldn’t make the talk in person. This is hands down one of the best talks I’ve seen in firmware security, including some great coverage of the issues with security, development and deployment that are applicable to all sorts of devices, not just servers.
The solution presented is (sadly) only workable for relatively large deployments of relatively homogeneous servers. But it IS a fairly complete solution, unlike the various partial firmware-blob-specific solutions like Secure Boot. Where’s the Secure Boot for my NVMe SSD firmware?
Well worth the time to watch, for anyone responsible for the security of any hardware, or software running on hardware. So really, everyone. I think it is helpful to understand the problem and this solution, even if you’re only responsible for say, your personal laptop and smartphone.