Hastily-written news/info on the firmware security/development communities, sorry for the typos.
https://bugzilla.tianocore.org/show_bug.cgi?id=1614
I just noticed that Microsoft has a project to help setup a dev box:
“The goal of this project is to provide a central place to share ideas for streamlining dev box setup and provide sample scripts for common dev scenarios. It’s likely you will want to take the scripts here and modify them to fit your particular needs.”
https://github.com/Microsoft/windows-dev-box-setup-scripts
For the last few years, they’ve been releasing Windows as a prebuilt VM, with most of the developer tools preinstalled. These VMs expire after a few weeks, so you’ll have to download a new VM every few weeks. [There’ve been periods of multiple weeks where there’s no VM available, waiting for the next build of Windows, so keep your old bits and hope expiration policy does not become more draconian.]
https://developer.microsoft.com/en-us/windows/downloads/virtual-machines
FLARE-VM is a nice script from Fireeye that sets up a Windows box with lots of security tools. Requires a fresh Windows install before use.
https://github.com/fireeye/flare-vm
https://www.fireeye.com/blog/threat-research/2018/11/flare-vm-update.html
Fireeye also has Commando-VM:
https://github.com/fireeye/commando-vm
Half a dozen open source projects (and an unknown number of closed source products) have nice scripts to setup a Windows system for development, but are project-centric.
Google has a new blog post about the security status of their platforms, and will be live-streaming an event on Thursday with more info:
https://security.googleblog.com/2019/05/quantifying-measurable-security.html
https://events.google.com/io/schedule/events/debb8c6e-df05-4644-bdde-116155300abf
PS: Looks like ru.efi picked a good time to start adding EC support: 🙂
http://ruexe.blogspot.com/2019/05/reading-ec-controllers.html
My slides from the recent LinuxFestNW talk with an intro to BMCs is linked here:
Click to access lfnw2019-bmc.pdf
I need to work with Paul and get both his and my slides from LFNW up on our Github page, along with our previous talks. For now, the above PDF is hosted on this blog site. 😦
This is an INTRODUCTORY talk. If you’re a regular reader of this blog, you probably don’t need to waste your time watching this. 🙂 This talk did not mention u-bmc or the bmclib projects, something I’ll fix the next time I give this a variation of this talk. Video is here:
BootKeeper: Validating Software Integrity Properties on Boot Firmware Images
Ronny Chevalier, Stefano Cristalli, Christophe Hauser, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, Danilo Bruschi, Andrea Lanzi
(Submitted on 29 Mar 2019)
Boot firmware, like UEFI-compliant firmware, has been the target of numerous attacks, giving the attacker control over the entire system while being undetected. The measured boot mechanism of a computer platform ensures its integrity by using cryptographic measurements to detect such attacks. This is typically performed by relying on a Trusted Platform Module (TPM). Recent work, however, shows that vendors do not respect the specifications that have been devised to ensure the integrity of the firmware’s loading process. As a result, attackers may bypass such measurement mechanisms and successfully load a modified firmware image while remaining unnoticed. In this paper we introduce BootKeeper, a static analysis approach verifying a set of key security properties on boot firmware images before deployment, to ensure the integrity of the measured boot process. We evaluate BootKeeper against several attacks on common boot firmware implementations and demonstrate its applicability.
BootGuard’s Verified Boot mode on modern Intel CPUs is the core root of trust and measurement during the boot process, and preserves the chain of trust by only executing firmware with a valid vendor signature. These protections are supposed to be secure against physical attacks on the SPI flash, although we’ve found multiple errors in handling the firmware volumes as well as a new technique for changing the firmware after the signature check has been done. In this talk we’ll demonstrate how to build an inexpensive open source tool for investigating these TOCTOU techniques and how to use it to test the security of your own systems.
The Confidential Consortium Framework (CCF) is an open-source framework for building a new category of secure, highly available, and performant applications that focus on multi-party compute and data. While not limited just to blockchain applications, CCF can enable high-scale, confidential blockchain networks that meet key enterprise requirements — providing a means to accelerate production enterprise adoption of blockchain technology.
https://d4stiny.github.io/Remote-Code-Execution-on-most-Dell-computers/
bootloader_instrumentation_suite – Bootloader research tools (very much a work in progress)
This test suite helps you keep track of different versions of
u-boot/build tools, static analysis of that build’s binaries, and
runtime trace results of running that binary on a given hardware
configuration. For each u-boot/build configuration it keeps a database
of information it statically gathered for each boot stage, boot stage
images/ELF files, a prepared SD card image, and test results of
runtime trace analyses. If it detects changes in the u-boot source or
build tools it will create a new set of test result directories with a
new sdcard image and static analysis results.
ARM’s Linaro hosts a weekly OpenHours on 96boards.org:
https://www.96boards.org/openhours/
Epsidoe 144 was about secure firmware, video is available:
There is a new Redfish command line tool being worked on (just getting started, not ready for use yet):
Erik Orejuela and Julio Franco have a new article on TechSpot, discussing BIOS vendor tools, covering these vendors’ tools:
Asus Live Update
Gigabyte @Bios
MSI Live Update
ASRock Live Update
Biostar BIOS Update Utility
https://www.techspot.com/article/1824-update-motherboard-bios/
https://www.crowdstrike.com/blog/crowdstrike-first-to-deliver-bios-visibility/
Ugh, their web page has some obnoxious code that changes the HTML header every few seconds to try and get your attention.
LinuxFestNorthWest was last weekend in Washington State. For the first time, there was an “Open Source Firmware” track, search for that string on the event listings for those presentations:
https://www.linuxfestnorthwest.org/conferences/2019/schedule/events
The LFNW videos are already up on Youtube:
I am still working on uploading my slides to the LFNW web site, and Github, please give me another day to find my password… 😦
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Discover the Desktop
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
News from coreboot world
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Just another WordPress.com site
Hastily-written news/info on the firmware security/development communities, sorry for the typos.
Firmware Security 
You must be logged in to post a comment.