This story gives some background on Google’s Fuchsia platform.
Project ‘Fuchsia’: Google is Quietly Working on a Successor to Android
By Mark Bergen
and Mark Gurman
July 19, 2018, 3:00 AM PDT Updated on July 19, 2018, 8:31 AM PDT
Author: hucktech
AMI: Warning: Be Careful with Free USB Devices!
Bromium: uXen open source hypervisor
Digital Forensics Workshop: proceedings online
NyanMBR: Nyancat in the MBR
Re: https://firmwaresecurity.com/2017/12/01/nyan-load-and-efi-example/
There’s also a nyan for BIOS, not only the above UEFI one!
NYAN ALL THE MBRs! A 16 bit Nyan cat demo small enough to fit in the master boot record of a disk. BEFORE YOU CONTINUE: USE ON YOUR OWN RISK, PLAYING WITH MBRs IS LIKE PLAYING WITH FIRE. DO NOT BE ON FIRE!
DebugLogger: A software driver that lets you log kernel-mode debug output into a file on Windows.
Who Watches the Watchmen: slides online
the slides are now available:
ministub: Simplified EFI stub for Linux, based on systemd’s EFI stub
A simplified EFI stub that allows you to bundle a Linux kernel image, initial RAM disk, and command line into a single EFI binary, so that you can sign the image and use it in a user key Secure Boot setup. This is just a simplified version of systemd’s stub.
Rationale: systemd’s usual EFI stub includes the command line, kernel image and RAM disk as separate sections in the PE. I was having random boot failures with that, and so I wondered if the extra sections were causing issues with my laptop’s pretty poor UEFI implementation.
https://github.com/angelsl/ministub
extract-firmware: Extracts EFI firmware installer pkg from High Sierra installer
Extracts EFI firmware installer pkg from High Sierra installer
Cybercrime is changing. Your business needs to be resilient
lol, this was a sponsored ad by HP, not a story by an author. Tricked me. 🙂
[…]Commercial-grade UEFI malware, which infects a device’s firmware, has been known to exist since at least 2015, and it’s only a matter of time before it’s used in a focused attack.[…]
http://www.itpro.co.uk/security/31388/cybercrime-is-changing-your-business-needs-to-be-resilient
LLVM: Introduce a new pass to do Speculative Load Hardening (SLH) to mitigate Spectre variant 1
A new speculative load hardening pass was added for X86, aiming to mitigate Spectre variant #1
http://llvmweekly.org/issue/237
https://reviews.llvm.org/rL336990
r2angrdbg: use angr inside the radare2 debugger
Use angr inside the radare2 debugger.
Create an angr state from the current debugger state.
UEFI-BIOS-Flasher: Flash the BIOS via the UEFI Shell and PyEFI
There’s a bunch of UEFI tools in this new Github project, both Python source and .EFI binaries with NO SOURCE. I wish I had time to look at it today, but alas….
https://github.com/jlopez14/UEFI-BIOS-Flasher/
FOSSbytes: Comparing OEM Windows from Retail Windows
What is OEM Windows? How It’s Different From Retail Version Of Windows?
[…]The OEM Windows has its product key tied to a particular device. While the retail product key also works on one machine, it can be transferred to another one. Earlier, in the case of laptops, the OEM product key was written on the bottom part of the device. Nowadays, it’s embedded directly into firmware (BIOS or UEFI) of a device and used by Windows when required.[…]
What is OEM Windows? How It’s Different From Retail Version Of Windows?
Huawei: Security Advisory – Side-Channel Vulnerability Variants 3a and 4
SA No:huawei-sa-20180615-01-cpu
Initial Release Date: Jun 15, 2018
Last Release Date: Jul 17, 2018
Intel publicly disclosed new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown. These variants known as 3A (CVE-2018-3640)and 4 (CVE-2018-3639), local attackers may exploit these vulnerabilities to cause information leak on the affected system. (Vulnerability ID: HWPSIRT-2018-05139 and HWPSIRT-2018-05140).[…]
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180615-01-cpu-en
RWEverthing web site, HTTPS cert expired in January
RWeverything is a freeware tool, no source available. It includes a Windows kernel driver. CHIPSEC can be configured to trust and use that driver. It has been many years since I’ve trusted third-party freeware where I didn’t know the third-party author or have many other knowledgeable friends who trust them.
According to my system’s browser:
“rweverything.com uses an invalid security certificate. The certificate expired on January 8, 2018, 3:59:59 PM GMT-8. The current time is July 16, 2018, 3:58 PM.”
rowhammer-test: Google tool to test for Rowhammer
This is a 3-year-old tool, I just noticed. it. 😦
Google has created rowhammer-test to help with Rowhammer detection. Currently it works on Linux and Mac on Intel systems.
https://github.com/google/rowhammer-test
There’s also a mailing list for related discussions.
reminder: July24th: UEFI Forum’s first security webinar
Michael Krau, Industry Communications Working Group Chair
Eric Johnson, American Megatrends, Inc.
Tim Lewis, Insyde Software
Dick Wilkins, Phoenix Technologies
Vincent Zimmer, Intel
The panelists will outline the major challenges currently facing platform security, how the UEFI Forum and UEFI specification address these challenges and finally, how you can join us in the battle to protect firmware from outside threats. The webinar is open to the public and attendees will get the chance to participate in a live Q&A session.
http://www.uefi.org/node/3877
https://register.gotowebinar.com/register/3708207810278601474
https://www.gotomeeting.com/webinar/join-webinar
HelpNetSecurity reviews Absolute platform
Berislav Kucan has a new article on the Absolute platform.
Review: The Absolute Platform with Persistence Technology
Almost booting an iOS kernel in QEMU
I tried to boot an iOS 12 kernelcache in QEMU: I managed to get as far as IOKit startup before receiving a kernel panic. I learned a lot about how iOS boots up with this project.[…]
Firmware Security 
You must be logged in to post a comment.