Category: Uncategorized

VMWare and UEFI Secure Boot

~ hucktech ~ Leave a comment

Stephen J. Bigelow has an article in TechTarget.com on VMWare and Secure Boot:

VMware vSphere 6.5 takes an extra security step, building on UEFI secure boot with added cryptographic validation to all ESXi components. VMware vSphere 6.5 added numerous features designed to improve the security of virtual machines both at rest and…[…]

You’ll have to give TechTarget.com your email address to read the article. 😦

http://searchvmware.techtarget.com/answer/How-does-ESXi-secure-boot-improve-vSphere-security

UEFI UDK2017 pre-release available

~ hucktech ~ Leave a comment

Brian Richardson of Intel announced a pre-release of UDK2017, a snapshot of the Tianocore.org EDK2 trunk code matching a set of UEFI.org specs.

Information on UDK2017, the next stable snapshot release of EDK II, is available on the TianoCore wiki.

From the release page on the wiki, here’s the list of

UDK2017 Key Features
    Industry Standards & Public Specifications
        UEFI 2.6
        UEFI PI 1.4a
        UEFI Shell 2.2
        SMBIOS 3.1.1
        Intel® 64 and IA-32 Architectures Software Developer Manuals
    Storage Technologies
        NVMe
        RAM Disk (UEFI 2.6, Section 12.17, RAM Disk Protocol)
    Compilers
        GCC 5.x
        CLANG/LLVM
        NASM
    OpenSSL 1.1.0
    UEFI HTTP/HTTPS Boot
    Adapter Information Protocol
    Regular Expression Protocol
    Signed Capsule Update
    Signed Recovery Images
    SMM Communication Buffer Protections
    STM Launch
    Memory Allocation/Free Profiler
    NX Page Protection in DXE
    LZMA Compression 16.04
    Brotli Compression
    MP Init Library

https://github.com/tianocore/tianocore.github.io/wiki/UDK2017

More info:
https://lists.01.org/mailman/listinfo/edk2-devel

RISC-V edition of Computer Organization and Design

~ hucktech ~ Leave a comment

Computer Organization and Design RISC-V Edition
1st Edition
The Hardware Software Interface
Authors: David Patterson John Hennessy
Paperback ISBN: 9780128122754
Imprint: Morgan Kaufmann
Published Date: 13th April 2017
Page Count: 696

https://www.elsevier.com/books/computer-organization-and-design-risc-v-edition/patterson/978-0-12-812275-4
https://www.elsevier.com/books-and-journals/book-companion/9780128122754
https://textbooks.elsevier.com/web/product_details.aspx?isbn=9780128122754

VM escape – QEMU case study on Phrack

~ hucktech ~ Leave a comment

https://twitter.com/_jsoo_/status/857907512908988417

http://www.phrack.org/papers/vm-escape-qemu-case-study.html

I wish more people wrote articles for Phrack.

some recent CHIPSEC presentations

~ hucktech ~ Leave a comment

I’m not sure that I’ve pointed to all of the recent CHIPSEC presentations that’ve happened recently. I don’t know that I have a complete list. 😦 Here are two recent ones, maybe some more in below tweets.

Attacking hypervisors through hardware emulation

Click to access TR17_Attacking_hypervisor_through_hardwear_emulation.pdf

Exploring your system deeper

Click to access opcde_ExploringYourSystemDeeper_updated.pdf

Click to access csw2017_ExploringYourSystemDeeper_updated.pdf

—–begin slideshare.net stuff—–

—–end slideshare.net stuff—–

Debian Live images now include UEFI support

~ hucktech ~ Leave a comment

Steve McIntyre gave an update on Debian official images to the debian-(cd, devel-announce,live,cloud) mailing lists. There’s a UEFI update on Debian Live images:
Live images – now including UEFI support

After a hiatus, weekly builds of live images for testing are now happening again. These cover amd64 and i386, and there is a separate image for each of the common desktop environments. Thanks to great work by Neil Williams, Iain Learmonth and Ana Custura on new tools (vmdebootstrap and live-wraper), these also include support for UEFI booting as a new feature. Please help test the images and give feedback:

http://get.debian.org/cdimage/weekly-live-builds/

See Steve’s message to the above-listed lists for the full post.

https://lists.debian.org/msgid-search/20170428012707.GJ28360@einval.com

Debian 9 defers UEFI Secure Boot support

~ hucktech ~ Leave a comment

From the latest “Bits from the Release Team” message, it appears that Debian 9 will probably defer Secure Boot support to later.

Secure Boot
At a recent team meeting, we decided that support for Secure Boot in the forthcoming Debian 9 “stretch” would no longer be a blocker to release. The likely, although not certain outcome is that stretch will not have Secure Boot support. We appreciate that this will be a disappointment to many users and developers. However, we need to balance that with the limited time available for the volunteer teams working on this feature, and the risk of bugs being introduced through rushed development. It’s possible that Secure Boot support could be introduced at some point in stretch’s lifetime.

Full message:
https://lists.debian.org/debian-devel-announce/2017/04/msg00013.html
https://wiki.debian.org/SecureBoot
https://wiki.debian.org/UEFI

Windows 10 new preboot security features

~ hucktech ~ Leave a comment

There’s a few new preboot-related features in recent builds of Microsoft Windows, excerpt of some of them below.

New features in Windows 10, version 1511:
* Credential Guard: Enable Credential Guard without UEFI lock. You can enable Credential Guard by using the registry. This allows you to disable Credential Guard remotely. However, we recommend that Credential Guard is enabled with UEFI lock. You can configure this by using Group Policy.
* Bitlocker: DMA port protection. You can use the DataProtection/AllowDirectMemoryAccess MDM policy to block DMA ports when the device is starting up. Also, when a device is locked, all unused DMA ports are turned off, but any devices that are already plugged into a DMA port will continue to work. When the device is unlocked, all DMA ports are turned back on.
* Bitlocker: New Group Policy for configuring pre-boot recovery. You can now configure the pre-boot recovery message and recover URL that is shown on the pre-boot recovery screen. For more info, see the Configure pre-boot recovery message and URL section in “BitLocker Group Policy settings.”
* New BCD events: Event ID 4826 has been added to track the following changes to the Boot Configuration Database (BCD): DEP/NEX settings, Test signing, PCAT SB simulation, Debug, Boot debug, Integrity Services, Disable Winload debugging menu
* New PNP events:  Event ID 6416 has been added to track when an external device is detected through Plug and Play. One important scenario is if an external device that contains malware is inserted into a high-value machine that doesn’t expect this type of action, such as a domain controller.
* TPM: Key Storage Providers (KSPs) and srvcrypt support elliptical curve cryptography (ECC).
* TPM: The following sections describe the new and changed functionality in the TPM for Windows 10: Device health attestation, Microsoft Passport support, Device Guard support, Credential Guard support […]

https://docs.microsoft.com/en-us/windows/whats-new/whats-new-windows-10-version-1507-and-1511
https://technet.microsoft.com/en-us/windows/release-info

The Open Source Toolkit: open source hardware for science

~ hucktech ~ Leave a comment

The Open Source Toolkit features articles and online projects describing hardware and software that can be used in a research and/or science education setting across different fields, from basic to applied research. The channel editors aim to showcase how open source tools can lead to innovation, democratisation and increased reproducibility. The Open Source movement revolutionized the way computer systems were developed and how companies made their businesses. Its philosophy requires that all source code should be freely shared, so that as many people as possible can use, change, learn, and improve upon it. This movement made its way into academia and several open source packages are available for scientists. In recent years, the increasing availability and low cost of electronic components, processors and 3D printers meant that an open model of development has taken root also in the world of hardware, including the development of scientific lab equipment. The implications for research can hardly be overstated: “Open Labware” designs are almost always cheaper than “closed source” ones, allow for distributed development and, critically, customization by the end user, the lab scientist.

 

PLOS was founded in 2001 as a nonprofit Open Access publisher, innovator and advocacy organization with a mission to accelerate progress in science and medicine by leading a transformation in research communication.

https://channels.plos.org/open-source-toolkit

http://collections.plos.org/open-source-toolkit-hardware

https://www.plos.org/core-principles

 

20+ China-based companies join UEFI Forum

~ hucktech ~ Leave a comment

They could have at least included the list of the 20+ companies in the press release. ;-(

In anticipation of the first China-based UEFI event in ten years, over 20 new members in China joined the UEFI Forum—indicating significant interest in UEFI technology in the greater China region. Additionally, in attendance from the region were prominent member companies including H3C and Inspur, Lenovo, Loongson Technology Corporation Limited, and Sugon.

http://finance.yahoo.com/news/20-china-based-companies-join-020000847.html

http://uefi.org/members

naken_asm: lightweight assembler/disassembler

~ hucktech ~ Leave a comment

naken_asm is lightweight assembler / disassembler with a focus on being easy to compile (no dependencies) and easy to use. It was originally called naken430asm, but since it has been expanded to support many more CPUs it has been renamed to naken_asm. Additionally, there is a simulator for of the supported CPUs.

https://github.com/mikeakohn/naken_asm
https://github.com/mikeakohn/naken_asm/tree/master/docs
http://www.mikekohn.net/micro/naken_asm.php

An Empirical Study on Android-related Vulnerabilities

~ hucktech ~ Leave a comment

Mobile devices are used more and more in everyday life. They are our cameras, wallets, and keys. Basically, they embed most of our private information in our pocket. For this and other reasons, mobile devices, and in particular the software that runs on them, are considered first-class citizens in the software-vulnerabilities landscape. Several studies investigated the software-vulnerabilities phenomenon in the context of mobile apps and, more in general, mobile devices. Most of these studies focused on vulnerabilities that could affect mobile apps, while just few investigated vulnerabilities affecting the underlying platform on which mobile apps run: the Operating System (OS). Also, these studies have been run on a very limited set of vulnerabilities. In this paper we present the largest study at date investigating Android-related vulnerabilities, with a specific focus on the ones affecting the Android OS. In particular, we (i) define a detailed taxonomy of the types of Android-related vulnerability; (ii) investigate the layers and subsystems from the Android OS affected by vulnerabilities; and (iii) study the survivability of vulnerabilities (i.e., the number of days between the vulnerability introduction and its fixing). Our findings could help OS and apps developers in focusing their verification & validation activities, and researchers in building vulnerability detection tools tailored for the mobile world.

https://arxiv.org/abs/1704.03356

https://www.peerlyst.com/posts/an-empirical-study-on-android-related-vulnerabilities-nic-cancellari