353C videos online or streaming soon…

Lots of stuff is happening at CCC…


Trammell’s CCC LinuxBoot presentation, annotated transcript uploaded

LinuxBoot at 34c3

This is an annotated transcript of an overview talk that I gave at 34C3 (Leipzig 2017) entitled “Bringing Linux back to the server BIOS with LinuxBoot”.




Intel ME at CCC

It appears PTSecurity may have a GUI Debugger for Intel ME??

The “Minix Inside” stickers look great, click on the tweet from frdnd.

Hoping CCC staff does the great job they do ever year and get the videos for these events online quickly! 😉




PS: Of course, this isn’t all that is happening at CCC. There are multiple other interesting talks, eg:




Remaining CCC talks online

I wish all conferences had AV teams as good as CCC!


There are about a dozen hardware-related talks, and many of the other talks look useful. Especially this one:

Making it easier to avoid low-level compromise, and why you’ll still lose
Matthew Garrett

CCC day1 videos online

CCC’s media team is great! Their videos are already online, for day 1. Lots of interesting videos to watch, if you’re not in Germany, including Joanna on the stateless laptop and Trammel on Thunderstrike!


Towards (reasonably) trustworthy x86 laptops
Joanna Rutkowska

Thunderstrike 2
Trammell Hudson

Hardware/Firmware security at CCC!

There are likely other presentations at CCC that’re worth attending, but here are two that you MUST ATTEND, if you’re going to CCC:

Joanna Rutkowska
Towards (reasonably) trustworthy x86 laptops
Can we build trustworthy client systems on x86 hardware? What are the main challenges? What can we do about them, realistically? Is there anything we can? In the first part we will take a look at the security problems we encounter on modern Intel-based x86 systems, specifically on laptops. In the second part we will discuss how most (all?) of these problems could be addressed, with just minimal hardware modifications realizable by laptop OEMs.

Matthew Garrett
Beyond Anti Evil Maid: Making it easier to avoid low-level compromise, and why you’ll still lose
In 2011, Joanna Rutkowska unveiled an easy-to-use tool for mitigating many attacks on system boot chains by using the TPM – the Anti Evil Maid. Unfortunately the implementation was difficult to incorporate into normal system boot in a secure manner – anybody able to observe a user could recreate the secret. This presentation describes a method to allow systems to prove their identity to the user without making it trivial for attackers to mimic a secure boot and extract secrets from the user, and why the state of modern hardware means this may still not be enough. A correctly implemented Trusted Boot solution makes it possible for systems to prove to other systems that they have booted with the expected boot chain. The Anti Evil Maid technique took advantage of this to encrypt a secret with the TPM in such a way that a system whose firmware or bootloader had been compromised would no longer be able to decrypt that secret. Unfortunately, the use of a static secret makes it easier for an attacker to mimic a good boot – as a result, a sufficiently motivated attacker could circumvent Anti Evil Maid and convince the user that a compromised system was in a good state. This presentation describes the use of shared trust between the system and another device, making it significantly more difficult for an attacker to mimic a trusted boot. It includes a description of the implementation of Trusted Boot support in Free operating systems on modern UEFI systems, how this can be tied into sharing trust between multiple devices and the limitations that may still permit state-level actors to compromise these techniques.