Tag: CHIPSEC

LegbaCore releases new firmware research at RSA Conference

~ hucktech ~ Leave a comment

LegbaCore gave a firmware security talk at last month’s RSA Security Conference. The presentation materials and some video, are online.

LegbaCore, along with Invisible Things Lab are IMO the top two firmware security firmws, so when they release substantial new research like this, everyone should pay attention.

(If you attended my LinuxFestNorthWest talk last month on firmware security tools, the advise the LegbaCore covers in this presentation is much more detailed than what I covered.)

This is probably the best advise available to date for enterprises to protect themselves from bootkits. More up-to-date than the NIST SP guidelines or any other best practices that I know of. Everyone involved with protecting enterprise systems needs to study this carefully.

Title: Are You Giving Firmware Attackers a Free Pass?
Synopsis: Yes. Yes you are. Because you’re not patching away the vulnerabilities we and others have found and disclosed, and you’re not inspecting whether anyone has infected your firmware. This talk provides an introduction to firmware threats & capabilities. But because it is longer than previous talks like “Betting BIOS Bugs Won’t Bite Y’er Butt?”, a special emphasis is placed on including actions organizations can take immediately to mitigating firmware vulnerabilities and infections, above and beyond patching.

More Information:

http://www.legbacore.com/Research.html

Linaro makes LUVos-live available for ARM64

~ hucktech ~ 1 Comment

LUVos (Linux UEFI Validation — aka luvOS or LUVos, is a Yocto-based Linux distro that helps diagnose UEFI firmware. LUV-live is a liveimage boot version of LUVos. LUV-live also includes other hardware/firmware tools, such as BITS, FWTS, and CHIPSEC.

Intel-based LUV was initially only targeting Intel platforms. But LUV is an open source project, with a healthy community of contributors.

Recently Linaro has been porting LUV to ARM64. Thanks, Linaro! This is great news for ARM64 Linux enterprise hardware. Once Linaro ports CHIPSEC to ARM, it’ll be a very good day for ARM64 firmware defensive security tools.

It would be nice to consider an ARM32 port, as well as ARM64. All devices need bootkit detection tools, not just enterprise-class systems. 🙂

[Someone please wake up AMD. Right now, AFAICT, their platform now has the worst defensive tools. They need a LUV-live with a CHIPSEC that works on ARM systems.]

https://wiki.linaro.org/LEG/Engineering/luvOS

https://01.org/linux-uefi-validation