Uncategorized

Raptor Engineering seeks funds for OpenBMC port

Raptor Engineering is asking for crowdsource funding to help them port OpenBMC to an ASUS system:

“Make coreboot a first-class citizen in the datacenter on modern, blob-free hardware.”

https://www.raptorengineering.com/coreboot/kgpe-d16-bmc-port-offer.php

Standard
Uncategorized

Denver coreboot Conference 2017

Denver coreboot conference
Monday June 5 – Tuesday June 6, 2017
Optional Hacking Day
Wednesday June 7, 2017

https://www.coreboot.org/events/denver2017

https://www.coreboot.org/Denver2017

See also:

https://firmwaresecurity.com/2017/01/28/european-coreboot-conference-2017/

 

Standard
Uncategorized

European coreboot conference 2017

OEMs: please note!

Carl-Daniel Hailfinger posted an announcement to the upcoming European coreboot conference 2017 to the coreboot-announce list:

We are currently planning to host a coreboot conference in Germany with 2 days of talks and an additional 2 days of hacking. The date will probably either be October 19-22 or October 26-29, i.e. directly before or after Embedded Linux Conference Europe and LinuxCon Europe. Ticket prices haven’t been decided yet and depend on the location and venue availability. The location will be either in Bonn or Bochum. Both Bochum and Bonn offer a variety of interesting activities for conference participants. Bochum is reachable by public transport from Frankfurt Airport within 120 minutes, from Dusseldorf Airport within 40 minutes and from Cologne Airport within 80 minutes. Bonn is reachable by public transport from Frankfurt Airport within 70 minutes, from Dusseldorf Airport within 70 minutes and from Cologne Airport within 30 minutes.
YOUR ACTION NEEDED!
Please fill out the application and subscribe to the newsletter if you are planning to join us!
https://www.coreboot.org/events/ecc2017

Full announcement:
https://www.coreboot.org/pipermail/coreboot-announce/2017-January/000024.html

Standard
Uncategorized

librecore

Phoronix has a new article about librecore, a free-as-in-freedom firmware project:

librecore is a distribution of Free/Libre firmware recipes for compiling and generating firmware for devices. The intended targets for the firmware include only those which can be run in total freedom by the user. This means that librecore firmware is distributed as source code, and does not include any binary blobs. The purpose of this project is to push the limits of software freedom in boot firmware. librecore is free firmware not unlike coreboot however with a different focus. While we collaborate with coreboot and share mature code to further these goals, our focus is more around maintainability and feature completeness of more libre hardware platforms such as POWER, SPARC, RISC-V and other non-x86 ISA’s.

https://github.com/librecore-org/librecore-org.github.io

http://librecore.info/

http://www.phoronix.com/scan.php?page=news_item&px=Librecore-Formation

https://www.phoronix.com/forums/forum/hardware/motherboards-chipsets/925901-librecore-aiming-to-be-a-better-libre-spin-of-coreboot

Read the Reddit thread and the Phoronix Forums for more background beyond the main article.:

“[…]I am one of the core developers of librecore and I can confidently say everything you wrote in your article about our project is complete speculative garbage. The librecore and libreboot projects are completely independent projects that have no relationship what-so-ever. The librecore project is a fork from coreboot by some original coreboot developers such as myself with different technical objectives.[…]”

(Not to be confused with librecores (plural):

https://www.librecores.org/

Standard
Uncategorized

Yuriy and Oleksandr at REcon

Baring the system: New vulnerabilities in SMM of Coreboot and UEFI based systems
By: Yuriy Bulygin, Oleksandr Bazhaniuk

Previously, we discovered a number of vulnerabilities in UEFI based firmware including software vulnerabilities in SMI handlers that could lead to SMM code execution, attacks on hypervisors like Xen, Hyper-V and bypassing modern security protections in Windows 10 such as Virtual Secure Mode with Credential and Device Guard. These issues led to changes in the way OS communicates with SMM on UEFI based systems and new Windows SMM Security Mitigations ACPI Table (WSMT). This research describes an entirely new class of vulnerabilities affecting SMI handlers on systems with Coreboot and UEFI based firmware. These issues are caused by incorrect trust assumptions between the firmware and underlying hardware which makes them applicable to any type of system firmware. We will describe impact and various mitigation techniques. We will also release a module for open source CHIPSEC framework to automatically detect this type of issues on a running system.

https://recon.cx/2017/brussels/talks/baring_the_system.html

https://firmwaresecurity.com/2017/01/05/yuriy-to-speak-at-recon-brussels/

 

 

Standard
Uncategorized

Coreboot Conference 2017 announced!

European Coreboot Conference 2017
Location: Germany

We are currently planning to  host a coreboot conference with 2 days of talks and an additional 2 days of hacking. Sometime in October 2017 in Bonn or Bochum, Germany.
The dates will probably either be October 19-22 or October 26-29,  i.e. directly before or after Embedded Linux Conference Europe and LinuxCon Europe.
Ticket prices haven’t been decided yet and depend on the location and venue availability.  Add your email address to be sent an invite to the conference when it is announced.

https://www.coreboot.org/events/ecc2017

 

Standard