Uncategorized

Linux UEFI firmware updates via LVFS at Linaro Connect

System Firmware and Device Firmware Updates using Unified Extensible Firmware Interface (UEFI) Capsules

Firmware is responsible for low-level platform initialization, establishing root-of-trust, and loading the operating system (OS). Signed UEFI Capsules define an OS-agnostic process for verified firmware updates, utilizing the root-of-trust established by firmware. The open source FmpDevicePkg in TianoCore provides a simple method to update system firmware images and device firmware images using UEFI Capsules and the Firmware Management Protocol (FMP). This session describes the EFI Development Kit II (EDK II) capsule implementation, implementing FMP using FmpDevicePkg, creating Signed UEFI Capsules using open source tools, and an update workflow based on the Linux Vendor Firmware Service (fwupd.org).

https://yvr18.pathable.com/meetings/740447

http://connect.linaro.org/schedule/

https://fwupd.org/

Standard
Uncategorized

UEFI Forum: Firmware Security 101 Webinar

The UEFI Forum is doing a webinar on Firmware Security! I don’t know if GoToMeeting supports this with webinars, but it’d be nice if you could make the audio archive available for those who can’t dial in, or need time to listen to audio to translate to their native language.

http://www.uefi.org/node/3877

Tuesday, July 24 at 9:00 am PT

FIRMWARE SECURITY 101 WEBINAR

The Firmware Security 101 Webinar will feature a panel of firmware security experts representing the Forum, including:

Moderator:
Michael Krau, Industry Communications Working Group Chair

Panelists:
Eric Johnson, American Megatrends, Inc.
Tim Lewis, Insyde Software
Vincent Zimmer, Intel

The panelists will outline the major challenges currently facing platform security, how the UEFI Forum and UEFI specification address these challenges and finally, how you can join us in the battle to protect firmware from outside threats. The webinar is open to the public and attendees will get the chance to participate in a live Q&A session.

Registration for this free, one-hour webcast will open in the next couple of weeks.

Standard
Uncategorized

iSecCon 2018: Intel Security Conference 2018

Re: https://firmwaresecurity.com/2018/06/15/intel-security-conference/

More details are available:

iSecCon 2018: Intel Security Conference 2018
Intel Ronler Acres 4 (RA4), 2501 NW Century Blvd
Hillsboro, OR, United States, December 4-5, 2018

PROGRAM COMMITTEE:
* Rodrigo Branco (BSDaemon), Chief Security Researcher, Intel Corporation (STrategic Offensive Research & Mitigations – STORM, IPAS)
* Deepak K Gupta, Security Researcher, Intel Corporation (Windows OS Group)
* Marion Marschalek, Senior Security Researcher, Intel Corporation (STrategic Offensive Research & Mitigations – STORM, IPAS)
* Martin Dixon, Chief Security Architect, Intel Corporation (IPAS)
* Vincent Zimmer, Senior Principal Engineer, Intel Corporation (Software and Services Group)
* Matt Miller, Partner, Microsoft Corporation
* Cesar Cerrudo, CTO, IOActive
* Thomas Dullien (“Halvar Flake”), Staff Engineer, Google Project Zero
* Shay Gueron, Senior Principal Engineer, Amazon Web Services (AWS)

https://easychair.org/cfp/iSecCon2018

Standard
Uncategorized

Asian Hardware Oriented Security and Trust Symposium (AsianHOST)

Hardware has long been viewed as a trusted party supporting the whole computer system and is often treated as an abstract layer running instructions passed through the software layer. Historically, cybersecurity community believed that the integrated circuit (IC) supply chain is well protected. However, the IC supply chain, which is now spread around the globe, has become more vulnerable to attacks than before. The heavy reliance on third-party resources/services breeds security concerns and invalidates the illusion that attackers cannot easily access the isolated IC supply chain. Formal methods have been proven to be effective in security verification on hardware code. Trustworthy hardware is also under development for the construction of the root-of-trust. The intrinsic properties of existing and emerging devices, MOSFET, memristor, spintronics, etc. are leveraged for security primitives and applications. Another trend in the hardware security area is the development of security enhanced hardware infrastructure for system level protection. The goal is to provide a fully operational software and hardware platform that ensures secure design, manufacturing, and deployment of modern computer systems.

Asian Hardware Oriented Security and Trust Symposium (AsianHOST) aims to facilitate the rapid growth of hardware security research and development in Asia and South Pacific areas. AsianHOST highlights new results in the area of hardware and system security. Relevant research topics include techniques, tools, design/test methods, architectures, circuits, and applications of secure hardware. AsianHOST 2017 invites original contributions related to, but not limited by, the following topics.

http://asianhost.org/2018/authors.htm#cfp

 

Standard
Uncategorized

Open Source Firmware Conference (OSFC) CfP open!

The Call for Papers is open for the Open Source Firmware Conference:

https://osfc.io/

https://easychair.org/cfp/osfc2018

Standard
Uncategorized

KVM Forum 2018: Call For Participation

KVM Forum 2018: Call For Participation
October 24-26, 2018
Edinburgh, UK

KVM Forum is an annual event that presents a rare opportunity for developers and users to meet, discuss the state of Linux virtualization technology, and plan for the challenges ahead. We invite you to lead part of the discussion by submitting a speaking proposal for KVM Forum 2018. […] This year, KVM Forum is joining Open Source Summit in Edinburgh, UK. Selected talks from KVM Forum will be presented on Wednesday October 24 to the full audience of the Open Source Summit. Also, attendees of KVM Forum will have access to all of the talks from Open Source Summit on Wednesday.[…]

https://events.linuxfoundation.org/events/kvm-forum-2018/program/cfp/

http://www.linux-kvm.org/page/KVM_Forum_2018_BOF

https://events.linuxfoundation.org/events/kvm-forum-2018/

https://mail.coreboot.org/pipermail/seabios/2018-May/012272.html

Standard