Tag: event

Teddy Reed on firmware attacks TONIGHT

~ hucktech ~ Leave a comment

Short notice, but if you are reading this immediately and are in Bay Area, then you might be able to attend. The rest of us will have to hope they videotape this and share the archive.

Defending, detecting, and responding to hardware and firmware attacks

This presentation takes a different approach to hardware and firmware security by exploring how our enterprise defenders can recognize vulnerable systems and potential compromise. Defense begins with visibility, that means baselining kernel drivers, kernels, boot loaders, ACPI table content, SMBIOS metadata; it then continues into logging real time OS API-generated hardware events. This data and pipeline can fuel existing correlation and IoC collections to identify known good and eventually known bad. Creating production deployable and repeatable recipes for these somewhat esoteric features is essential. We will present a summary of immediate tools and actions for “deep systems defense”, an analysis of where our defenders remain blind to compromise, and recommendations on where our industry can focus tailored effort to generate massive impact.

Teddy is a Security Engineer at Facebook developing production security tools. He is very passionate about trustworthy, safe, and secure code development. He loves open source and collaborative engineering when scale, resiliency, and performance enable defensive and protective software design.

https://www.eventbrite.com/e/fastly-security-speaker-series-part-2-tickets-25216388898

Hardwear.io: Call For Papers Open

~ hucktech ~ Leave a comment

The Call-for-Papers is open for the 2nd annual Hardware.IO conference, the only (?) hardware-centric security conference.

Hardwear.io is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper. Hardwear accepts papers on any topic that discusses in-depth hardware and firmware security both from the offensive as well as defensive perspective.

Dates:
CFP Opens: 5th April 2016
CFP Closing Date: 5th July 2016
Final list of speakers online: 15th July 2016
Training: 20th – 21st Sept 2016
Conference: 22nd – 23rd Sept 2016

Training Venue:
The Hague Security Delta
Wilhelmina van Pruisenweg 104
2595 AN The Hague
The Netherlands
Conference Venue: TBD

http://hardwear.io/

HardwareCon

~ hucktech ~ Leave a comment

HardwareCon3 is happening this March. It is a conference for hardware startups:

http://www.hardwarecon.com/hardwarecon-2016-the-future-of-hardware/
http://www.hardwarecon.com/schedule-2/full-schedule/
https://www.eventbrite.com/e/hardwarecon-2016-tickets-15904516838?discount=meetup15
http://www.hardwarecon.com/

[…] “As the hardware revolution has matured, startups can no longer rely on first to market and record breaking crowdfunding campaigns to help establish a business.  Competition has rapidly expanded and once revolutionary new products are fast becoming commodity.  But new sub-sets of markets are simultaneously arising – “enchanted objects” and new M2M devices are just starting to see mass adoption and are opening whole new markets.  At the request of hardware entrepreneurs and last year’s participants, HardwareCon 2016 is expanding this year to include a Hardware University day at its start on Friday March 4th in addition to the expert advice and hard data provided to participants at HardwareCon.” […]

First to market with insecure product is no longer a reliable tactic? Nice to know! I can’t find anything on security at this conference. I am afraid this is one source of insecure IoT products, or as they like to call them, “enchanted objects”, after the book of the same name. If this conference continues, I hope the 4th/subsequent ones have a track on security.

http://enchantedobjects.com/

FOSDEM

~ hucktech ~ Leave a comment

FOSDEM is happening soon, and there are a *LOT* of interesting talks there this year:

https://fosdem.org/2016/schedule/events/

Here’s a mere teaser of the many hardware/firmware-related ones, from a very quick (incomplete) look at their schedule, there are MANY other interesting talks not listed below.:

Genode’s TrustZone demo on the USB Armory
Developing eco-conscious Libre Hardware
Libreboot – free your BIOS today!
MIPS, the other side of the embedded
open source FPGA toolchain and hardware
NemoTablet, a FOSS DIY tablet using Raspberry Pi 2
Make your own USB device without pain and money!
Security in IoT; more a cultural chock than a technical challenge
IoT meets Security
USBGuard: Take control over your USB devices

TCG workshop in Tokyo next month

~ hucktech ~ Leave a comment

Today the TCG sent out a news announcement about their presence at JRF in Tokyo next month. Email header/footers removed, but body not excerpted, since no URL and only from TCG newsletter.

You’re Invited to Attend the Annual Japan Regional Forum (JRF) Workshop in Tokyo on December 2, 2015.

Date/Time:  Wednesday, December 2, 2015  13:30 – 19:30

Venue: Akihabara UDX Next 1 – Tokyo, Japan

The Japan Regional Forum (JRF) will be hosting its annual Open Workshop on Wednesday, December 2, 2015 at Akihabara UDX in Tokyo.

This 7th annual JRF Workshop is open to both members of the Trusted Computing Group (TCG) and non-members who are interested in TCG activities and issues around security.

This event provides an excellent opportunity to learn global trends and challenges in IoT, Automotive, and Embedded System, and get deep understanding through the discussions through the event.

The program includes a keynote address from David Grawrock, Senior Principal Engineer of Intel on TPM core features for Trustworthy in IoT Era. In addition, Koji Ono, Technical Sales, Consumer & Partner Group OEM at Microsoft Japan will lead a session on security feature of Windows 10 for IoT and Mark Schiller, Executive Director of the Trusted Computing Group will introduce TCG efforts for embedded system and IoT as well as benefit of joining TCG.

Other speakers include Shinji Sato, IPA (Information-technology Promotion Agency, Japan), Shinichi Horata, IPCERT/CC (Japan Computer Emergency Response Team Coordination Center), and Ryo Kurachi, TCG Invited Expert from Nagoya University.

The session is followed by reception with food & drink and will provide a great opportunity to network with speakers and members of the TCG.  TCG technology demo showcase will also be available for attendees.

If you are interested in attending this event please visit the TCG JRF website (Japanese) at http://www.trustedcomputinggroup.org/jp/jrfworkshop .

Registration will close on Wednesday, November 25, 2015.

More info:
http://www.trustedcomputinggroup.org/jp/jrfworkshop

Breaking Bad BIOS at Intel Security’s FOCUS conference

~ hucktech ~ Leave a comment

Intel Security has their annual FOCUS conference, in Las Vegas in a few weeks.

I may have missed others, but there is at least ONE interesting presentation at this event:

Breaking Bad BIOS — The Art of BIOS Attacks
Oleksandr Bazhaniuk, Security Researcher, Intel Security

Recent attacks against Basic Input/Output Systems (BIOSs) attracted attention due to their ability to enable stealthy and highly persistent malware capable of compromising software applications, operating systems, and hypervisors. Some can bypass secure OS boots, enable attacks on encrypted disks, and even allow additional malware installs.
 * Understand current BIOS attacks and attack surfaces
 * Understand platform level tools and mitigations
 * Observe an actual attack demo

http://focus.intelsecurity.com/Focus2015/SessionsSessionSchedule.aspx

B-Sides Portland schedule announced

~ hucktech ~ Leave a comment

Workshop highlights:

http://www.bsidespdx.org/workshops

Hands-on JTAG for fun and root shells
JTAG may be almost 30 years old with little change, but that doesn’t mean most people really understand what it does and how. This workshop will start with a brief introduction to what JTAG really is, then quickly dive into some hands-on practice with finding, wiring, and finally exploiting a system via JTAG.
For this workshop, we’ll target a Raspberry Pi with an ARM microprocessor. In order to interact with the system, we’ll use a JTAG interface cable from FTDI. We won’t do any hardware modifications, but we will hook up wires in weird and wonderful ways to make the Raspberry Pi do things it otherwise shouldn’t.

Presentation highlights:

http://www.bsidespdx.org/speakers2015

Jtagsploitation: JTAG to Root, 5 Ways
JTAG comes up in nearly every hardware-related hack. In order to do anything via JTAG, you generally need a hardware debugging device that connects to anything from a standard header to undocumented test points scattered around a device. JTAG access is almost always ‘game over’ but it’s not always clear how to turn that hardware access into privileged software access on the system.
This talk will enumerate a number of different ways to turn a ‘check’ for jtag access into the ‘checkmate’ of root shell access. Each example will demonstrate a unique method for getting root access via JTAG. Each method is also general enough to be broadly applicable across different hardware architectures and implementations. Example code and scripts will be released at the talk.

Scared Poopless – LTE and *your* laptop
With today’s advancement in connectivity and internet access using 3G and LTE modems it seems we all can have a device that’s always internet capable, including our laptops, tablets, 2 in 1’s ultrabook. It becomes easier to be online without using your WiFi at all.  In our talk we will demonstrate and discuss the exploitation of an internal LTE modem from Huawei which can be found in a number of devices including laptops by HP.

NSA Playset: Bridging the Airgap without Radios
The NSA ANT catalog contains a number of hardware implants that enable communication, command and control, and data exfiltration over alternate channels that would not typically be monitored. The listed tools fall short when it comes to exfiltrating data from particularly secure or heavily monitored, or radio hostile locations.
This talk introduces a new addition to the NSA Playset. BLINKERCOUGH is inspired by some of the capabilities described in the ANT catalog and expands upon the features of CHUCKWAGON in a number of ways. BLINKERCOUGH is implanted inside an unremarkable cable and communicates optically to jump air gaps, escape faraday cages, and communicate out-of-band with zero radio footprint. This talk will outline the development of the hardware, present several use cases, and demonstrate its use to escape a faraday cage.
http://bsidespdx2015.eventzilla.net/web/event?eventid=2139090484

ESC Minneapolis in November

~ hucktech ~ Leave a comment

ECS, the Embedded Systems Conference, takes place in a few cities. The next one is in Minneapolis.MN.US in early November.
The ESC Minneapolis Technical Conference Program consists of 4 topic groups covering all aspects of embedded system design and IoT, from design through hardware, systems, and connected devices.

http://www.embeddedconf.com/minneapolis/
http://www.embeddedconf.com/minneapolis/scheduler/list

I didn’t see a lot of security presentations in the schedule, but did find these:

* Effective Use of a Memory Protection Unit (MPU) in Safety-critical C/C++ Code, German Rivera (Freescale)
* Using MISRA to Secure Your IOT Device, Greg Davis (Green Hills Software)
* 100% Open Source Development for the ARM Cortex M, Michael Anderson (The PTR Group, Inc.)
* Writing Reliable C and C++ Code, Greg Davis (Green Hills Software)
* Preventing Breaches: Five Ways to Protect Your Software Supply Chain, Rod Cope (Rogue Wave Software)

 

seL4 Developer Day, October, Malibu

~ hucktech ~ Leave a comment

Two things to announce for seL4:

They’ve released a roadmap for development and verification.

And they’ve a Developer Day event happening next month. I missed the information about their first Developer Day last month. They’ve just announced a second Developer day, October 8-9, organized in conjunction with DARPA, hosted at HRL Labs, in Malibu, California.

https://sel4.systems/Info/Roadmap/
https://sel4.systems/Community/Devdays/
https://sel4.systems/lists/listinfo/announce

Security focus of next Linaro Connect

~ hucktech ~ Leave a comment

Linaro Connect is happening in 4 days in San Francisco.

“The theme for the week is security.”

The security track:
* Security requirements on ARMv8-A boot architecture
* Linux kernel generic TEE driver
* OP-TEE Content Decryption with Microsoft PlayReady on ARM
* Expanding security choices: DRM & CA interoperability
* Expanding security choices panel
* Secure storage in OP-TEE
* Lessons learned on migrating open source Chromium-OPTEE to 96Boards
* TBD
* TBD

More Information:
https://www.linaro.org/news/keynote-speakers-lined-up-for-linaro-connect-sfo15/
http://connect.linaro.org/sfo15/

KVM Forum 2015 materials available

~ hucktech ~ Leave a comment

[[ UPDATE: WordPress mangles the below URL to Pauolo’s SMM talk. Download the PDF from the linux-kvm.org link below instead. ]]

The KVM Forum recently finished, and their post-conference materials are available, including videos of some of the presentations. There are multiple interesting talks on QEMU and KVM for security researchers. Two talks that jump out to me are:

Securing secure boot: system management mode in KVM and Tiano Core
by Paolo Bonzini

Click to access 03×06-Aspen-Paolo_Bonzini-Securing_secure_boot.pdf

Using IPMI in QEMU
by Corey Minyard

Click to access 03×08-Juniper-Corey_Minyard-UsingIPMIinQEMU.ods.pdf

More Information:
http://www.linux-kvm.org/page/KVM_Forum_2015

44con presentations available

~ hucktech ~ Leave a comment

44con just finished. I didn’t mention this event earlier, but it included a few interesting presentations and workshops:

Is there an EFI monster inside your apple?
Pedro Vilaça

Hands-on JTAG for fun and root shells
Joe FitzPatrick

Pen Test Partners IoT Workshop
Dave Lodge

http://www.slideshare.net/44Con

44CON Homepage

Reminder: Seattle-area sysadmin firmware talk Thursday

~ hucktech ~ Leave a comment

This SASAG talk on firmware security for system administrators is this Thursday.

It will be an attempt to integrate NIST SP147’s firmware lifecycle model with the various hardware/software models sysadmins use (Hardware Lifecycle Model, ITIL, ITAM, etc.), to better represent firmware in that model, as well as recommend some open source tools to use.

It appears I had the location confused (correct address, incorrect name) in my initial post. The SASAG post has the proper name of and a Google Maps pointer to the event location:

Stamatatos Lab, 2211 Elliot Ave, 1st Floor, Seattle WA

http://www.sasag.org/2015/08/14/sept-10th-mtg-defending-intel-uefi-systems-from-firmware-attackers/

Seattle-area SysAdmin firmware talk 9/10

Linaro Firmware mini-Summit next month

~ hucktech ~ Leave a comment

Today on the Linaro Firmware Summit mailing list, Al Stone of Red Hat just announced the next Firmware Summit

What: Linaro Firmware mini-Sumit (at Linaro Connect)
When: Tuesday, September 22th, 2015, 2-6pm
Where: Hyatt Regency San Francisco Airport Hotel, Burlingame, CA

Initial agenda topics include:

1) Current state of ACPI on ARM
2) Support/backing for a longer term organization (i.e., mailing lists, web sites, further meetings…)
3) Use of _DSD device properties
4) Follow-up on others items from the last meeting (mostly promised documents)

Other topics are being solicited. See the full posting on the fw-summit list archives.

https://lists.linaro.org/mailman/listinfo/fw-summit
http://sanfranciscoairport.hyatt.com/en/hotel/home.html
http://connect.linaro.org