Uncategorized

Intel Developer Forum

IDF is happening later this month in San Francisco, and there are multiple firmware presentations there. I counted about a dozen presentations that focus on UEFI, BIOS, Redfish, and related topics. Use the Search dialog in below URL to find things.

http://www.intel.com/content/www/us/en/intel-developer-forum-idf/san-francisco/2016/idf-2016-san-francisco-technical-sessions.html

Standard
Uncategorized

Intel IDF post-conference materials

Intel Developer Forum ended the other week:

https://firmwaresecurity.com/2015/08/11/firmware-at-intel-developer-forum/

The other day I posted a pointer to a Redfish/UEFI HTTP Boot talk at IDF, and commented that I wish I could find the video. A kind reader showed me how to navigate the cryptic IDF archive site:

http://myeventagenda.com/sessions/0B9F4191-1C29-408A-8B61-65D7520025A8/7/5

The search function on that page works well, eg filtering on firmware. There are PDF and A/V links to many of them!  IDF had 200 talks, many of them interesting to firmware security. For example, here’s the talk on Redfish from yesterday:

http://myeventagenda.com/sessions/0B9F4191-1C29-408A-8B61-65D7520025A8/7/5

Standard
Uncategorized

HP/Intel presentation on HTTP Boot and Redfish

Samer El-Haj-Mahmoud, a System Firmware Architect at Hewlett-Packard, was kind enough to give me an URL to a recent presentation at Intel Developer Forum (IDF), on UEFI HTTP Boot and DMTF Redfish:

STTS001: Firmware in the Data Center:
Building a Modern Development Framework Using UEFI and Redfish REST APIs.
Mark Doron, Intel
Dong Wei, HP
Samer El-Jah-Mahmoud, HP

The HP/Intel co-presentation is on HTTP Boot and Redfish, and the UEFI based deployment solution on HP ProLiant Servers. Topics include PXE -vs- UEFI HTTP Boot, IPMI -vs- Redfish, and clarification of HP’s implementation -vs- recent UEFI 2.5/TianoCore implementation. I wish I could find audio or video archives of this talk, not just slides. 😦

I’m not a fan of URL-shorteners, and this is a LONG URL, I think you need all the stuff after the .pdf extension:

https://hubb.blob.core.windows.net/e5888822-986f-45f5-b1d7-08f96e618a7b-published/0ed65053-1511-4d28-b55c-4e0813a0519a/STTS001%20-%20SF15_STTS001_100f.pdf?sv=2014-02-14&sr=c&sig=RJybmBnFV2JOPeXMlwn1UB9DHcQTC7cZfkPkupXc5kw%3D&se=2015-08-25T18%3A50%3A04Z&sp=rwd

Also, check out the UEFI videos and other resources at HP’s site:
http://www.hp.com/go/proliant/uefi

Standard
Uncategorized

Intel SMI Transfer Monitor (STM) for SMM

Recently, Intel announced STM, a way to help secure SMM.
https://firmwaresecurity.com/2015/08/18/intel-announces-stm-at-idf/

So far, it appears the some of the expert firmware security researchers do not dissapprove of STM, though they wanted it earlier:

Standard
Uncategorized

Intel announces STM at IDF

Intel just announced STM at IDF, read Vincent’s blog for more details:

http://vzimmer.blogspot.com/2015/08/smi-transfer-monitor-stm-unleashed.html

https://firmware.intel.com/content/smi-transfer-monitor-stm

https://firmware.intel.com/sites/default/files/STM_Release_1.0.zip

https://firmware.intel.com/sites/default/files/A_Tour_Beyond_BIOS_Launching_STM_to_Monitor_SMM_in_EFI_Developer_Kit_II.pdf

https://firmware.intel.com/sites/default/files/STM_User_Guide-001.pdf

Standard
Uncategorized

UEFI HTTP Boot support announced

I’ve been wondering about UEFI 2.5’s HTTP Boot support since the Tianocore checkins started, a few months ago:

https://firmwaresecurity.com/tag/uefi-http-boot/

Intel announced more on this today, preparing for their upcoming IDF presentations on the topic:

UEFI 2.5 also added DNS support to complete the network stack needed for UEFI HTTP boot. I’ve yet to see any vendor except HP announce a product yet, perhaps IDF will unveil new products from other vendors.

Standard
Uncategorized

Firmware at Intel Developer Forum

IDF, Intel’s Developer Forum, is happening shortly, August 18-20 (or so). It appears Brian and Vincent of Intel UEFI will be speaking, at least:

Vendors usually announce/release new things at their annual conferences, so I’m looking forward to seeing what Intel does… With 201 sessions, only a 2-minute glance at the schedule, here’s a teaser (but not all) of the more interesting presentations I noticed:

STTS001 — Firmware in the Data Center: Building a Modern Deployment Framework Using Unified Extensible Firmware Interface (UEFI) and Redfish REST APIs
STTS002 — Building a Firmware Component Ecosystem with the Intel® Firmware Engine
ACAS002 — Defense Against the Dark Arts – Introduction to Malware Research
STTS003 — Developing Best-in-Class Security Principles with Open Source Firmware
DCWC005 — Tech Chat: Trusted Networks in the Cloud – Attestation of Network Elements for Secure Cloud
ISGC003 — Tech Chat: A Primer on Intel® Software Guard Extensions (Intel® SGX)
SFTC003 — Tech Chat: Securing the Internet of Things with Intel® Micro Runtime (Intel® MRT)
ARCS003 — Intel® Architecture Code Name Skylake Deep Dive: Hardware-Based Security for Windows® 10
SPCS012 — Zoom-in on Your Code with Intel® Processor Trace and Supporting Tools
ISGC001 — Tech Chat: Intel® Security Controller – The Platform to Automate Your Security Application for Software-Defined Infrastructure
MAKE003 — Hands-on Maker Lab: Bring Up a MinnowBoard, the Intel® Atom™ Processor Based Open Hardware Platform
STTC003 — Tech Chat: Using Intel® Firmware Engine to Generate Simulated Platforms for Wind River Simics*
DCWC007 — Tech Chat: Differentiating Your Data Center Platforms in Firmware
ISGC003 — Tech Chat: A Primer on Intel® Software Guard Extensions (Intel® SGX)
SFTC003 — Tech Chat: Securing the Internet of Things with Intel® Micro Runtime (Intel® MRT)
SPCC002 — Tech Chat: A Wireless Smartphone-Based Pulmonary Function Analyzer
HSTS004 — Thunderbolt™ 3 Technology and USB-C*
INFS009 — Trusted Containers and VMs in Cloud Environments
ISGS004 — Biometric Authentication in Trusted Execution Environments
RPCS009 — Developer Training on Intel® Active Management Technology
SSDS004 — The Future of Storage Security

http://www.intel.com/content/www/us/en/intel-developer-forum-idf/san-francisco/2015/idf-2015-san-francisco-agenda.html

http://www.intel.com/content/www/us/en/intel-developer-forum-idf/san-francisco/2015/idf-2015-san-francisco.html

Standard