Uncategorized

Joanna on trusting hardware

Joanna Rutkovska gave a talk on trust at BlackHat EU:

https://www.blackhat.com/docs/eu-17/materials/eu-17-Rutkowska-Security-Through-Distrusting.pdf

Standard
Uncategorized

OEMs: publish your platform firmware hashes [using codehash.db]

Reminder to OEMs: publish the hashes of your platform firmware. Hopefully using codehash.db.

In below twitter thread, Joanna asked Dell support for hashes for their firmware. Eventually, Rick Martinez of Dell got involved, so this is a good example of a conversation on this topic by two who understand the issues.

http://en.community.dell.com/techcenter/extras/m/white_papers/20287278

It looks like Dell needs to use HTTPS:

https://github.com/rootkovska/codehash.db

Standard
Uncategorized

Qubes and Golem

Golem is a global, open sourced, decentralized supercomputer that anyone can access. It’s made up of the combined power of user’s machines, from personal laptops to entire datacenters. Anyone will be able to use Golem to compute (almost) any program you can think of, from rendering to research to running websites, in a completely decentralized & inexpensive way. The Golem Network is a decentralized sharing economy of computing power, where anyone can make money ‘renting’ out their computing power or developing & selling software.

https://github.com/rootkovska/rootkovska.github.io/blob/master/papers/2017/Secure%20Computing%20in%20Decentralized%20World.pdf

https://golem.network/

 

Standard
Uncategorized

USB attack to Mazda cars: Bad Valet attack

“Bad Valet is the new Evil Maid” –Joanna Rutkowska

 

“A PoC that the USB port is an attack surface for a Mazda car’s infotainment system and how Mazda hacks are made.”

https://github.com/shipcod3/mazda_getInfo

 

Standard
Uncategorized

US Customs looks at QubesOS inventors computer

😦

 

Standard
Uncategorized

more on SCONE

Re: SCONE, mentioned here: https://firmwaresecurity.com/2017/01/07/secure-linux-containers-with-intel-sgx/

 

SCONE: Secure Linux Containers with Intel SGX
Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O’Keeffe, Mark L Stillwell, David Goltzsche, Dave Eyers, Rüdiger Kapitza, Peter Pietzuch, Christof Fetzer

In multi-tenant environments, Linux containers managed by Docker or Kubernetes have a lower resource footprint, faster startup times, and higher I/O performance compared to virtual machines (VMs) on hypervisors. Yet their weaker isolation guarantees, enforced through software kernel mechanisms, make it easier for attackers to compromise the confidentiality and integrity of application data within containers. We describe SCONE, a secure container mechanism for Docker that uses the SGX trusted execution support of Intel CPUs to protect container processes from outside attacks. The design of SCONE leads to (i) a small trusted computing base (TCB) and (ii) a low performance overhead: SCONE offers a secure C standard library interface that transparently encrypts/decrypts I/O data; to reduce the performance impact of thread synchronization and system calls within SGX enclaves, SCONE supports user-level threading and asynchronous system calls. Our evaluation shows that it protects unmodified applications with SGX, achieving 0.6✓–1.2✓ of native throughput.[…]

https://www.usenix.org/conference/osdi16/technical-sessions/presentation/arnautov

https://www.usenix.org/system/files/conference/osdi16/osdi16-arnautov.pdf

https://www.usenix.org/sites/default/files/conference/protected-files/osdi16_slides_knauth.pdf

Standard
Uncategorized

Joanna announces codehash.db, a software/firmware code hash database

Joanna Rutkowska of Invisible Things Lab posted a message to the Secure Desktops list, announcing a new public hash database for software and firmware! lightly-edited announcement below, see the list archive for full announcement:

Introducing a public db for software and firmware hashes:
I’ve recently created this simple repo which is an attempt to somehow addresses a problem of software and firmware “verifiability” (the word is somehow loaded, hence in quotation marks).  I imagine that once more and more vendors, such as e.g. Tails or Subgraph, or secure messenger app devs, or various firmware projects (coreboot, Trezor, OpenWRT, etc) agreed to stick to this format, we could expect each of them to submit hashes + signatures with each new release of their software.  These hashes would then be subsequently verified and submitted by other witnesses.  Each person or organization will be free to host a repo similar to the one above, only with the “proofs” from the select witness they consider somehow trusted or meaningful.

https://github.com/rootkovska/codehash.db
https://secure-os.org/cgi-bin/mailman/listinfo/desktops

(Now if OEMs and IBVs would only publish their golden image hashes, including after each update….)

Standard