UEFI PI spec updated

The UEFI Forum has released a new version of the PI spec. William’s blog entry has a copy of the relevent section of the release notes:

https://uefi.org/specifications
https://uefi.org/sites/default/files/resources/PI_Spec_1_7_final_Jan_2019.pdf

https://www.basicinputoutput.com/2019/02/uefi-forum-releases-pi-spec-17.html

Some input from Nikolaj:

Patching Yourself into Windows Code Integrity, Part 1: On-Disk Patching

I started this whole thing because I wanted to run my own kernel-mode code while still having access games protected by anti-cheat that don’t allow test signing, and I didn’t want to shell out the time and money required to get an EV certificate. […]I’m going to start out by patching binaries on disk, but the end result will be a UEFI application that patches all binaries in memory. […]

https://github.com/Avery3R/re-writeups/blob/master/windows-ci/part1_on_disk_patching.md

UEFI vulnerabilities classification focused on BIOS implant delivery

View story at Medium.com

Debian UEFI Secure Boot changes!

Steve McIntyre has posted an update on Debian’s UEFI Secure Boot status, to the debian-boot and debian-efi mailing lists. Excerpt:

I’ve just pushed changes to a few bits of d-i this weekend to make SB work for amd64:

* build/util/efi-image: […]
* build/config/arm.cfg, build/config/x86.cfg: […]
* debian/control: […]
* grub-installer/grub-installer: […]

The effect of these changes is that the next daily and weekly debian installer images (tomorrow) should Just Work (TM) end-to-end with UEFI Secure Boot. The changes to efi-image also mean that our next live image builds will do SB (for live and installation).

I’ll test all these again in the next couple of days to verify that things have pulled through as I expect, then it’s time to post to d-d-a and write a blog too. We’ve made great progress already. These last changes just tie it all together for end users.

More info:

https://lists.debian.org/msgid-search/20190113192343.qg3ekmtnyepscwxb@tack.einval.com

UEFI-based screen capture tools

I notice that Microsoft’s Project Mu has a PrintScreenLogger tool (Ctrl+PrtScn):

https://github.com/Microsoft/mu_plus/tree/release/201808/MsGraphicsPkg/PrintScreenLogger

https://microsoft.github.io/mu/dyn/mu_plus/MsGraphicsPkg/PrintScreenLogger/Readme/#printscreenlogger-operation

and that it is already getting some forks:

https://github.com/vscpp/PrintScreenLogger

Before that, there was RU.EFI command line tool (F12):

https://firmwaresecurity.com/2016/09/09/ru-efi-updated-screen-snapshot-support/

and Nikolaj’s CrScreenShotDXE (LeftCtrl+LeftAlt+F12):

https://firmwaresecurity.com/2016/01/04/screenshot-taking-uefi-dxe-driver/

https://firmwaresecurity.com/2016/08/23/william-reviews-crscreenshotdxe/

And there are probably a few other options I’m not aware of, including by IBVs/ODMs.