Uncategorized

Apple: periodic reminder: set your firmware password

Re: https://firmwaresecurity.com/2018/05/02/apple-set-your-firmware-password/

https://support.apple.com/en-us/ht204455

Standard
Uncategorized

Xeno updates Low Level PC Attack Papers list

Re: https://firmwaresecurity.com/2017/05/15/xeno-updates-low-level-pc-attack-papers-list/

Xeno has updated it again. Look at his current tweets to see the indivual entries added. Xeno is one of the pioneers of firmware security research, and this is basically the canon list of HW/FW issues.

Required reading for anyone reading a blog like this.

https://timeglider.com/timeline/5ca2daa6078caaf4

I’ll be blunt, I *LOVE* the data, but I wish it was a plain web page, TimeGlider makes the data less useful to me.

Hoping someday the data expands to virtualization-level firmware, in addition to bare-metal.

Standard
Uncategorized

Nikolaj moves to US

Apple firmware security researcher Nikolaj Schlej has been working from Europe, and is now moving to the US.

Nice picture of the Xeno, Corey, and Nikolaj in the above tweet.

Standard
Uncategorized

Microsoft Surface devices and Intel AMT

During the initial Intel AMT bug report, Xeno of Apple tweeted that Apple didn’t use AMT.

Recently, Microsoft has also stated that the Surface devices don’t use AMT:

https://blogs.technet.microsoft.com/surface/2017/06/01/intel-amt-vulnerability-and-surface-devices/

https://www.thurrott.com/mobile/microsoft-surface/117346/surface-devices-not-vulnerable-intel-amt-exploit

 

Standard
Uncategorized

PCIleech -vs- Apple Mac OS X

It appears Mac OS X 10.12.2 has some firmware-related security updates, with some defense against PCILeech:

http://blog.frizk.net/2016/12/filevault-password-retrieval.html
https://github.com/ufrisk/pcileech

 macOS FileVault2 Password Retrieval

“macOS FileVault2 let attackers with physical access retrieve the password in clear text by plugging in a $300 Thunderbolt device into a locked or sleeping mac. The password may be used to unlock the mac to access everything on it. To secure your mac just update it with the December 2016 patches. Anyone including, but not limited to, your colleagues, the police, the evil maid and the thief will have full access to your data as long as they can gain physical access – unless the mac is completely shut down. If the mac is sleeping it is still vulnerable. Just stroll up to a locked mac, plug in the Thunderbolt device, force a reboot (ctrl+cmd+power) and wait for the password to be displayed in less than 30 seconds!
[…]
Recovering the password is just one of the things that are possible unless the security update is applied. Since EFI memory can be overwritten it is possible to do more evil …
[…]
December 13th: Apple released macOS 10.12.2 which contains the security update. At least for some hardware – like my MacBook Air.
[…]”

Look at recent Tweets from Xeno Kovah, he has multiple posts with information about the 10.12.2 update:

https://twitter.com/XenoKovah/

Firmware passwords:
https://support.apple.com/en-us/HT202796
https://support.apple.com/en-us/HT204455
https://support.apple.com/en-us/HT203409

I’ll admit, I didn’t find any firmwaer information in their release:
https://support.apple.com/en-us/HT207423

Standard