What you don’t know about firmware might get you 0wn3d

ID 标签 762375
已更新 7/29/2017
版本 Latest



Following firmware developers on social media during Black Hat & Def Con can be a bit bewildering. Firmware is becoming more important in the realm of cybersecurity research. Most of the work I do is working with other firmware developers to make sure they understand current capabilities and trends, but that work may take months or years to hit the market. The people on the front lines of computer security need some understanding of what they can do today to help secure their systems.

While many of my colleagues spent a very hot and crowded week in Las Vegas, I had a much cooler weekend at the Bsides conference in Asheville, NC. My "What you don’t know about firmware might get you 0wn3d" presentation is designed to describe the importance of firmware in computer security, and what can be done today to mitigate and detect common attacks against firmware. There are practical methods to prevent a number of common bootkit/rootkit attacks, platform security features to consider when purchasing new systems, and responsible ways to research firmware issues.

Firmware is Infrastructure

There are also some minor diversions into my feelings on civil infrastructure, a lack of threat modeling in the Galactic Empire's IT department, and plumbers using the Super Mario brothers as role models ... but I'm a nerd and come by that sort of thing honestly.

The "defense" side of cyber security isn't as cool as what we see from Black Hat & Def Con, but it's an essential part of any end-to-end solution. Hopefully a better understanding of firmware and platform root-of-trust will help IT departments and penetration testing teams improve security for their customers.