Shared January 24, 2019
A system is only as secure as the least secure component it depends on. Hardening the kernel is a vital part of developing a secure operating system, but if the firmware underneath the kernel is insecure then attackers have an opportunity to sidestep your security and compromise you anyway.
Firmware security research is a rapidly growing field, but the wider world is unaware of a lot of the output. Over recent users we've seen vulnerabilities involving exploitation of code running in system management mode, taking advantage of firmware-level hardware initialisation scripts run on resume from suspend, and even compromise of the management engine - an entirely separate computer that lives inside your chipset.
There's a huge amount of work being done to improve this, but you probably haven't heard about it. This presentation will cover how the state of the art is shifting, along with a discussion of how much of this applies to projects such as Coreboot and Libreboot and whether it's possible to obtain the same level of security without compromising the freedom to run whatever you want on your system.
linux.conf.au is a conference about the Linux operating system, and all aspects of the thriving ecosystem of Free and Open Source Software that has grown up around it. Run since 1999, in a different Australian or New Zealand city each year, by a team of local volunteers, LCA invites more than 500 people to learn from the people who shape the future of Open Source. For more information on the conference see https://linux.conf.au/
#linux.conf.au #linux #foss #opensource
Kernel Security Is Cool Again
"Uncle" Bob Martin - "The Future of Programming"
But Mummy I don't want to use CUDA - Open source GPU compute
Does making the kernel harder make making the kernel harder?
Here's What Happens When an 18 Year Old Buys a Mainframe
The Tragedy of systemd
FPGA based mobile phone: Creating a truly open and trustable mobile communications device
Quantum computing explained with a deck of cards | Dario Gil, IBM Research
Reverse engineering vendor firmware drivers for little fun and no profit [linux.conf.au 2014]
How Telephone Phreaking Worked
STM32 Development Boards (literally) Falling From The Sky
Securing the Linux boot process
Why Isn't Functional Programming the Norm? – Richard Feldman
How to Learn Anything... Fast - Josh Kaufman
Preventing the IoT Dystopia with Copyleft
Making C Less Dangerous in the Linux kernel
The mind behind Linux | Linus Torvalds
See what your computer is doing with Ftrace utilities
EFI and Linux: the future is here, and it's awful - Matthew Garrett