Firmware security, why it matters and how you can have it

Watch on YouTube

Show annotations

Download is disabled.

10,856

258

6

Genre: Education

License: Creative Commons Attribution license (reuse allowed)

Family friendly? Yes

Wilson score: 0.9513

Rating: 4.9091 / 5

Engagement: 2.43%

linux.conf.au 2019 — Christchurch, New Zealand

Subscribe | 12.6K

Shared January 24, 2019

Matthew Garrett

https://2019.linux.conf.au/schedule/p...

A system is only as secure as the least secure component it depends on. Hardening the kernel is a vital part of developing a secure operating system, but if the firmware underneath the kernel is insecure then attackers have an opportunity to sidestep your security and compromise you anyway.

Firmware security research is a rapidly growing field, but the wider world is unaware of a lot of the output. Over recent users we've seen vulnerabilities involving exploitation of code running in system management mode, taking advantage of firmware-level hardware initialisation scripts run on resume from suspend, and even compromise of the management engine - an entirely separate computer that lives inside your chipset.

There's a huge amount of work being done to improve this, but you probably haven't heard about it. This presentation will cover how the state of the art is shifting, along with a discussion of how much of this applies to projects such as Coreboot and Libreboot and whether it's possible to obtain the same level of security without compromising the freedom to run whatever you want on your system.

linux.conf.au is a conference about the Linux operating system, and all aspects of the thriving ecosystem of Free and Open Source Software that has grown up around it. Run since 1999, in a different Australian or New Zealand city each year, by a team of local volunteers, LCA invites more than 500 people to learn from the people who shape the future of Open Source. For more information on the conference see https://linux.conf.au/

#linux.conf.au #linux #foss #opensource



32:40

Kernel Security Is Cool Again

4.1K views

1:18:21

"Uncle" Bob Martin - "The Future of Programming"

1M view

43:12

But Mummy I don't want to use CUDA - Open source GPU compute

39K views

45:40

Does making the kernel harder make making the kernel harder?

16K views

45:12

Here's What Happens When an 18 Year Old Buys a Mainframe

2.5M views

47:18

The Tragedy of systemd

467K views

46:11

FPGA based mobile phone: Creating a truly open and trustable mobile communications device

9K views

16:35

Quantum computing explained with a deck of cards | Dario Gil, IBM Research

1.3M views

43:33

Reverse engineering vendor firmware drivers for little fun and no profit [linux.conf.au 2014]

33K views

29:17

How Telephone Phreaking Worked

687K views

44:17

STM32 Development Boards (literally) Falling From The Sky

9.9K views

45:42

Securing the Linux boot process

2.4K views

46:09

Why Isn't Functional Programming the Norm? – Richard Feldman

271K views

23:20

How to Learn Anything... Fast - Josh Kaufman

3.6M views

46:33

Preventing the IoT Dystopia with Copyleft

12K views

44:59

Making C Less Dangerous in the Linux kernel

42K views

21:31

The mind behind Linux | Linus Torvalds

2.6M views

1:31:06

See what your computer is doing with Ftrace utilities

6K views

53:11

EFI and Linux: the future is here, and it's awful - Matthew Garrett

69K views