Firmware security, why it matters and how you can have it

Watch on YouTube

Show annotations

10,441

246

6

Genre: Education

License: Creative Commons Attribution license (reuse allowed)

Family friendly? Yes

Wilson score: 0.949

Rating: 4.9048 / 5

Engagement: 2.41%

linux.conf.au 2019 — Christchurch, New Zealand

Subscribe | 12.3K

Shared January 24, 2019

Matthew Garrett

https://2019.linux.conf.au/schedule/p...

A system is only as secure as the least secure component it depends on. Hardening the kernel is a vital part of developing a secure operating system, but if the firmware underneath the kernel is insecure then attackers have an opportunity to sidestep your security and compromise you anyway.

Firmware security research is a rapidly growing field, but the wider world is unaware of a lot of the output. Over recent users we've seen vulnerabilities involving exploitation of code running in system management mode, taking advantage of firmware-level hardware initialisation scripts run on resume from suspend, and even compromise of the management engine - an entirely separate computer that lives inside your chipset.

There's a huge amount of work being done to improve this, but you probably haven't heard about it. This presentation will cover how the state of the art is shifting, along with a discussion of how much of this applies to projects such as Coreboot and Libreboot and whether it's possible to obtain the same level of security without compromising the freedom to run whatever you want on your system.

linux.conf.au is a conference about the Linux operating system, and all aspects of the thriving ecosystem of Free and Open Source Software that has grown up around it. Run since 1999, in a different Australian or New Zealand city each year, by a team of local volunteers, LCA invites more than 500 people to learn from the people who shape the future of Open Source. For more information on the conference see https://linux.conf.au/

#linux.conf.au #linux #foss #opensource



1:18:21

"Uncle" Bob Martin - "The Future of Programming"

972K views

1:43:44

NYLUG Presents: Lennart Poettering -on- Systemd in 2018

18K views

43:12

But Mummy I don't want to use CUDA - Open source GPU compute

37K views

46:11

FPGA based mobile phone: Creating a truly open and trustable mobile communications device

8.2K views

13:11

Why Do Backwards Wings Exist?

2.9M views

45:12

Here's What Happens When an 18 Year Old Buys a Mainframe

2.3M views

57:33

How Science is Taking the Luck out of Gambling - with Adam Kucharski

1.2M views

43:24

RCU's First-Ever CVE, and How I Lived to Tell the Tale

3.8K views

47:36

IPMI - because ACPI and UEFI weren't terrifying enough

29K views

40:39

GOTO 2015 • Agile is Dead • Pragmatic Dave Thomas

634K views

22:10

#270 The Raspberry Pi4: The good, the bad & the ooops! // Review

130K views

35:52

🔴 Why The Next Financial Crisis Will Be Bigger Than 2008 (w/ Jim Rickards)

216K views

39:59

Writing Viruses for Fun, not Profit

288K views

8:41

5 Secrets Pro Photographers DON'T Want You To Know

53K views

47:18

The Tragedy of systemd

446K views

32:40

Kernel Security Is Cool Again

3.8K views

47:29

Booting faster

48K views

46:33

Preventing the IoT Dystopia with Copyleft

12K views

10:34

6 Mistakes New Linux Users Make

307K views