I meant to do a final blog of '16 but I instead opted to catch the fireworks at the Seattle Space Needle
I like the end of the year as it hosts the Chaos Communications Conference (33c3). I recall seeing Trammell Hudson's Thunderstrike 2 https://media.ccc.de/v/32c3-7236-thunderstrike_2 over the '15 holiday, and for this '16 holiday I watched his talk on Heads, variously described in
http://hackaday.com/2016/12/29/33c3-if-you-cant-trust-your-computer-who-can-you-trust/
https://trmm.net/heads_33c3
https://www.youtube.com/watch?v=UqxRPLfrpfA
I like Trammell's threat model write up at https://trmm.net/Heads_threat_mode, too. Today we only have the higher level http://www.uefi.org/sites/default/files/resources/Intel-UEFI-ThreatModel.pdf.
It was interesting to see his mention of Intel (R) FSP and also reference our work on pre-OS DMA protection https://github.com/vincentjzimmer/Documents/blob/master/A_Tour_Beyond_BIOS_Using_Intel_VT-d_for_DMA_Protection.pdf.
Another talk of interest for the pre-OS was the review of porting UEFI Secure Boot for virtual machines https://media.ccc.de/v/33c3-8142-virtual_secure_boot. This entails the Open Virtual Machine Format (OVMF) http://www.tianocore.org/ovmf/ variant of EDKII that executes upon QEMU and is used as the guest firmware in projects like KVM, Virtualbox, etc.
The latter talk included a reference to the EDKII lock box https://www.kraxel.org/slides/virtual-secure-boot/#sb-virtual
work https://github.com/vincentjzimmer/Documents/blob/master/A_Tour_Beyond_BIOS_Implementing_S3_resume_with_EDKII_V2.pdf and emulating the full System Management Mode (SMM) infrastructure. The addition of more of the SMM infrastructure in https://github.com/tianocore/edk2/tree/master/UefiCpuPkg was positively mentioned, too.
Speaking of security and 33c3, an interesting read about researchers and industry was posted to
http://laforge.gnumonks.org/blog/20161206-it_security_culture_telecoms/. As long as the flaws are responsibly disclosed such that the conference presentations aren't zero-day events, I cannot argue with their sentiment.
One common element discussed in Heads and the Virtual Secure Boot topics entailed availability of full platforms. In that area there is great progress in having a set of full EDKII platform code in source that works with an Intel(R) FSP for the embedded Apollo Lake (APL) https://ark.intel.com/products/codename/80644/Apollo-Lake#@Embedded SOC (formerly known as "Broxton") in the repository https://github.com/tianocore/edk2-platforms/tree/devel-MinnowBoard3/.
Regarding security and treatment of EDKII https://github.com/tianocore/edk2 issues, we have moved our advisory update to gitbook from the former two PDF postings
https://www.gitbook.com/book/edk2-docs/security-advisory/details. These recent postings represent fixes that honored the industry request for six month embargo of the project updates. Going forward we'd like to auto-generate the advisory from Bugzilla https://github.com/tianocore/tianocore.github.io/wiki/Reporting-Security-Issues, but for now the document is manually curated. There have also been discussions of moving from the advisory document issue enumeration to things like CVE's https://cve.mitre.org/ which is an investigation in progress, too.
Moving into 2017, maybe I'll catch up to George Westinghouse's https://en.wikipedia.org/wiki/George_Westinghouse number of issued US Patents. I left 2016 with 354 issued, whereas George has 361 https://en.wikipedia.org/wiki/List_of_prolific_inventors.
2017 should also feature an update to a couple of UEFI books, including Beyond BIOS
https://www.degruyter.com/view/product/484468 and Harnessing the UEFI Shell
https://www.degruyter.com/view/product/484477. Beyond BIOS was originally published in 2006, so this update will mark over a decade since its first appearance.
It has been an interesting run on this project, with over 17 years on the EFI team and nearly 20 years at Intel. I look forward to what the next wave of technology will bring in '17 and beyond.
I like the end of the year as it hosts the Chaos Communications Conference (33c3). I recall seeing Trammell Hudson's Thunderstrike 2 https://media.ccc.de/v/32c3-7236-thunderstrike_2 over the '15 holiday, and for this '16 holiday I watched his talk on Heads, variously described in
http://hackaday.com/2016/12/29/33c3-if-you-cant-trust-your-computer-who-can-you-trust/
https://trmm.net/heads_33c3
https://www.youtube.com/watch?v=UqxRPLfrpfA
I like Trammell's threat model write up at https://trmm.net/Heads_threat_mode, too. Today we only have the higher level http://www.uefi.org/sites/default/files/resources/Intel-UEFI-ThreatModel.pdf.
It was interesting to see his mention of Intel (R) FSP and also reference our work on pre-OS DMA protection https://github.com/vincentjzimmer/Documents/blob/master/A_Tour_Beyond_BIOS_Using_Intel_VT-d_for_DMA_Protection.pdf.
Another talk of interest for the pre-OS was the review of porting UEFI Secure Boot for virtual machines https://media.ccc.de/v/33c3-8142-virtual_secure_boot. This entails the Open Virtual Machine Format (OVMF) http://www.tianocore.org/ovmf/ variant of EDKII that executes upon QEMU and is used as the guest firmware in projects like KVM, Virtualbox, etc.
The latter talk included a reference to the EDKII lock box https://www.kraxel.org/slides/virtual-secure-boot/#sb-virtual
work https://github.com/vincentjzimmer/Documents/blob/master/A_Tour_Beyond_BIOS_Implementing_S3_resume_with_EDKII_V2.pdf and emulating the full System Management Mode (SMM) infrastructure. The addition of more of the SMM infrastructure in https://github.com/tianocore/edk2/tree/master/UefiCpuPkg was positively mentioned, too.
Speaking of security and 33c3, an interesting read about researchers and industry was posted to
http://laforge.gnumonks.org/blog/20161206-it_security_culture_telecoms/. As long as the flaws are responsibly disclosed such that the conference presentations aren't zero-day events, I cannot argue with their sentiment.
One common element discussed in Heads and the Virtual Secure Boot topics entailed availability of full platforms. In that area there is great progress in having a set of full EDKII platform code in source that works with an Intel(R) FSP for the embedded Apollo Lake (APL) https://ark.intel.com/products/codename/80644/Apollo-Lake#@Embedded SOC (formerly known as "Broxton") in the repository https://github.com/tianocore/edk2-platforms/tree/devel-MinnowBoard3/.
Regarding security and treatment of EDKII https://github.com/tianocore/edk2 issues, we have moved our advisory update to gitbook from the former two PDF postings
https://www.gitbook.com/book/edk2-docs/security-advisory/details. These recent postings represent fixes that honored the industry request for six month embargo of the project updates. Going forward we'd like to auto-generate the advisory from Bugzilla https://github.com/tianocore/tianocore.github.io/wiki/Reporting-Security-Issues, but for now the document is manually curated. There have also been discussions of moving from the advisory document issue enumeration to things like CVE's https://cve.mitre.org/ which is an investigation in progress, too.
Moving into 2017, maybe I'll catch up to George Westinghouse's https://en.wikipedia.org/wiki/George_Westinghouse number of issued US Patents. I left 2016 with 354 issued, whereas George has 361 https://en.wikipedia.org/wiki/List_of_prolific_inventors.
2017 should also feature an update to a couple of UEFI books, including Beyond BIOS
https://www.degruyter.com/view/product/484468 and Harnessing the UEFI Shell
https://www.degruyter.com/view/product/484477. Beyond BIOS was originally published in 2006, so this update will mark over a decade since its first appearance.
It has been an interesting run on this project, with over 17 years on the EFI team and nearly 20 years at Intel. I look forward to what the next wave of technology will bring in '17 and beyond.
No comments:
Post a Comment