What you don’t know about firmware might get you 0wn3d

By James Brian Richardson, Published: 07/29/2017, Last Updated: 07/29/2017

Following firmware developers on social media during Black Hat & Def Con can be a bit bewildering. Firmware is becoming more important in the realm of cybersecurity research. Most of the work I do is working with other firmware developers to make sure they understand current capabilities and trends, but that work may take months or years to hit the market. The people on the front lines of computer security need some understanding of what they can do today to help secure their systems.

While many of my colleagues spent a very hot and crowded week in Las Vegas, I had a much cooler weekend at the Bsides conference in Asheville, NC. My "What you don’t know about firmware might get you 0wn3d" presentation is designed to describe the importance of firmware in computer security, and what can be done today to mitigate and detect common attacks against firmware. There are practical methods to prevent a number of common bootkit/rootkit attacks, platform security features to consider when purchasing new systems, and responsible ways to research firmware issues.

Firmware is Infrastructure

There are also some minor diversions into my feelings on civil infrastructure, a lack of threat modeling in the Galactic Empire's IT department, and plumbers using the Super Mario brothers as role models ... but I'm a nerd and come by that sort of thing honestly.

The "defense" side of cyber security isn't as cool as what we see from Black Hat & Def Con, but it's an essential part of any end-to-end solution. Hopefully a better understanding of firmware and platform root-of-trust will help IT departments and penetration testing teams improve security for their customers. 

Product and Performance Information

1

Intel's compilers may or may not optimize to the same degree for non-Intel microprocessors for optimizations that are not unique to Intel microprocessors. These optimizations include SSE2, SSE3, and SSSE3 instruction sets and other optimizations. Intel does not guarantee the availability, functionality, or effectiveness of any optimization on microprocessors not manufactured by Intel. Microprocessor-dependent optimizations in this product are intended for use with Intel microprocessors. Certain optimizations not specific to Intel microarchitecture are reserved for Intel microprocessors. Please refer to the applicable product User and Reference Guides for more information regarding the specific instruction sets covered by this notice.

Notice revision #20110804