Outras ferramentas de software

Finding BIOS Vulnerabilities with Symbolic Execution and Virtual Platforms

Finding BIOS Vulnerabilities With Excite

Finding vulnerabilities in code is part of the constant security game between attackers and defenders. An attacker only needs to find one opening to be successful, while a defender needs to search for and plug all or at least most of the holes in a system. Thus, a defender needs more effective tools than the attacker to come out ahead.

Signed UEFI Firmware Updates in EDK II

Intel has recently contributed a full implementation for UEFI Capsule update, including support for the EFI System Resource Table (ESRT) and Firmware Management Protocol (FMP), under EDK II. The SignedCapsulePkg has been ported to two open platforms, MinnowBoard Max/Turbot and Intel® Galileo, for further development and validation.

Intel® RealSense™ for Linux - Object Library Documentation

Version: 1.0

Intel® RealSense™ Object Library middleware gives machines the ability to understand what they are looking at, in other words, imparting meaning to the vision the Intel RealSense cameras provide. This ability allows for more dynamic human-machine interaction. Object Library uses a CNN-based architecture that utilizes depth to efficiently and accurately classify and localize objects. This middleware includes a library for recognizing, localizing, and tracking objects from a pre-defined library.

Arrays

The Enclave Definition Language (EDL) supports multidimensional, fixed-size arrays to be used in data structure definition and parameter declaration. Zero-length array and flexible array member, however, are not supported. The special attribute isary is used to designate function parameters that are of a user defined type array.

Example

enclave {

   

Unsafe C++11 Attributes

Developers should use C++11 attributes inside an enclave with care. The attribute noreturn, in particular, may cause a potencial security risk. For instance, if a trusted function calls a noreturn function any clean-up code placed after the function call will be ignored.

[noreturn]]void foo(parameters…)
{
    ...
}
int ecall_function(parameters…)
{
    ...
    foo(...);
    // Clean-up code below will be ignored
    ...
    return 0;
}

Intel® Enhanced Privacy ID (Intel® EPID)

Attestation using standard asymmetric cryptographic signature algorithms has a well-known privacy concern when a small number of keys are used across the life of the platform. Because the key used for signing the quote needs to be associated with the hardware performing the quote operation, it allows third parties to collude and track which sites users have visited. To overcome this problem, Intel has introduced the use of an anonymous signature technique, known as Intel® Enhanced Privacy ID (Intel® EPID), for signing enclave quotes.

Assine o Outras ferramentas de software