IPMI - because ACPI and UEFI weren't terrifying enough
ACPI was dreadful and scary, and it's still scary but at least it mostly works now. UEFI jeopardised the interests of our entire tribe, but we got through it. How could any other four letter specification worry us?
Meet IPMI - the Intelligent Platform Management Interface. A protocol that allows admins to power machines on and off remotely. A protocol that permits remote querying and reporting of hardware errors, fan speeds, temperatures and more. A protocol so poorly designed that it explicitly defines passwordless authentication. A protocol that's generally implemented by gluing a small insecure embedded Linux device to your server motherboards. A protocol implemented by people who don't understand the importance of avoiding leaking bits of the heap in network packets. A protocol that's frequently exposed to the public internet. A protocol that's… well. You get the idea.
This presentation will cover the IPMI protocol and its potential uses for good, along with a deep, dark, depressing discussion of its despair-inducing failings at both the protocol and implementation levels. You'll laugh. You'll cry. You'll never trust your servers again.
Matthew Garrett is a security developer at Nebula and an expert in the field of four-letter specifications (including ACPI, UEFI and IPMI) and the field of four letter words (the use of which would likely be a violation of the LCA code of conduct). These facts are probably not unrelated.