Firmware security, why it matters and how you can have it

C1 | Wed 23 Jan | 1:30 p.m.–2:15 p.m.


Presented by

  • Matthew Garrett
    @mjg59

    Matthew Garrett is a security developer at Google, specialising in Linux and firmware. He is very interested in ensuring that users retain control of their computers without having to compromise their security.

Abstract

A system is only as secure as the least secure component it depends on. Hardening the kernel is a vital part of developing a secure operating system, but if the firmware underneath the kernel is insecure then attackers have an opportunity to sidestep your security and compromise you anyway. Firmware security research is a rapidly growing field, but the wider world is unaware of a lot of the output. Over recent users we've seen vulnerabilities involving exploitation of code running in system management mode, taking advantage of firmware-level hardware initialisation scripts run on resume from suspend, and even compromise of the management engine - an entirely separate computer that lives inside your chipset. There's a huge amount of work being done to improve this, but you probably haven't heard about it. This presentation will cover how the state of the art is shifting, along with a discussion of how much of this applies to projects such as Coreboot and Libreboot and whether it's possible to obtain the same level of security without compromising the freedom to run whatever you want on your system.