Scotch-tape and Flashrom: Way of the UEFI
We take a look at differences observed in firmware security posture as mapped by CHIPSEC on a custom Winterfell node AMI based firmware vs. LinuxBoot w/ u-root. Using the findings as back-light, we also give an introduction to:
a) tools for conducting firmware security research - Flashrom, Chipsec, Dediprog, Winterfell standalone node and a few more.
b) alternatives to manufacturer firmware like LinuxBoot w/ u-root
c) also demonstrating web-based:
i) in-depth analysis for submitted firmware images - It's " brain " is growing at a healthy/steady clip of firmware already analyzed. There is also a cmdline JSON based API for it that will be made available during the talk.
ii) Winterfell access with bios emulation - service is now in alpha with full shell access within a subset of u-root community with following functions all on point ( these will eventually be available as API ) :
- Get SPI Flash emulator status
- Stop emulator
- Start emulator (the firmware parameter is the firmware the user wants to be tested)
- Start the server through hard power on
- Stop the server through hard power off