Scotch-tape and Flashrom: Way of the UEFI


We take a look at differences observed in firmware security posture as mapped by CHIPSEC on a custom Winterfell node AMI based firmware vs. LinuxBoot w/ u-root. Using the findings as back-light, we also give an introduction to:

a) tools for conducting firmware security research - Flashrom, Chipsec, Dediprog, Winterfell standalone node and a few more.

b) alternatives to manufacturer firmware like LinuxBoot w/ u-root

c) also demonstrating web-based:
i) in-depth analysis for submitted firmware images - It's " brain " is growing at a healthy/steady clip of firmware already analyzed. There is also a cmdline JSON based API for it that will be made available during the talk.
ii) Winterfell access with bios emulation - service is now in alpha with full shell access within a subset of u-root community with following functions all on point ( these will eventually be available as API ) :

  • Get SPI Flash emulator status
  • Stop emulator
  • Start emulator (the firmware parameter is the firmware the user wants to be tested)
  • Start the server through hard power on
  • Stop the server through hard power off