[SASAG] Training for Industry needs and standards.

Blibbet blibbet at gmail.com
Wed May 27 13:45:36 PDT 2015

> Hello SASAG Friends,
> **YOUR EXPERT KNOWLEDGE of what Industry training is NEEDED***

Here's some firmware-centric $.02:

 * Learn how to manage network use of your enterprises' firmware. For
UEFI, that includes Bluetooth, WiFi, PXE, WS-Man, SOAP, IPMI, and now
with UEFI 2.5, the new "UEFI HTTP boot".
 * Learn how to check what versions of firmware (system image version,
all IHV option ROM versions), and how to get and install the latest version.
 * Learn how to make a copy of your ROM, and do forensic diagnosis on
it, looking for bootkits.
 * Learn to create a UEFI shell boot disk.
 * Learn to use the UEFI port of CPython. (So, learn Python, it is a
 * Learn to use UEFI Shell, and it's ~80 commands.
 * Learn to use LUV-live (Linux UEFI Validation) live-boot distro, on
Intel hardware, and use it's BITS, FWTS, and CHIPSEC.
 * If you have a Windows-based enterprise, learn to use MITRE Copernicus.
 * Learn to use Coreboot's FlashROM.
 * Learn to use a Dediprog, and a Bus Pirate.

AFAICT, no current security researcher or system admin
certification/training covers this. There's a tiny amount of using the
UEFI shell in some high-end OEM server training. And there's 2-3 groups
teaching this at pre-conf training at security hacker cons, the next two
It is pretty silly to secure rings 0-3 and ignore all the negative
rings. Speak up if you're able to help improve any industry cert to
include this kind of stuff, I'd be willing to help.

Most of the above is UEFI/BIOS-centric, I didn't even mention
Coreboot+SeaBIOS, nor Coreboot+Depthcharge on Chrome systems, nor
LibreBoot, or FreeBSD's use of OpenFirmware. And that's just an initial
draft of things to look for, I'll think more about this and create a
blog post on it in the future.

RSS: http://firmwaresecurity.com/rss

More information about the Members mailing list