[SASAG] Training for Industry needs and standards.

Blibbet blibbet at gmail.com
Wed May 27 14:05:31 PDT 2015

On 05/27/2015 01:45 PM, Blibbet wrote:
> Here's some firmware-centric $.02:
>  * Learn how to manage network use of your enterprises' firmware. For
> UEFI, that includes Bluetooth, WiFi, PXE, WS-Man, SOAP, IPMI, and now
> with UEFI 2.5, the new "UEFI HTTP boot".
>  * Learn how to check what versions of firmware (system image version,
> all IHV option ROM versions), and how to get and install the latest
>  * Learn how to make a copy of your ROM, and do forensic diagnosis on
> it, looking for bootkits.
>  * Learn to create a UEFI shell boot disk.
>  * Learn to use the UEFI port of CPython. (So, learn Python, it is a
> subset.)
>  * Learn to use UEFI Shell, and it's ~80 commands.
>  * Learn to use LUV-live (Linux UEFI Validation) live-boot distro, on
> Intel hardware, and use it's BITS, FWTS, and CHIPSEC.
>  * If you have a Windows-based enterprise, learn to use MITRE Copernicus.
>  * Learn to use Coreboot's FlashROM.
>  * Learn to use a Dediprog, and a Bus Pirate.

Sorry, replying-to my own message. Here are a few more:

* Learn to identify firmware usage in hardware before you purchase it.

* Learn to use CHIPSEC -- and on Windows systems, MITRE Copernicus -- to
get security information on hardware BEFORE purchase. And learn how to
return insecure newly-purchased hardware, once it is determined that the
hardware was delivered vulnerable, by looking at CHIPSEC and/or
Copernicus -- logs.
See slides 105 and 106 of my LinuxFestNorthWest.org talk:
See the recent LegbaCore talk at RSA on use of Copernicus. Note that
unlike CHIPSEC, Copernicus scales at enterprise level. Note how much
better the LegbaCore talk is in this regard than mine 2 slides. :-(

* Learn all the boot key sequences available to your systems, and what
is configurable via boot BIOS menu/app.

* Learn the known-public security exploits available on BIOS and UEFI
systems, and how to detect if your hardware is vulnerable, using CHIPSEC
-- and on Windows systems, MITRE Copernicus.

RSS: http://firmwaresecurity.com/rss

More information about the Members mailing list