[SASAG] follow-up to September UEFI talk

Jason Barbier jabarb at serversave.us
Thu Oct 22 13:34:31 PDT 2015 

The LUV team is very responsive if you have issues,  I was the guy who
lost his linux install at bsides due to LUV and they already have told
me why it did it and should have a fix. 
-- 
Jason Barbier | E: jabarb at serversave.us
GPG Key-ID: B5F75B47(http://kusuriya.devio.us/pubkey.asc)

On Thu, Oct 22, 2015, at 01:29 PM, Blibbet wrote:
> Re: last month's UEFI defensive talk at SASAG, I gave a
> slightly-improved version of the September SASAG talk at Security
> B-Sides Portland last week, slides are here[1]. At the SASAG talk, I
> gave misinformation about NIST SP800-147 Provisioning phase re: 'golden
> image', please these slides for revision, and some additional tool
> pointers, including interview with NIST to help understand things better.
> 
> I'll be giving a shorter version of this defensive UEFI talk this Friday
> 10am at SeaGL, in Capitol Hill[2]. I just received a batch of Intel
> LUV-live thumbdrives from Intel, the first dozen attendees at Friday's
> UEFI presentation at SeaGL will get a thumbdrive; you can always
> download your own[3].
> 
> If you have problems with LUV-live, make sure the LUV team knows about
> it, they have a mailing list and an IRC[4].
> 
> [1] http://firmwaresecurity.com/2015/10/18/slides-from-bsidespdx/
> [2] https://osem.seagl.org/conference/seagl2015/proposal/4
> [3] https://01.org/linux-uefi-validation/downloads/luv-live-image
> [4] https://01.org/linux-uefi-validation/get-involved
> 
> 
> On 09/11/2015 04:35 PM, Blibbet wrote:
> > On 09/08/2015 10:01 AM, Blibbet wrote:
> >> It will be an attempt to integrate NIST SP147’s firmware lifecycle model
> >> with the various hardware/software models sysadmins use (Hardware
> >> Lifecycle Model, ITIL, ITAM, etc.), to better represent firmware in that
> >> model, as well as recommend some open source tools to use.
> > Slides from last night are online:
> > http://firmwaresecurity.com/2015/09/11/sysadmin-slides-from-last-night/
> >
> > Please give me some feedback -- constructive if possible -- to improve
> > this presentation :-) I'm going to do a 2nd version of this at SeaGL
> > next month, and want to improve it. Main focus will be full integration
> > of models, some more tool examples for each phase.
> >
> > Thanks,
> > Lee
> > RSS: http://firmwaresecurity.com/feed
> >
> >
> 
> _______________________________________________
> Members mailing list
> Members at lists.sasag.org
> https://lists.sasag.org/mailman/listinfo/members

More information about the Members mailing list