Loading…
This event has ended. Visit the official site or create your own event on Sched.
September 11-14, 2017 - Los Angeles, CA
Click Here For Information & Registration
Back To Schedule
Wednesday, September 13 • 11:50am - 12:30pm
Replace Your Exploit-Ridden Firmware with Linux - Ronald Minnich, Google

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
With the WikiLeaks release of the vault7 material, the security of the UEFI (Unified Extensible Firmware Interface) firmware used in most PCs and laptops is once again a concern. UEFI is a proprietary and closed-source operating system, with a codebase almost as large as the Linux kernel, that runs when the system is powered on and continues to run after it boots the OS (hence its designation as a “Ring -2 hypervisor"). It is a great place to hide exploits since it never stops running, and these exploits are undetectable by kernels and programs.

Our answer to this is NERF (Non-Extensible Reduced Firmware), an open source software system developed at Google to replace almost all of UEFI firmware with a tiny Linux kernel and initramfs. The initramfs file system contains an init and command line utilities from the u-root project (http://u-root.tk/), which are written in the Go language.

Speakers
avatar for Ron Minnich

Ron Minnich

Software Engineer, Google
linuxboot, u-root, coreboot, linuxbios, ... all open source firmwarelinux kernel, servers,



Wednesday September 13, 2017 11:50am - 12:30pm
Georgia I/II

Attendees (79)