BSides PDX is a gathering of the most interesting infosec minds in Portland and the Pacific Northwest! Our passion about all things security has driven attendance from other parts of the country. Our goal is to provide an open environment for the InfoSec community to engage in conversations, learn from each other and promote knowledge sharing and collaboration. The Portland and greater Northwest information security community spans a broad spectrum of participation from CISOs, Fortune 100 company security experts, small business system admins, to independent security researchers.
I haven’t seen a lot of Internet traffic on this great sounding event, so I thought I’d pass along this notification. Registration is now open. Checkout this amazing sounding agenda:
Detecting Evil Maid Firmware Attacks
Lee Fisher, Paul English
Firmware is software that controls the hardware; firmware-based malware (bootkits, firmworms, etc.) has very low-level system access, even while the system is powered off, and is invisible to most security tools. This workshop gives an introduction to platform firmware security, for DFIR professionals responsible for protecting critical infrastructure. Beginning with an introduction to the technologies (UEFI, ACPI, SMM, BMC, Redfish, etc.), the threats, available open source tools, and guidance and best practices, and the latest NIST firmware security lifecycle guidance. The presentation will cover and the lab will use tools like CHIPSEC, UEFITool, UEFIDump, FirmWare Test Suite, ACPIdump, and other open source tools to obtain diagnostic and security information – and ‘blobs’ from the firmware. We will demonstrate how our open source software Firmware Audit (fwaudit) can be used to assist with automation and logging and forensics, and our cloud service for storage and centralized analysis. We’ll be using a Linux VM, participants who want to run workshop labs will need a laptop with VirtualBox installed.
UEFI and CHIPSEC development for Security Researchers
Erik Bjorge; Maggie Jauregui; Brent Holtsclaw; Aaron Frinzell
Have you ever wanted to learn how to develop interesting firmware platform functionality? We believe in enabling the community to properly implement and use the Unified Extensible Firmware Interface (UEFI) functionality for both feature development and security research. Join our workshop and learn how to implement your very own bootloader. The class is based around the open source implementation of UEFI: TianoCore. We’ll go over UEFI development basics, TianoCore development do’s and don’ts, and how to implement interesting functionality including System Management Interrupt (SMI) handlers. You’ll get hands-on UEFI experience in coding, compiling, and testing platform firmware.
Furthermore, the workshop will also include a CHIPSEC section in which you will learn how to develop your own CHIPSEC modules and tests (including fuzzing of platform interfaces) ideal for firmware security researchers looking for a deeper dive into platform configuration and stress testing.
Custom Network Protocol Fuzzing
Joshua Pereyda & Tim Clemans
Get hands on experience writing custom network protocol fuzzers. This class will cover the basics of network protocol “smart fuzzing.” Exercises will utilize the open source network protocol fuzzing framework, boofuzz. Attendees will gain practice reverse engineering a network protocol, implementing and iterating on a custom fuzzer, and identifying vulnerabilities.
Post a Comment
Be sure to select an account profile (e.g. Google, OpenID, etc.) before typing your comment!