We take a look at differences observed in firmware security posture as mapped by CHIPSEC on a custom Winterfell node AMI based firmware vs. LinuxBoot w/ u-root. Using the findings as back-light, we also give an introduction to: a) tools for conducting firmware security research - Flashrom, Chipsec, Dediprog, Winterfell standalone node and a few more. b) alternatives to manufacturer firmware like LinuxBoot w/ u-root c) also demonstrating web-based: i) in-depth analysis for submitted firmware images - It's " brain " is growing at a healthy/steady clip of firmware already analyzed. There is also a cmdline JSON based API for it that will be made available during the talk. ii) Winterfell access with bios emulation - service is now in alpha with full shell access within a subset of u-root community with following functions all on point ( these will eventually be available as API ) : - Get SPI Flash emulator status - Stop emulator - Start emulator (the firmware parameter is the firmware the user wants to be tested) - Start the server through hard power on - Stop the server through hard power off
Speakers: Jean-Marie Verdun Arun Darlie Koshy