Presented at
Black Hat USA 2013,
July 31, 2013, 11:45 a.m.
(60 minutes)
Windows 8 Secure Boot based on UEFI 2.3.1 Secure Boot is an important step towards securing platforms from malware compromising boot sequence before the OS. However, there are certain mistakes platform vendors shouldn't make which can completely undermine protections offered by Secure Boot. We will demonstrate an example of full software bypass of Windows 8 Secure Boot due to such mistakes on some of the latest platforms and explain how those mistakes can be avoided.
Presenters:
-
Oleksandr Bazhaniuk
- McAfee
Oleksandr Bazhaniuk is a security researcher and reverse engineer with background in automation of binary vulnerability analysis. He is also a co-founder of DCUA, the first DefCon group in Ukraine.
-
Andrew Furtak
- McAfee
Andrew Furtak is a security researcher focusing on security analysis of firmware and hardware of modern computing platforms and a security software engineer in the past. Andrew holds MS in Applied Mathematics and Physics from Moscow Institute of Physics and Technology.
-
Yuriy Bulygin
- McAfee
Chief Threat Architect for a Fortune 50 company where over the last 7 years he enjoyed analyzing security of everything from OS to CPU microcode and hardware. He is now leading a security threat research team advancing research in security threats to modern PC, mobile, and embedded platforms and protections against those.
Links:
Similar Presentations: