Presented at
DEF CON 23 (2015),
Aug. 6, 2015, 10 a.m.
(60 minutes)
There are a lot of presentations and suggestions that indicate HSMs, TrustZone, AMT, TrEE, SecureBoot, Attestation, TPMs, IOMMU, DRTM, etc. are silver bullets. What does it all mean, should we be afraid, excited, hopeful? Hardware-based security features are not the end of the world, nor its savior, but they can be fun and useful. Although these technologies are vulnerability research targets, their trust concepts can be used to build secure software and devices.
This primer covers practical defensive uses of existing and upcoming hardware security and mobile trust technologies. We will overview the strengths, pitfalls, gotchas of these esoteric acronyms; and explain the capabilities of related features built into consumer and enterprise laptops, mobile, and embedded devices. Let's take a tour around the wild world of hardware and trust security!
Presenters:
-
Nick Anderson
- Research Scientist
Nick Anderson is a research scientist at a US super serious secret laboratory. When Nick is not fighting cyber warriors in the cyber threatscape in his cyber career, he is actively engaged in malware research and enjoys failing at web development. Nick received his masters degree from NYU Polytechnic School of Engineering after completing his bachelors degree in Mathematics from the University of Wyoming.
-
Teddy Reed
- Security Engineer Facebook
Teddy is a Security Engineer at Facebook developing production security tools. He is very passionate about trustworthy, safe, and secure code development. He loves open source and collaborative engineering when scale, resiliency, and performance enable defensive and protective software design. Teddy has published at security conferences on trusted computing, hardware trusted systems, UAVs, botnet development, human performance engineering, competition game theory, biometric vulnerabilities, and PaaS API vulnerabilities.
Links:
Similar Presentations: