Hacking Measured Boot and UEFI

Presented at ToorCon San Diego 14 (2012), Oct. 20, 2012, 3 p.m. (50 minutes).

There's been a lot buzz about UEFI Secure Booting, and the ability of hardware and software manufacturers to lock out third-party loaders (and rootkits). Even the NSA has been advocating the adoption of measured boot and hardware-based integrity checks. But what does this trend mean to the open source and hacker communities?   In this talk I'll demonstrate measured boot in action. I'll show my new Measured Boot Tool which allows you to view Trusted Platform Module (TPM) boot data and identify risks such as unsigned early-boot drivers. And, I'll demonstrate how measured boot is used for remote device authentication.   Finally, I'll discuss weaknesses in the system (hint: bootstrapping trust is still hard), what this technology means to the consumerization trend in IT, and what software and services gaps exist in this space for aspiring entrepreneurs.

Presenters:

  • Dan Griffin
    Dan Griffin is the founder of JW Secure, a Seattle-based security software company. He has published several articles on security software development, as well as on IT security, and is a frequent conference speaker. Dan holds a Masters degree in Computer Science from the University of Washington and a Bachelors degree in Computer Science from Indiana University. Dan previously gained notoriety for demonstrating how to use a hacked smart card to compromise Windows.

Similar Presentations: