Hacking Measured Boot and UEFI

DEF CON 20

Presented by: Dan Griffin
Date: Saturday July 28, 2012
Time: 14:00 - 14:50
Location: Track 3

There's been a lot buzz about UEFI Secure Booting, and the ability of hardware and software manufacturers to lock out third-party loaders (and rootkits). Even the NSA has been advocating the adoption of measured boot and hardware-based integrity checks. But what does this trend mean to the open source and hacker communities? In this talk I'll demonstrate measured boot in action. I'll also be releasing my new Measured Boot Tool which allows you to view Trusted Platform Module (TPM) boot data and identify risks such as unsigned early-boot drivers. And, I'll demonstrate how measured boot is used for remote device authentication.

Finally, I'll discuss weaknesses in the system (hint: bootstrapping trust is still hard), what this technology means to the consumerization trend in IT, and what software and services gaps exist in this space for aspiring entrepreneurs.

Dan Griffin

Dan Griffin is the founder of JW Secure, a Seattle-based security software company. He has published several articles on security software development, as well as on IT security, and is a frequent conference speaker. Dan holds a Masters degree in Computer Science from the University of Washington and a Bachelors degree in Computer Science from Indiana University. Dan previously gained notoriety for demonstrating how to use a hacked smart card to compromise Windows Vista. Twitter: @jwsdan


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats