Krzysztof Okupski, IOActive Associate Principal Security Consultant, will be presenting ‘Back to the Future with Platform Security‘ at our next hack::soho in January.
In the last decade the industry has seen a significant amount of research released around Intel platform security. Since the release of CHIPSEC, the industry has had a tool to quickly analyze the Intel platform against a secure baseline for misconfigurations – as a result, it has become more difficult to find misconfigured Intel platforms from major OEMs. As IOActive dove into the platform security realm, it was clear there was a lack of attention and analysis of the AMD platform – given the popularity and the growing market share of the AMD platform, this was unexpected.
Our research started with an overview of how secure boot worked under the hood and exposed the various vulnerabilities and implementation mistakes our team found; also assessing the architectural differences across Intel and AMD that make up for the security of the platforms.
Presenting the details and proof of concepts for the several vulnerabilities found in the targeted platforms; these included unlocked SMRAM regions, SPI flash misconfigurations, as well as memory corruption and race conditions issues in SMM modules. Our efforts led to developing a tool that can be used by end users to quickly verify that their systems are free from common misconfigurations with the AMD platform.
HACK::SOHO is a monthly event hosted at our London, UK office for the cybersecurity and hacking community to discuss all things security over food and refreshments.