Krzysztof Okupski, IOActive Associate Principal Security Consultant, has posted a blog in the continuing research into platform security. In a previous IOActive Research post on platform security (seeĀ ‘Back to the Future with Platform Security’), we provided a brief introduction into platform security protections on AMD-based platforms and touched upon the topic of AMD Platform Secure Boot (PSB).
In this installment of the platform security blog series, we will dig deeper into the details of PSB, including a first glimpse of how it works under the hood, how it should be configured and, naturally, how various major vendors fail to do so. As a quick reminder, the purpose of PSB is to provide a hardware root-of-trust that will verify the integrity of the initial UEFI firmware phases, thereby preventing persistent firmware implants.