Getting Physical with USB Type-C - Windows 10 RAM Forensics and UEFI Attacks

Explore the hidden world of embedded microcontrollers and their potential security implications in modern hardware devices. Delve into the Surface Aggregator Module (SAM) on the Surface Pro 4, examining its functionality, security measures, and firmware update processes. Learn about the similarities between SAM and Apple's SMC, and discover how these components interact with various sensors, expansion ports, and ACPI EC. Investigate the potential misuse of SAM for hardware implants and gain insights into its firmware format, UEFI relationships, ACPI and AML interactions, and physical bus access. Understand the vulnerabilities in embedded systems like USB-PD, ACPI EC, SMBus, and SMC, and their significance in the context of evolving software and CPU defenses. Gain valuable knowledge from Alex Ionescu, a renowned security architect and expert in low-level system software, kernel development, and reverse engineering.

Recon2017-Getting Physical with USB Type-C:Windows 10 RAM Forensics and UEFI Attacks by Alex Ionescu