Replace Your Exploit-Ridden Firmware with Linux
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore a groundbreaking approach to enhancing computer security in this 38-minute conference talk by Ronald Minnich from Google. Learn about NERF (Non-Extensible Reduced Firmware), an open-source software system designed to replace the vulnerable UEFI firmware with a minimal Linux kernel and initramfs. Discover how this innovative solution addresses security concerns raised by the WikiLeaks vault7 release, which exposed potential exploits in proprietary UEFI firmware. Gain insights into the implementation of NERF, its use of the u-root project, and the advantages of utilizing a tiny Linux kernel to improve system security. Delve into Ronald Minnich's extensive background in open-source projects and his contributions to various operating systems, including his invention of LinuxBIOS (now coreboot). Understand the implications of replacing closed-source firmware with an open-source alternative and how it can protect against undetectable exploits in the critical "Ring -2 hypervisor" layer.
Syllabus
Replace Your Exploit-Ridden Firmware with Linux - Ronald Minnich, Google
Taught by
Linux Foundation
Tags
Related Courses
Secrets Of The Motherboard - Shit My Chipset Says44CON Information Security Conference via YouTube Bootstrapping an Architectural Research Platform
Cooper via YouTube Baring the System - New Vulnerabilities in SMM of Coreboot and UEFI Based Systems
Recon Conference via YouTube Linux auf dem Desktop
media.ccc.de via YouTube Breaking Firmware Trust From Pre-EFI - Exploiting Early Boot Phases
Black Hat via YouTube