Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Analyzing UEFI BIOSes from Attacker & Defender Viewpoints

Black Hat via YouTube

Overview

Explore the intricacies of UEFI BIOS analysis from both offensive and defensive perspectives in this comprehensive Black Hat conference talk. Delve into the challenges of detecting malicious changes in BIOS and the limitations of current comparison methods. Gain insights into essential topics such as port IO, memory-mapped IO, PCI, SMM, and UEFI, crucial for effective modern BIOS analysis. Examine how UEFI's transparency impacts both attackers and defenders in firmware analysis. Learn about UEFI boot phases, firmware storage, security responsibilities, and key management. Discover the potential for firmware-level malware and the importance of developing expertise in this often overlooked area of cybersecurity.

Syllabus

Introduction 2
BIOS is dead, long live UEFI!
About UEFI
UEFI Differences: Boot Phases
Legacy BIOS Firmware Storage
Firmware Files
Yay Standardization!
Security (SEC) Phase
SEC Responsibilities 1 of 2
Quick ACPI Note: Sleep Modes
SEC Responsibilities 2 of 2
SEC Hand-off to PEI Entry Point
Components of PEI
UEFI Non-Volatile Variables
EFI Variable Attributes Combinations
Authenticate how Keys and Key Stores
UEFI Variables (Keys and Key Stores) 2
Boot Device Selection (BDS)
Transient System Load (TSL)

Taught by

Black Hat

Reviews

Start your review of Analyzing UEFI BIOSes from Attacker & Defender Viewpoints

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.