Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

TOCTOU Attacks Against Secure Boot and BootGuard

Hack In The Box Security Conference via YouTube

Overview

Explore TOCTOU attacks against Secure Boot and BootGuard in this Hack In The Box Security Conference talk. Dive into the vulnerabilities of Intel CPUs' BootGuard Verified Boot mode, the core root of trust during the boot process. Learn about errors in firmware volume handling and a new technique for altering firmware post-signature check. Discover how to construct an affordable open-source tool for investigating these Time-of-Check-Time-of-Use (TOCTOU) techniques and apply it to test your own systems' security. Cover topics including HDMI issues, BootGuard overview, free software community concerns, logic analyzer usage, data logging, improved proof of concept, board management controller implications, supply chain attack risks, Intel's response, firmware patches, and the importance of open-source firmware. Gain insights into the complexities of secure boot processes and the ongoing challenges in maintaining a robust chain of trust in modern computing systems.

Syllabus

Introduction
HDMI Issues
BootGuard
Overview
Free Software Community
What Could Go Wrong
Logic Analyzer
Data Log
SetCore
Summary
Trammell
Improved proof of concept
Trammell setup
Board management controller
Supply chain attack
Intel response
Firmware patches
The Fix
Open Source Firmware
Questions

Taught by

Hack In The Box Security Conference

Reviews

Start your review of TOCTOU Attacks Against Secure Boot and BootGuard

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.