Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

20 Ways Past Secure Boot

WEareTROOPERS via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore 20 methods for bypassing secure boot systems in this comprehensive conference talk. Delve into secure boot theory and examples before examining various attack vectors, including debug access, service functionality exploits, and UART vulnerabilities. Learn about timing attacks, glitch sensitivity, and electromagnetic fault injection techniques. Investigate design flaws, firmware upgrade vulnerabilities, and cryptographic weaknesses. Gain insights into key management issues and weak signing methods. Conclude with valuable parting thoughts on improving secure boot implementations and defending against potential exploits.

Syllabus

Intro
Overview
Secure boot?
Secure boot theory
Secure boot example
ways to ...
debug access to boot stage (JTAG) riscure
Debug/service functionality
Nook boot UART exploit
18. Overriding boot source medium
TOCTOU race conditions
Timing attacks
Timing attack with Infectus board
XBOX 360 timing attack procedure
Glitch sensitivity
Glitch demo
Is it a real attack?
Slot machine EMP Jamming
Code section
EM-FI Transient Probe
Research probes
Design mistakes
Accessibility of boot ROM after boot riscure
Crypto sanitization
Firmware Upgrade / Recovery flaws riscure
Relying on unverified code
Service backdoor/password
State errors
Driver weaknesses
ROM patching functionality
Inappropriate signing area
Key management
Weak signing keys/methods
Parting thoughts

Taught by

WEareTROOPERS

Reviews

Start your review of 20 Ways Past Secure Boot

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.