All posts by Paul English

January 11: Firmware Security Defense

Office Hours

Date January 11, 2018
Time: 7pm
Place: 1111 3rd Ave #2500

Seattle, WA

  • 98101
Directions: Text or message on meetup.com https://www.meetup.com/Seattle-Area-Systems-Administrators-Guild-SASAG/
Subject:

For attackers, platform firmware is the new Software. Most systems include hundreds of firmwares – UEFI or BIOS,
PCIe expansion ROMs, USB controller drivers, storage controller host and disk/SSD drivers. Firmware-level hosted
malware, bare-metal or virtualized, is nearly invisible to normal security detection tools, has full control of
your system, and can often continue running even when the system is “powered off”. Security Firms (eg, “Hacking
Team” sell UEFI 0days to the highest bidder), and government agencies include firmware-level malware (eg,
Wikileak’ed Vault7 CIA EFI malware). Defenders need to catch-up, and learn to defend their systems against
firmware-level malware. In this presentation, we’ll cover the NIST SP (147,147b,155,193) secure firmware guidance.
We’ll discuss the problem of firmware-level malware, including some of the latest vulnerabilities such as Intel
AMT, Intel ME and even a bit on Meltdown and Spectre. We’ll cover some open source tools (FlashROM, CHIPSEC, etc.)
to help detect malware on your system. You’ll also get a nice paper tri-fold copy of our CHIPSEC Quick Reference
for Sysadmins and some scary looking BadBIOS stickers for your laptop, as well as a copy of our upcoming e-book.

Food will be provided, courtesy of Fuzzy Logic. https://fuzzy-logic.org/

Presenters: Lee Fisher & Paul English

Celebrate with friends, colleagues and food

March 10th Meeting: Pre-Cascadia IT Conference Meetup

Date: March 10th, 2016
Time: 7pm
Place: Hotel Deca, 4507 Brooklyn Ave NE, Seattle, WA 98105. Downstairs in the Governor Room
Directions: https://www.google.com/maps/place/Hotel+Deca/@47.6615196,-122.3167352,17z/data=!3m1!4b1!4m2!3m1!1s0x5490148ac590c9fd:0x5ca09aa87f1f39cd
Subject: Pre-Conference Hangout & Chat
Presenters: YOU. Free of charge event.

 

November 19th (one week later than normal): LISA Wrapup

Date: November 19th, 2015
Time: 7pm
Place: Stam Lab, 2211 Elliot Ave, 1st Floor, Seattle WA
Directions: Map
Subject: LISA Wrapup
Presenters: All Attendees who attended LISA

This is an open meeting where people who attended LISA will be talking about the latest in sysadmin news, technology, trends and information.   If you didn’t attend LISA this is your chance to catch up and ask questions of those who did.