papers.put.as

A collection of papers and presentation slides related to Mac OS X, iOS, and Firmware.

Firmware

2013 2014 2015 2016

2012

New Results for Timing-Based Attestation

by Xeno Kovah, Corey Kallenberg, Chris Weathers, Amy Herzog, Matthew Albin, John Butterworth
at 2012 IEEE Symposium on Security and Privacy
type paper
hash b4d43b10d24309eb7d3f933074a6130fdc49802254d6ff7787d72e2c1a163dc8

No More Hooks: Trustworthy Detection of Code Integrity Attacks

by Xeno Kovah, Corey Kallenberg, Chris Weathers, Amy Herzog, Matthew Albin, John Butterworth
at Def Con
type slides
hash 229c5fc6ef522a0b6e4f891df9bdd3c0f01fec396319a288c07e4b90929ee551

top

2013

BIOS Chronomancy: Fixing the Core Root of Trust for Measurement

by John Butterworth, Xeno Kovah, Corey Kallenberg
at BlackHat
type slides
hash f571851e5a2d60c8181b7c1d1ad2def9ced5baf7472b5faef1f1c0fc6666ad06

BIOS Chronomancy: Fixing the Core Root of Trust for Measurement

by John Butterworth, Xeno Kovah, Corey Kallenberg
at BlackHat
type paper
hash 1a68614164f5a33359981c5efd0795ccade1b0e7fe50fcd535b7b8f086a42d1c

top

2014

All Your Boot Are Belong To Us

by Yuriy Bulygin, Andrew Furtak, Oleksandr Bazhaniuk, John Loucaides
at CanSecWest
type slides
hash eefa6cf1a9efab64faa50e1d6e828060ba000956ba3462c68df15575c7a9dcab

All Your Boot Are Belong To Us

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at CanSecWest
type slides
hash 11904c6bc0119b2ef52a1ec042eaf0b7d4175892f05825b9d1f6b7b722ce319d

Attacks on UEFI Security

by Rafal Wojtczuk, Corey Kallenberg
at CCC
type slides
hash cb5c7717c5911cf65025873f06ba0fd6e0ac9040bd67d317ef5ae79fc53166c0

Attacking UEFI Boot Script

by Rafal Wojtczuk, Corey Kallenberg
at CCC
type paper
hash 9bb5d00e7b2b9f5299e4de7f1411582e57af86730cfa3634d16437cfab7d332a

Copernicus 2: SENTER the Dragon!

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at CanSecWest
type slides
hash 32039a1e96b3f633a8f3d19ee7f3805a2220e7e7065677433bcfe7d8cce37256

SENTER Sandman: Using Intel TXT to Attack BIOSes

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at HITB
type slides
hash c16b5fdd17cb029f3086aa3003d66c6b90c873964e140ef9ec694b80e425ee29

SENTER Sandman: Using Intel TXT to Attack BIOSes

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at HITB
type paper
hash ac136c000ba552443cf5ce85680171c2584bad27497cebee0df18d1ee4dd1b5e

Defeating Signed BIOS Enforcement

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at N/A
type paper
hash 5cc227aa723f80a76ea6b01b570ad447a3152f72975e8e345c2d4a3bb754ec72

Analyzing UEFI BIOS from Attacker & Defender Viewpoints

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at BlackHat EU
type slides
hash 814db05500758f80291d2558640e2f285446646a0f2769b73c52d92735792c55

Into the Unknown: How to Detect BIOS-level attackers

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at VB
type slides
hash ccae135892bf59d199e92d9ff47c95740486d303dd2039ce340067936cc0ffe6

Into the Unknown: Assessing your BIOS vulnerabilities

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at MIRcon
type slides
hash 4f08ac02d9b483b8e19ee99c0bc848a079a92614426600d211a832e7e0694a69

Extreme Privilege Escalation on Windows 8/UEFI Systems

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at BlackHat
type slides
hash 187dad978e58da4671eda9d02d93a7ad9aa91c43211da452c0441852ccfee28b

Extreme Privilege Escalation on Windows 8/UEFI Systems

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at BlackHat
type paper
hash 380de0008a76edb9c1889604c76a67c63b3217f7142b95c3cdbfccf25dd9a702

Setup For Failure: Defeating Secure Boot

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at SyScan Singapore
type slides
hash ac43c17c386a31065a6466522c5360909bc06f4adbd0d8f57855d894bb62cffb

Setup For Failure: Defeating Secure Boot

by Corey Kallenberg, Xeno Kovah, John Butterworth, Sam Cornwell
at SyScan Singapore
type paper
hash f5acaedd54e18f091e0a20f78a6c5e666367f74d7b1f7f21c24c1c6875c7da56

top

2015

BIOS Necromancy: Utilizing “Dead Code” for BIOS Attacks

by Corey Kallenberg & Xeno Kovah
at HITB GSEC
type slides
hash 420943b6e8247eaba14815b394a0bc1b4c1298ce8f86b88d91f46403796faa59

Betting BIOS Bugs Won’t Bite Y’er Butt?

by Corey Kallenberg & Xeno Kovah
at ShmooCon
type slides
hash a746a0edf6a085e9331f969fe6f8ffde29956e2023a86e37f6eb0b0573bc1031

How Many Million BIOSes Would you Like to infect?

by Corey Kallenberg & Xeno Kovah
at CanSecWest
type slides
hash e2124f7e04e371e88d3556023f85df089a1fa3c0137815a1fc5b387d322fede3

How Many Million BIOSes Would you Like to infect?

by Corey Kallenberg & Xeno Kovah
at CanSecWest
type paper
hash 2fb8cc51d6f3b00bc81b359ee9b2b9b193fefa205c3cbd6685a3827ee5adf029

Are you giving firmware attackers a free pass?

by Corey Kallenberg & Xeno Kovah
at RSA
type slides
hash c0606390b284a80d6e980c4a51f81cc8c6b52043db3d392b1d54eaeb6f8f9476

top