This was BIOS obliteration morning at CanSecWest. The border guard BIOS attack requires 50 seconds of physical access to the laptop (as pictured below) - one screw, one button press, wait for green light. Not Nation-State difficult stuff to develop as as all the naysayers claim: development time 4 weeks for two guys. Rafal and Corey then showed us vulnerabilities to do this remotely via software only (#venamis #speedracer) And then the Intel folks showed us another new class of bios vulns using pointers. The BIOS vulnerability beatings will continue until security and morale improves.
Photo
Shared publiclyView activity