NSA Tech Report on UEFI SecureBoot, TPM, Librem Key
https://media.defense.gov/2020/Sep/15/2002497594/-1/-1/0/CTR-UEFI-SECURE-BOO... https://safeboot.dev/ https://github.com/google/go-tpm-tools https://www.youtube.com/watch?v=YZTWjLTz4AE TPM hacking https://en.wikipedia.org/wiki/FIPS_140-2 https://trustedcomputinggroup.org/ https://ieeexplore.ieee.org/document/5283799 https://github.com/Foxboron/sbctl https://github.com/Foxboron/goefi https://mjg59.dreamwidth.org/35742.html tpm-totp https://github.com/mntmn https://puri.sm/products/librem-key/ https://puri.sm/posts/the-librem-key-makes-tamper-detection-easy/ https://docs.puri.sm/Librem_Key/Getting_Started/User_Manual.html
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, September 24, 2020 7:37 PM, grarpamp <grarpamp@gmail.com> wrote: ...
https://media.defense.gov/2020/Sep/15/2002497594/-1/-1/0/CTR-UEFI-SECURE-BOO...
see also: "Espressif ESP32: Bypassing Encrypted Secure Boot (CVE-2020-13629)" - https://raelize.com/posts/espressif-esp32-bypassing-encrypted-secure-boot-cv... ''' During our Fault Injection research on the ESP32, we gradually took steps forward in order to identify the required vulnerabilities that allowed us to bypass Secure Boot and Flash Encryption with a single EM glitch. Moreover, we did not only achieve code execution, we also extracted the plain-text flash data from the chip. ''' best regards,
participants (2)
-
coderman -
grarpamp