Loading Events

« All Events

  • This event has passed.

TA3M Seattle for April 2018: Firmware Security and SPC, Emerald Onion Updates

April 16 @ 6:30 pm - 9:00 pm

April  16 @ 6:30 pm – 9:00 pm

SURF Incubator
999 3rd Ave Suite 700
Seattle, 98104 United States

6:30 – 7 Casual chat, Cryptoparty / PGP key exchange / Signal
Verification, Intro slide(s)

We’ll have pizza! **

============

7-7:30 Emerald Onion Update

Emerald Onion has been online for 10 months now! They will provide an update of current work, and future ideals. More info at https://emeraldonion.org/

7:30 – 8:00 Seattle Privacy Coalition General Meeting
8:00-9:00 – Firmware Malware Self-Defense

Paul English and Lee Fisher, PreOS Security

For attackers, platform firmware is the new software.

Activists, journalists, lawyers – regardless of your threat model, the first steps are to secure the operating system, passwords / phrases, use 2 factor authentication and disk encryption.

Firmware security is an advanced topic, but well worth understanding, particularly with data on portable devices and the risk of the Evil Maid Attack.

Most systems include hundreds of firmwares – UEFI or BIOS, PCIe expansion ROMs, USB controller drivers, s torage controller host and disk/SSD drivers. Firmware-level hosted malware, bare-metal or virtualized, is nearly invisible to normal security detection tools, has full control of your system, and can often continue running even when the system is “powered off”. Security Firms (eg, “Hacking Team” sell UEFI 0days to the highest bidder), and government agencies include firmware-level malware (eg, Wikileak’ed Vault7 CIA EFI malware). Defenders need to catch-up, and learn to defend their systems against firmware-level malware. In this presentation, we’ll cover the NIST SP (147,147b,155,193) secure firmware guidance, for citizens, rather than vendors/enterprises. We’ll discuss the problem of firmware-level malware, and cover some open source tools (FlashROM, CHIPSEC, etc.) to help detect malware on your system. We’llbe discussing a new open source tool we’ve just released to help make it easier for you to do this check.

Paul is CEO and Lee is CTO of PreOS Security, a local firmware security startup focused on helping enterprises defend their systems firmware. Lee co-founded TA3M Seattle, Paul is one of TA3M Seattle’s main organizers. PreOS Security has been funding TA3M’s pizza up until recent Cloudflare transition

============

…and also thanks to TA3M organizers, we’ve also got a meetup.com thingie.
Join us on Meetup.com!

TA3M Seattle

Seattle, WA
29 Members

TA3M Seattle is a tech-activist organization dedicated to empowering all people to protect themselves and their data through privacy awareness training, local outreach, self-p…

Next Meetup

Firmware Security. Seattle Privacy Coalition Mtg, Emerald On…

Monday, Apr 16, 2018, 6:30 PM
11 Attending

Check out this Meetup Group →

(note: RSVPing via meetup.com will assist with food and space planning. If you’d rather not use
meetup.com, a more private / secure channel RSVP would be welcome)

============

Pizza sponsored by Cloudflare.

https://blog.cloudflare.com/cloudflare-wants-to-buy-your-meetup-group-pizza/

Be prepared that there will be an opt-out group photo, taken from the back of the room to fulfill the sponsorship requirements.

Details

Date:
April 16
Time:
6:30 pm - 9:00 pm
Event Category:

Venue

SURF Incubator
999 3rd Ave Suite 700
Seattle, 98104 United States
Website:
surfincubator.com

Organizer

TA3M Seattle
Website:
https://seattleprivacy.org/programs/ta3m/

Leave a Reply

Your email address will not be published.