Coreboot Research Update

Last year's talk about coreboot focused on basics and security properties of coreboot. In the meantime, a lot of interesting developments have happened. People have proposed to use the embedded controllers in laptops for trojan horses, and locking down machines against casual attackers has become easier, while sophisticated attacks have become harder to detect. Embedded controller vendors have opened up somewhat and major chipset vendors have opened their docs and even contributed code. At the same time, some companies try to introduce even more secrecy and undocumented blobs into the BIOS/EFI world. This talk focuses on the challenges in today's firmware world, how they relate to security, and what to expect next. A technical explanation of the constraints of firmware programming and associated security mechanisms will be given. If desired, generic coreboot questions about mainboard/chipset/processor support will be answered as well.