Talks of ZeroNights X main program. Part 2
The main stage program comprises talks related to the security of firmware, desktop, mobile devices and OS, as well as issues of searching for vulnerabilities, their exploitation, and elimination.
We have recently announced some talks of the main program, now we are ready to introduce some other ZN talks and speakers.
Chip Red Pill: How we achieved to execute arbitrary [micro]code inside Intel Atom CPUs
All the modern Intel CPUs have RISC-core inside the chip. The core implements abstraction layer that interprets user-visible instruction set to invisible hardware-internal RISC instructions. RISC core has maximum privileges and it can manipulate data directly. The microcode program built-in the chip, but the OS and UEFI may apply some patches – microcode updates. Unfortunately, it is encrypted and there is poor public information on its working. Due to this, has no public research about internal structure of Intel CPU microcode.
Maxim Goryachy and Mark Ermolov found a way that you can get access to it on the public-available platform. In this talk, they are going to describe the structure of microcode for the Intel Atom platform, how their proof of concept works and hijacking user-visible x86 instruction. The speakers will describe the approach how they did reverse engineering of microcode format and internal structure of Intel Atom.
Data-only attacks against UEFI BIOS
What comes to your mind when you hear about UEFI BIOS vulnerabilities? SMM flaws, firmware verification, or Secure Boot bypass? A lot of mitigations exist already to protect firmware code integrity. Still, it is possible to develop attack vectors that have almost no countermeasures nowadays.
Speakers: Alexander Ermolov and Dmitry Frolov
The conference preliminary program is now available on the website. CFP is still open, and the list of topics and speakers will be supplemented.