Announcement

Collapse
No announcement yet.

Coreboot Project Is Leveraging NSA Software To Help With Firmware Reverse Engineering

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Coreboot Project Is Leveraging NSA Software To Help With Firmware Reverse Engineering

    Phoronix: Coreboot Project Is Leveraging NSA Software To Help With Firmware Reverse Engineering

    It's not often the National Security Agency (NSA) can be thanked for their contributions to society, but in the case of one of their public open-source projects it's going to be used to help the Coreboot folks in reverse-engineering system firmware...

    http://www.phoronix.com/scan.php?pag...oreboot-NSA-RE

  • #2
    Ghidra does not have support for the RISC-V architecture. 😢

    Comment


    • #3
      I thought only clean room reverse engineering was allowed in open source projects

      Comment


      • #4
        Originally posted by FireBurn View Post
        I thought only clean room reverse engineering was allowed in open source projects
        Um, that's how you do clean room. You have one team contaminating themselves with "rogue IP" reverse engineering and writing specs. You have another clean team reading specs and writing new or compatible implementation.

        Comment


        • #5
          That sounds like a great opportunity, but I wonder if that will ever help against signed FW, since without a proper privkey you will hardly be able to sign your new and improved FW.
          Stop TCPA, stupid software patents and corrupt politicians!

          Comment


          • #6
            Originally posted by uid313 View Post
            Ghidra does not have support for the RISC-V architecture. 😢
            Hardly a problem considering RISC-V won't have much software available now, especially the kind you don't have source for.

            Comment


            • #7
              Originally posted by Adarion View Post
              That sounds like a great opportunity, but I wonder if that will ever help against signed FW, since without a proper privkey you will hardly be able to sign your new and improved FW.
              While I can understand and sympathize with those concerns, the reality in practice has been that firmware signing has been mostly security theater as the OEMs that do use signed loaders seem to almost always screw it up in some rather spectacular fashion. This leads to ways to load custom firmware even on machines where signed firmware loading is enforced. See the recent Cisco enterprise hardware security blunder which can't be fixed with software patches for a rather spectacular example.

              If we ever reach the point where those exploits become rare people are going to have to consciously choose between signed & locked down firmware and more open non-signed loaders. By themselves there's often pros and cons to either which may or may not be obvious to even knowledgeable purchasers, especially since that's rarely a feature point on marketing materials.

              Comment


              • #8
                Originally posted by Adarion View Post
                That sounds like a great opportunity, but I wonder if that will ever help against signed FW, since without a proper privkey you will hardly be able to sign your new and improved FW.
                https://vulmon.com/vulnerabilitydeta...CVE-2019-11098

                Comment


                • #9
                  Originally posted by DoMiNeLa10 View Post

                  Hardly a problem considering RISC-V won't have much software available now, especially the kind you don't have source for.
                  Ghidra have support for many other architectures architectures that doesn't have much software.
                  But RISC-V is used on hardware too, like in Nvidia GeForce cards and in storage devices from Western Digital. So RISC-V support would be useful for firmware reverse engineering.

                  Comment


                  • #10
                    Originally posted by uid313 View Post
                    But RISC-V is used on hardware too, like in Nvidia GeForce cards and in storage devices from Western Digital. So RISC-V support would be useful for firmware reverse engineering.
                    I fully expect RISC-V support in Ghidra to come around eventually. As for the project at hands, this effort is mentored by coreboot folks and so Alex will naturally work on stuff that benefits the coreboot ecosystem. The ability to learn more about PC firmware's inner working simply has a higher priority there.

                    Comment

                    Working...
                    X