03-14, 22:00–22:20 (UTC), Dasharo vPub
Secure systems, such as Qubes OS and OpenXT, rely on PCI passthrough to isolate devices. However, some devices may have persistent mutable state that is not reset at reboot, creating an attack vector. In this talk I discuss approaches to deal with the problem, and how firmware can work with the OS ensure that attacks based on persistent device compromise are foiled.
Secure systems, such as Qubes OS and OpenXT, rely on PCI passthrough to isolate devices. However, some devices may have persistent mutable state that is not reset at reboot, creating an attack vector. Resetting this state might be impossible or require special hardware. Fortunately, the IOMMU can be used to prevent persistent compromise of the system, provided that the firmware and OS know which devices to trust! In this talk I discuss how firmware can work with the OS to ensure that attacks based on persistent device compromise are contained, and how the user can be included in trust decision.
See also:
Demi Marie Obenour is a software developer at Invisible Things Lab. She works on Qubes OS and has found multiple vulnerabilities in various software components.