Qubes OS summit 2022

Secure hardware for a secure operating system
09-10, 15:20–15:50 (Europe/Berlin), Main Room

As the world is evermore consumed by detecting and preventing ransomware and other financially damaging attacks on systems and organizations, far too little attention has been paid to an attack surface common to every single vulnerability - firmware. It’s time for firmware to be open source and secure.


Hacks of one form or another are a dime a dozen these days. It doesn’t take long to find out about the latest local government or hospital system getting ransomwared, the millions of credit card numbers leaked via a hacked retailer’s POS system, or even the less frequent state sponsored APT hacking of a global corporation to facilitate easy access to the corporation’s entire customer base.

Usually, the malware is found, neutralized, and companies and governments go back to business as usual (commonly with a higher IT budget). But what if the malware can’t be neutralized so easily? What if that malware is able to persist despite a clean install of the operating system on a new drive? This is the fate of a firmware vulnerability. In this session we are going to discuss why you should care about open source firmware and the ways we can reduce the risk of firmware persistent malware.

Brent is the founder and CEO of Protectli, a trusted provider of small form factor computers used for firewalls, hypervisors, and everything in between. Brent has worked in technology for companies such as Cisco, Samsung, EMC, Dell, and Veritas before founding Protectli in 2017. He is passionate about open source and is dedicated to bringing open source firmware to small form factor hardware for use in mainstream and everyday applications.