2024-11-11 –, WestIn - Partenkirchen
With the advent of verified/secure boot, bootloaders have become critical components in the chain of trust for embedded Linux systems. This talk will explore common security issues in verified boot implementations and provide an in-depth analysis of vulnerabilities found in popular bootloaders. Attendees will learn about the implications of these vulnerabilities and practical mitigation strategies to enhance device security.
Over decades, the role of bootloaders has been rather straightforward, loading an operating system kernel and starting it, optionally with some configuration or visual enhancements. However, with the rise of verified, or secure boot, bootloaders now find themselves at the beginning of the chain of trust. Being a member of the chain of trust comes with significant responsibility. Bugs or misconfigurations are no longer just unpleasant; they now undermine the entire security concept of a device.
In this talk, Richard will highlight common problems he has encountered in verified boot implementations of embedded Linux systems. He will also provide a deep dive into some vulnerabilities he has discovered in popular bootloaders and discuss how to mitigate them.
bootloader, secureboot, embedded linux
Richard is co-founder of sigma star gmbh where he offers consulting services around Linux and IT security. Upstream he maintains various subsystems of the Linux kernel such as UserModeLinux and UBIFS. Beside of low level and security aspects of computers he enjoys growing lithops.