2024-08-06 –, Misora Room
"SteamOS, Valve Software's operating system for their popular new Steam Deck, is an emerging gaming and computing platform, with millions of units sold and the first third-party hardware on its way. In this talk, @g1a55er lays out his work overwhelming SteamOS’ meager defenses to raid the valuable loot within.
This talk includes a live-demo of a wormable, 1click, factory-reset resistant root remote code execution attack against SteamOS. It then lays out the systemic failures in SteamOS’ security architecture that enable such devastating attacks. It bluntly details the researcher’s attempts at coordinated disclosure with the vendor, as well as highlighting how some of these flaws have festered for almost eight years after other researchers brought them into the public eye.
Total and complete pwnage of SteamOS is guaranteed, or your green rupees back."
N/A handled by skytalks