09-05, 11:00–11:30 (Europe/Amsterdam), Second track
This talk is about the hidden devices that connect you, which are not often in the spotlight but frequently in many places: SMB network appliances. Specifically, my research has focused on Cisco Meraki wired routers and wireless access points.
Secure boot is the most widely used technology to ensure the integrity of a device’s boot chain. Adversaries, both criminal and state-sponsored, are moving down the software stack and closer to firmware to gain persistence and evade detection. However, secure boot is only as strong as its weakest link, which is often the vendor implementing it.
Recently, it has become apparent that some vendors have not been adequately securing, or even changing the example keys used to sign their firmware; the so-called PKFail.
The talk will focus on the following:
* The current state of Cisco Meraki’s device security model, spanning multiple devices and product generations
* Mistakes made in implementing secure boot, allowing for execution of unsigned code on devices employing secure boot
Come and find out if the teleworker gateway, or the wireless router used in your child’s school, are really as secure as the manufacturer claims they are. And is the intent behind securing these devices really to prevent adversaries from compromising them, or more to protect the profits of the manufacturer selling them?
This talk will focus on Cisco Meraki's efforts to secure their recent devices against unsigned code execution, the specific steps they've taken, and details on the mistakes made that allow users to run an open-source firmware like OpenWrt on their device. You can expect photos of hardware disassembly, C code, and disassembler screenshots.
I will also go over what steps you can take if you plan to ship an embedded device and want to prevent tampering. Finally, I will discuss over the moral and ethical issues surrounding secure boot, device re-use, and e-waste.
Hal studied Computer Systems Engineering and works as a software developer. One of his many hobbies is asking companies for their GPL source code, and reverse engineering embedded devices. Hal is the main developer behind the postmerkOS open-source firmware for several Meraki switch models.
You can find more information on his blog «WatchMySys» : https://watchmysys.com/blog/