A posting from Dark Reading in there Authentication Section: As July’s Black Hat US in Las Vegas nears, organizers have confirmed another trio of highlighted Briefings from the show, which all focus, in some way or other, on getting under the skin of key systems. Here’s the official rundown:
– Technologies don’t get much more ubiquitous than NAND memory, which is used in just about every gadget going. But ubiquity rarely equals safety, as Josh “m0nk” Thomas will demonstrate in “Hiding @ Depth: Exploring, Subverting, and Breaking NAND Flash Memory.” Thomas will show how NAND hardware can be subverted to hide persisting files, opening the door to everything from basic malwares to full-on device bricking. He’ll release two open-source Android tools to both hide and reveal these hidden files, and explore the security implications of NAND’s striking vulnerabilities. Think there’s an easy fix? Unlikely. Come to the session for the full appraisal.
— Windows 8’s Secure Boot, based on UEFI 2.3.1’s Secure Boot, marks a needed, long-in-coming step toward securing boot sequences against malware. But as ever, the devil is in the minute details, and it turns out that platform vendors are making certain mistakes that can completely undermine Secure Boot’s intended protections. Join Intel’s Yuriy Bulygin for “A Tale of One Software Bypass of Windows 8 Secure Boot,” in which he’ll demo a full software bypass of Windows 8 Secure Boot and explain how these breaches could HAve been avoided had the hardware vendors done things differently.
To read more click here: