Security
Engage with our experts on security topics
Announcements
Welcome to the Intel Community. If you get an answer you like, please mark it as an Accepted Solution to help others. Thank you!
38 Discussions

How Secure Boot helps protect against bootkits used in malware

IPAS_Security
Employee
1 0 383

Hi everyone,

Jerry and CRob here again with another episode of Chips & Salsa where we discuss security topics at Intel. In this episode, industry pioneers and Intel employees Brian Richardson and Vincent Zimmer discuss how UEFI Secure Boot, Intel® Boot Guard, and the Trusted Platform Module (TPM) work together to help protect systems from UEFI bootkits such as the one recently discovered by Kaspersky being used by the FinSpy/FinFisher/Wingbird malware.

Guest Bio’s:

Brian Richardson
Brian Richardson is the Security Marketing lead for Intel Technology Leadership Marketing (TLM). Prior to this role, Brian focused on the firmware that quietly boots billions of computers. He worked on migrating the industry from 16-bit PC BIOS to UEFI and promoting open-source firmware development. Brian has presented at multiple technical conferences, including Intel Developer Forum, Bsides, LinuxCon, Linaro Connect, and UEFI Plugfest.

Brian incorporates his interest in photography, video production, and event hosting at Dragon Con into his work in technical marketing. He also incorporates his interest in martial arts into farm projects by occasionally kicking things that don't work properly.

Vincent Zimmer
Vincent Zimmer is a senior principal engineer in the Software Architecture and Technology Group (SATG) at Intel in the Seattle, WA area. He has been working on EFI security at Intel since the late 90’s and leads the UEFI Security sub team https://www.uefi.org and efforts on open source EDKII security https://tianocore.org/security. Vincent has presented at industry events, such as the Open Source Firmware Conference, Linux Fest Northwest, Intel Developer Forum, UEFI Plugfest, Open Compute Project Summit, BlackHat Las Vegas, BSides Seattle, Toorcamp, and Cansecwest. Vincent has co-authored many industry standards, including the original EFI interfaces and platform support for the Trusted Platform Module, along with several papers and books, such as https://www.amazon.com/Building-Secure-Firmware-Armoring-Foundation/dp/1484261054/. He has over 450 issued US patents.

When not working Vincent has a passion for retro computing and books, with each competing for the remaining shelf space vacancies in the home office.

Thanks for watching!

Jerry Bryant
Sr. Director
Intel Product Assurance and Security