Wednesday, September 26, 2018

East, and further east

Since I last blogged the Open Compute Project Open System workstream has continued to evolve Part of the feedback from that community helped inform the decision to liberalize the Intel FSP license, too A theme here includes trying to ease system development.

A lot of those efforts were driven out of the Seattle area, but I made my first sojourn east to for I followed the Trammell Hudson's presentation, which is always tough given his presentation prowess. This reminded me of the time when the Toorcamp organizer put my EFI defense talk immediately after Dan Griffin's EFI attack talk. In the end I got to know Dan and appreciated his offensive work since great offense inspires more strident defense.

The platform security summit was a great opportunity to engage with companies concerned about the transparency of open platforms, system assurance, and firmware. There has been a lot of discussion about moving to RUST, including the sentiment from Ron Minnich about today's proliferation of ring 0 C code "Too much writing of code, too little thought about not writing code, and it's all too easy nowadays just to barf out a couple KLOCs without thinking things through."  I'm especially interest in the potential ability to do verification actions, such as

I was pondering that while traveling back from DC when I bumped into David Aucsmith
Aucsmith while awaiting a return flight to Seattle. Dave provided me the insight the use Ceremonies as a model for system provisioning back at CanSecWest in 2015 in addition to the legendary contributions he made at Intel. I asked Dave what he though of language based security, such as RUST, and he simply replied to me, "If this is such as consideration, why haven't you been coding in Ada" coreboot even has a Ada runtime and I don't see much community support, so maybe Dave is on to something.....

After returning to Seattle, I steeled myself for the 'further east' journey, namely visiting Erlangen, Germany for I am honored to have been invited to deliver the keynote for this multi-firmware community event. What a passage of time since it makes 15 years since my first Intel Developer Forum solo talk Fast forward and I get to make a solo keynote.

Ironically, my keynote preceded Trammell's security keynote and he amazing slip-streamed my image into slide 10 of his deck

I tried not to 'preach' about firmware, especially since the event was held in a Church.

I also had the opportunity to provide security overviews w/ Maggie for the security hack-a-thon at the event.

I was definitely among my firmware brethren, of which I was reminded with pages like 'booting is hard.' Yes, it is.

Here's a shot of the event location from the outside.

I mentioned the Intel Firmware Support Package (FSP) in the event. That evening event a Swiss engineer answer my query about what I was eating with "It's like an FSP. We know what's on the outside,

but often not what's on the inside."

Nice. Firmware humor on top of the technical conversation and information exchange flow. Speaking of flow, I was reminded of the importance to share knowledge when an engineer early in his career asked for a signature of

Since last blogging I'm happy to have also participated in documenting more of the Intel platform behaviors, albeit the small core SOC, too. To me it's another tactic on how to scale knowledge and empower communities.

Finally, I'm glad to be back in the Pacific Northwest this week. Today and tomorrow I'm at Blue Hat which is a short walk from the Intel office. And no presenter-angst.

So no multi-hour flights, security lines, or strange hotel rooms

If you're around Blue Hat and catch this blog, say hello.

© 2018, Vincent ZimmerThis work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License