Last week I had the opportunity to visit https://en.wikipedia.org/wiki/S%C3%A3o_Paulo for the Hackers 2 Hackers Conference https://www.h2hc.com.br/en/.
I was invited to give a keynote on UEFI security
This is only the 2nd public keynote I have given in my career. The first was back in 2018 https://www.osfc.io/2018/talks/keynote/. The latter treated open source, whereas this one predominately covered security but with a taste of open source weaved in.
https://rcvalle.com/blog/2023/12/09/llvm-cfi-and-cross-language-llvm-cfi-support-for-rust/.
My topic
visited some familiar themes but also included a snapshot of the latest work in mitigations https://github.com/vincentjzimmer/Documents/blob/master/H2H%20-%20Vincent%20Zimmer%20-%20The%20Story%20of%20UEFI%20(and%20its%20security%20mitigations).pdf.
I was impressed also with the BIOS hacking room where folks like
were writing BIOS, debuggers, and other low-level bits from scratch. One of the students brought out
https://www.degruyter.com/document/doi/10.1515/9781501505690/html?lang=en and inquired about other learning resources. I realized I have been remiss in refreshing pages like http://vzimmer.blogspot.com/2020/12/resources-for-starting-with-host.html.
As always, the 'hallway track' is the most engaging aspect of the conference. Therein I happened to meet some local firmware security engineers
and signed a copy of the firmware security book https://link.springer.com/book/10.1007/978-1-4842-6106-4 that they were using at the university
too.
The city was an interesting study in contradictions. Immediately in front of the hotel I was treated to the scene
And nearby in one direction
Whereas a short walk in the other direction yielded a modern mall with high-end stores
And of course long lay-overs and flights provide an opportunity to think of some of my favorite philosophers, such as Alan Watts.
Interesting stuff.
