Security Techniques

Thunderstrike 31c3

Thunderstrike 31c3: This is an annotated version of my 31C3 talk on Thunderstrike, a significant firmware vulnerability in Apple’s EFI firmware that allows untrusted code to be written to the boot ROM and can resist attempts to remove it. There is also an hour long video of the talk if you prefer to watch instead of read. If you just want the tl;dr version, you can skip to the summary of the talk or check out the FAQ.