Testing BIOS Interrupt 0x13 Based Software Write Blockers

Disk Drive I/O Commands and Write Blocking

A write blocker allows read-only access to digital data on a secondary storage device by placing a hardware or software filter between the host computer and the storage device. The filter monitors I/O commands sent from the application on the host computer, only allowing commands to the device that make no changes to its data. This paper examines the I/O commands used to access secondary storag...

Symbolic Execution for BIOS Security

We are building a tool that uses symbolic execution to search for BIOS security vulnerabilities including dangerous memory references (call outs) by SMM interrupt handlers in UEFI-compliant implementations of BIOS. Our tool currently applies only to interrupt handlers for SMM variables. Given a snapshot of SMRAM, the base address of SMRAM, and the address of the variable interrupt handler in SM...

Overcoming BIOS development challenges in embedded systems

One solution within developers’ grasp is Intel’s Platform Innovation Framework for Unified Extensible Firmware Interface (UEFI), aka the Framework (www.intel.com/ technology/framework/). How can the Framework make life easier? How about these perks for starters: faster time to market, less frustration, easier-to-use code, open source drivers, simplified debugging, write once and use many times,...

Author's response to reviews Title:Theory-driven, web-based, computer-tailored advice to reduce and interrupt sitting at work: development, feasibility and acceptability testing among employees Authors:

Low Budget Forensic Drive Imaging Using ARM Based Single Board Computers

Traditional forensic analysis of hard disks and external media typically involves a “dead analysis” of a powered down machine. Forensic acquisition of hard drives and external media has traditionally been accomplished by one of several means: standalone forensic duplicator; using a hardware write-blocker or dock attached to a laptop, computer, workstation, etc.; forensic operating systems that ...