Who’s in your firmware, and why should you care?

Roger Thompson
TCSL Research

This presentation enumerates threats known to exist in some versions of the Unified Extensible Firmware Interface, and discusses other items perhaps best described as “Not Yet ‘threats per se’, But Should Be Kept In Mind”.

The author describes himself as a first-generation anti-virus guy, who is quite sure that the next malware battleground is below the OS… in the firmware. He formed his current business, TCSL Research LLC, in 2016, to study issues with the firmware.