coreboot Conference - Day 1
Fri, 09 Oct 2015
(blogged on Mi, 16 Mär 2016)
In
Conferences.
Curiosity and its proximity caused my attendance of coreboot 2015 conference which ran from Friday, October 9th, until Sunday, October 11th, in Bonn. It was organized by Carl-Daniel Hailfinger, a coreboot developer, and located in the Deutsche Museum in Bonn.
The reserved conference hall was well attended with approx. 30 participants and it seemed that in addition to the core developers and users of coreboot many interested people, like me, had been attracted.
The Talks
Slides to some of the talks are available on above given link.
After the welcome opening by Carl-Daniel Hailfinger Dr. Gerhard Schabhüser fom the BSI gave an introductory talk. Then Stefan Reinauer (Google Inc.) presented an overview of coreboot'S history.
Martin Roth (Google Inc.) offered an introduction to coreboot. He reported background infos like the significant increase in source code contributions and numbers of developers during the recent three years. A valuable hint was for the eBook Embedded Firmware Solutions which can be downloaded for free from Apress after registration.
Under "The Market: Breaking coreboot's assumptions since 2009" Patrick Georgi (Google Inc.) reported on hoe the assumptions in coreboot's development and build process had repeatedly to be adapted to progress in hardware. That, similar to Linux, a project as close to the silicon as coreboot meanwhile, meanwhile have to state "sorry, blobs are here to stay" came as a surprise to me.
Georg Wicherski (CrowdStrike) painted with "A reasonably safe travel burner laptop" a rather bleak picture on the security of laptops while traveling to diverse countries. As a remedy he put forward a methode for securely configuring a travel laptop, which he has published on GitHub as well.
After the lunch break Patrick Georgi (Google Inc.) highlighted with "Applying NIST SP800-147 and the depthcharge" the topic of BIOS Sicherheit primarily using the example of Chrome OS.
Paul Menzel (Giant Monkey Software Engineering) then conveyed quality assurance measures of the coreboot team, especially using Gerrit and REACTS
After the coffee break presented his point of view regarding "Blob free coreboot: A lost cause on x86?" dar.
Marc Jones introduced the "coreboot binary policy v0.1".
Unfortunately I could not attend the last to talks of the day.