Recent revelations of the NSA ANT program illustrated the many well-known and low-cost physical and firmware attacks that can compromise data in-use and system integrity. These attacks have become more concerning as more computing infrastructure runs outside an organization's physical control.
This talk will review several such attacks, including SMM bootkits, "cold booting," and malicious devices. We'll discuss several existing tools and technologies that can mitigate these risk such as Trusted Execution Technology (TXT) and memory encryption technologies. We will also discuss how upcoming technologies such as Software Guard Extensions (SGX), Enhanced Privacy ID (EPID), and TPM 2.0 can help protect against firmware and physical threats.