Viktor Petersson logo

Podcast

Follow Me

Join Viktor, a proud nerd and seasoned entrepreneur, whose academic journey at Santa Clara University in Silicon Valley sparked a career marked by innovation and foresight. From his college days, Viktor embarked on an entrepreneurial path, beginning with YippieMove, a groundbreaking email migration service, and continuing with a series of bootstrapped ventures.

coreboot Uncovered: BIOS Security, and Vulnerabilities with Matt DeVillier and David Hendricks

Play On Listen to podcast on YouTube Listen to podcast on Spotify Listen to podcast on Apple Listen to podcast on Amazon music
24 MAR • 2024 1 hour 11 mins
Share:

In this comprehensive episode of “Nerding Out with Viktor,” tech enthusiasts and industry insiders will be treated to a fascinating discussion on coreboot, a leading open-source BIOS technology that’s revolutionizing the world of firmware development. Joining host Viktor Petersson are two esteemed guests who bring their wealth of experience and expertise to shed light on the intricacies of coreboot.

Matt DeVillier, also known as Mr. Chromebox, is renowned for his contributions to coreboot, first as a community member and later professionally at Purism and AMD. His journey from a hardware enthusiast to becoming a notable figure in the coreboot community will be an inspiration to many. David Hendricks, a seasoned expert with experience at major tech companies like Facebook, Google, and Amazon, adds his expertise to the conversation, sharing his experiences working on coreboot during his internship with project founder Ron Minnich.

Throughout this episode, Viktor delves deep into the mechanics and significance of coreboot, contrasting it with U-Boot and highlighting its varied applications in Chromebooks and server environments. A significant part of their discussion focuses on security within BIOS technology, discussing Secure Boot, verified boot, and UEFI Secure Boot. The importance of BIOS control for robust security is emphasized, as well as the impact of critical BIOS vulnerabilities like LogoFail and PixieFail on the security landscape.

Supply chain security emerges as a key topic, with Viktor exploring the importance of transparency and control in the firmware development process. Software Bill of Materials (SBOMs) are discussed in detail, highlighting their role in ensuring firmware integrity and trust. This conversation reflects coreboot’s commitment to supply chain security and demonstrates its dedication to transparency and openness.

For organizations considering a transition to coreboot, Viktor provides valuable insights into the challenges and steps involved. Early engagement with Original Design Manufacturers (ODMs) is emphasized as essential for a smooth transition, and consulting services are highlighted as a viable option. The potential of RISC-V in the open hardware field is also explored, with coreboot’s involvement in this evolving area sparking interesting discussions.

As the episode comes to a close, Matt and David share their thoughts on the circular economy and coreboot’s role in extending the lifespan of hardware. The importance of sustainable computing practices in developing countries is highlighted, making for a compelling conclusion to an informative and engaging conversation.

This episode of “Nerding Out with Viktor” offers a thorough understanding of coreboot, its impact on technology, and its crucial role in BIOS security and supply chain integrity. With its unique blend of industry insights and innovative ideas, this podcast episode is sure to captivate tech enthusiasts and industry insiders alike.

For those interested in learning more about coreboot, Viktor provides the following resources:

  • Discover more about coreboot, including consultant links (coreboot IBVs), hardware vendors using coreboot, and extensive documentation at coreboot’s homepage.
  • Explore MrChromebox.tech for Matt DeVillier’s (Mr. Chromebox) custom distribution of coreboot.
  • Access Converged Security Suite, a suite of tools designed for provisioning Bootguard, enhancing the security of your devices.
  • Utilize goswid, a tool for generating Software Bill of Materials (SBOM) within coreboot, ensuring firmware transparency and integrity.
  • For developers and enthusiasts, find comprehensive information on Chrome OS Devices, including those powered by coreboot, at Developer Information for Chrome OS Devices. Note that almost all recent x86 and ARM models of ChromeOS devices use coreboot, with the exception of the earliest models.

Found an error or typo? File PR against this file.