Viktor Petersson logo

Podcast

Follow Me

Join Viktor, a proud nerd and seasoned entrepreneur, whose academic journey at Santa Clara University in Silicon Valley sparked a career marked by innovation and foresight. From his college days, Viktor embarked on an entrepreneurial path, beginning with YippieMove, a groundbreaking email migration service, and continuing with a series of bootstrapped ventures.

Podcast Image
Episode 20
Philipp Deppenwiese

Uncovering Firmware Security: A Deep Dive with Binarly's Philipp Deppenwiese

Play On Listen to podcast on YouTube Listen to podcast on Spotify Listen to podcast on Apple Listen to podcast on Amazon music
21 SEP • 2024 1 hour 0 mins
Share:

In this episode of Nerding Out with Viktor, guest Philipp Deppenwiese joins Viktor Petersson for a thought-provoking discussion on the intersection of security, technology, and innovation. As an expert in his field at Binarly, a renowned cybersecurity firm specializing in firmware and BIOS security research, Philipp sheds light on the importance of attestation in modern computing, highlighting its potential to revolutionize the way we approach secure boot and trusted platform modules (TPMs).

For those who may not be familiar, Binarly has made significant contributions to the field of firmware security research. Notably, their discovery of BIOS vulnerabilities like PixieFail and LogoFail has sent shockwaves throughout the industry, emphasizing the need for more robust security measures in modern computing systems. Viktor has been particularly impressed by Binarly’s work and is thrilled to have Philipp on the show.

Philipp’s passion for explaining complex concepts in a clear and concise manner makes this episode a must-listen for anyone interested in cybersecurity. He begins by emphasizing that traditional secure boot mechanisms often fall short in ensuring the integrity of system software, particularly when it comes to verifying the authenticity and version of executed code. This is where attestation comes into play, providing a more robust method for proving the state of a system.

As Viktor listens intently, Philipp shares his insights on how TPMs can facilitate attestation, enabling users to verify that their system has not been tampered with or compromised. He highlights the benefits of using hashes instead of signatures, which provide an append-only lock on system state, making it virtually impossible to alter or manipulate.

Throughout the conversation, Viktor and Philipp delve into real-world examples, discussing how secure boot can be “painful” in Linux environments, unlike Windows, where it’s more straightforward. They also touch upon the importance of understanding the entire boot flow, from firmware to operating system kernel, to ensure trustworthiness.

Philipp’s expertise shines as he explains the concept of confidential computing and its relation to attestation. He discusses how certain technologies can enable secure computation on cloud stacks, utilizing attestation as a means to verify system integrity. This innovative approach has significant implications for industries requiring high levels of security, such as finance or government.

One of the most compelling aspects of this episode is Philipp’s emphasis on transparency and visibility in modern computing. He notes that people often “just run things” without questioning the underlying software or firmware, highlighting the need for more robust attestation mechanisms to ensure trustworthiness. Viktor chimes in, acknowledging the challenges of implementing secure boot in Linux environments.

Philipp’s company has developed innovative solutions leveraging TPMs and attestation, showcasing their commitment to pushing the boundaries of security innovation. As Viktor listens attentively, Philipp shares his insights on why he believes this technology will be crucial for the next generation of computing systems.

Throughout the episode, Viktor’s curiosity and engagement with Philipp create a dynamic conversation that is both informative and engaging. Listeners will appreciate the clarity and depth Philipp brings to complex topics, making this an excellent listen for anyone interested in security, innovation or the intersection of technology and human experience.

This podcast episode offers a unique blend of technical expertise, industry insights and innovative ideas, making it a standout discussion among tech enthusiasts and professionals. With Philipp Deppenwiese as the guest, Nerding Out with Viktor has successfully delivered an engaging conversation that will captivate listeners looking for in-depth analysis on topics relevant to their interests.

Listen now to this episode of Nerding Out with Viktor and experience the fascinating world of security innovation through the lens of expert Philipp Deppenwiese.

Found an error or typo? File PR against this file.