Bludgeoning Bootloader Bugs: No write left behind by Rebecca “.bx” Shapiro.
Slides from ShmooCon 2018.
If you are new to bootloading, consider Shapiro’s two blog post on the topic:
A History of Linux Kernel Module Signing
both from 2015, and her resources page.
Aside from the slides, her most current work is found at: https://github.com/bx/bootloader_instrumentation_suite.
ShmooCon 2018 just finished earlier today but check for the ShmooCon archives to see a video of Sharpio’s presentation.
I don’t normally post shout-outs for people seeking employment but Shario does impressive work and she is sharing it with the broader community. Unlike some governments and corporations we could all name. Pass her name and details along.