Open Stack

Some operators have taken an approach of attestation and system
measurement as a means to try and combat these sorts of vectors,
however, if the TPM can't read the firmware to "measure" checksum out
of the inband firmware channel, i.e. access the flash directly, not
what malicious byte code could reply to, then it is a little difficult
to trust that mechanism. The positive is that this mainly means things
like drives are the items at risk at this point. Not exactly
comforting as the first firmware POC I can think of that spoofs on
checking the firmware was against a SATA disk.

I know some operators have brought up trying to drive their vendors
into means of having an out of band mechanism to be able to check and
assert these things, where in the meantime they are performing in-band
flashing on upon each cleaning in hope to scrub malicious firmware in
hopes of squashing any malicious user's actions. This is an approach a
number of operators have publicly stated they've taken, however it
requires creating your own custom hardware manager to align with the
hardware you have and the firmware versions you want/expect.

I think this is a good topic for the baremetal SIG to try and discuss
and push forward, because as Jay said, there is no silver bullet, and
most of these patterns are basically highly customized sorts of
patterns and interactions based upon your environment, your hardware,
and the attack vectors you're concerned about.

-Julia

On Wed, Dec 16, 2020 at 9:19 AM Jay Faulkner
<jay.faulkner at verizonmedia.com> wrote:
>
> I've attempted to secure physical hardware at a previous job. The primary tools we used were vendor relationships and extensive testing. There's no silver bullet to getting hardware safe against a "root" user.
>
> Not trying to give an unhelpful answer; but outside of the groups that Jeremy linked, there's been very little innovation enabling you to secure  your hardware,  unless you work directly with a vendor (and have the buying power to make them listen).
>
> -
> Jay Faulkner
>
>
> On Tue, Dec 15, 2020 at 3:48 PM Eric K. Miller <emiller at genesishosting.com> wrote:
>>
>> Hi,
>>
>>
>>
>> We have considered ironic for deploying physical hosts for our public cloud platform, but have not found any way to properly secure the hosts, or rather, how to reset a physical host back to factory defaults between uses - such as BIOS and BMC settings.  Since users (bad actors) can access the BMC via SMBus, reset BIOS password(s), change firmware versions, etc., there appears to be no proper way to secure a platform.
>>
>>
>>
>> This is especially true when resetting BIOS/BMC configurations since this typically involves shorting a jumper and power cycling a unit (physically removing power from the power supplies - not just a power down from the BMC).  Manufacturers have not made this easy/possible, and we have yet to find a commercial device that can assist with this out-of-band.  We have actually thought of building our own, but thought we would ask the community first.
>>
>>
>>
>> Thanks!
>>
>>
>> Eric
>>
>>