just_one_bearOct 5, 2023
@acdha This is why I will get in front of even *tiny* firmware updates from our vendors and run some sanity checks before they reach employee trials. I have trust issues but they are vindicated.
Show threadMrHumlekottenOct 5, 2023

@just_one_bear @acdha
I don’t know your team budget but this is a next to impossible task, even with automation. When the issue exist in a layer beneath the admin layer as in this case you basically have to do a full pen test on every firmware release. Where do you stop? How about the code inside the TPM, CPU microcode?

If just a single person on earth did this and reported it back to Cisco this vulnerability would have been discovered long ago.

Hopefully we’ll manage to train some kind of AI model to assist in searching for vulnerabilities like these in the future but the task is still hard to solve.
Even harder will be getting the vendors to actually remediate the findings. There’s no automation for that process.

Show threadjust_one_bear
@hmlekotten @acdha My gaffe: I was using the word vendors with a different meaning from what was expected. The firmware I work on is written for us to run on our products so my testing has a lot more inside-outward visibility than for working on things off the shelf. I clarified to address my error to @raven667 too. My running at least a sanity check for everything is because no one's build system is perfect. It has prevented some serious trouble from ever reaching a customer so I keep at it.
Oct 5, 2023 at 3:44pmWeb