About safety UEFI, part six

All good and not so good ever ends, it's time to gradually finish this cycle of articles.
In this penultimate part, we will talk about people plowing in the field of UEFI security on both sides, useful software and authors and sources of information on the topic for those who need it. I apologize in advance if I forget to mention someone important, correct me in the comments in this case.
As always, links to the previous parts of the opus for those who missed them, the rest I ask for cat.

Part six. About people

As practice shows, the same specialists and companies openly deal with the security issues of UEFI all the time of its existence, and therefore the “UEFI security world” is small enough to be virtually completely familiar with it. It is clear that the security service workers, developers of cryptographic protection tools with draconian NDAs, and “black hats” who look at the world through a chain of proxies and a dozen I2P-> TOR-> Internet gates are interested in the same topic, but this is not about them.
It will go about "well-known in narrow circles" experts on UEFI, attacks on him, non-destructive modification of firmware and the like. If suddenly I forget someone by chance (or simply not being in the know) - I am glad of your comments.

Vincent zimmer

Blog , Twitter .
An Intel engineer who stood at the origins of the UEFI specification and has been working on it for over 10 years. Author and co-author of several books on UEFI (the most famous is Beyond BIOS ), as well as a huge number of articles, texts and posts.
He writes a lot of different things on Twitter, but mostly these are links to interesting articles in the press, so if you are only interested in UEFI, only hardcore, it’s better not to follow this gentleman, but I recommend reading the entire blog.
')

LegbaCore: Corey Kallenberg and Xeno Kovah

Site , Twitter one , two , Github .
A startup of two former security researchers of firmware from MITER, organized in 2015. At MITER, they have been developing the Copernicus firmware infection warning system, are now doing research on various aspects of safety, advising IBV on these issues, and are gradually sawing the continuation of Copernicus under a different name. Best known as co-authors of the attack on S3 BootScript (I described it in the third part ) and the “rediscovery” of the SMM Incursion attack (described in the second part ).
On Twitter, you should follow both, instead of a blog, you should look at the contents of this page of their site - this is where links to research and their presentations appear.

Invisible Things Lab: Rafal Wojtczuk and Joanna Rutkowska

Website , Blog one , two , Twitter .
About this team of researchers led by Madame Rutkovskaya on Habré, probably, almost everyone heard. They are engaged in research of all in a row, including firmware, but are known mainly as the authors of Qubes OS and the pioneers of the attack SMM cache poisoning (described in the second part ).
Twitter leads only Yoanna, it’s definitely worth following, it’s also worth a blog to read. Rafal, besides the ITL blog, sometimes writes to the Bromium Labs project blog , I also definitely recommend.

Intel ATR: Alexander Matrosov Matrosov, Yuri Bulygin, Alexander Bazhanyuk, Andrey Furtak, and others

Site one , two , Twitter one , two , three , four , GitHub .
A mighty handful of Russian-speaking security researchers all in a row, including firmware, virtualization technologies and other lower level. In addition to the huge number of articles and conferences, the authors are the Chipsec framework, which radically simplified the life of a simple IBV engineer, for which I thank them a lot.
On Twitter, follow all, blogs and work to read necessarily.

Dmitry d_olex Oleksyuk

Blog , Twitter , Githab .
Another Russian-speaking security researcher of firmware, known for his articles on practical security (that is, not just a “hole here,” but “here is the code that exploits it”), the author of the first open SMM rootkit in my memory and many other interesting projects.
On Twitter to follow without fail, read the entire blog.

Pedro vilaça

Blog , Twitter , Githab .
A very famous researcher on the safety of Apple products, including their firmware, constantly speaks at conferences around the world, where he shares his work. Recently discovered a sensational error with resetting PR registers after S3 on some Apple systems ( Prince Harming ).
Twitter writes a lot and different, to follow or not - decide for yourself. Blog and reports is definitely worth reading.

Trammell hudson

Blog , GitHub .
Another well-known security researcher for Apple firmware is the author of Thunderstrike and Thunderstrike 2 attacks. Engaged in computer security since time immemorial, the author of many interesting articles and posts (the entire list ). A blog is a must-read.

Teddy reed

Blog , Twitter , Githab .
Another security researcher UEFI, the author of the Subzero.io project on cataloging firmware versions and tracking changes in them, for which he wrote the utilities uefi-spider and uefi-firmware-parser. Currently working on an OSQuery project.
It is worth following on Twitter, the blog is also very interesting.

Matthew garrett

Blog , Twitter , Githab .
A security specialist from the Linux world who introduced this very world to the SecureBoot technology. Author of many interesting articles about firmware and their interaction with Linux.
He writes briefly and in the case, follow on Twitter and read the blog is definitely worth it.

Lee fisher

Blog .
Firmware security specialist, the host of the blog FirmwareSecurity.com , in which almost every day he writes about pieces of UEFI security information found in the network. For experts on the topic and those who want to become them - in the RSS and bookmarks.

Donovan cudney

Blog , GitHub .
A well-known firmware modder, who wrote about a UEFI modification on more than one dozen articles on his blog, and helped him many times with a modification to applicants on the bios-mods.com forum. He is the author of the Universal IFR Extractor utility, which dramatically simplifies UEFI Setup research for hidden settings.
The blog does not write for a long time, but some articles worth reading.

Andy P

Topic on the forum MDL .
Another well-known modder of firmware, the author of the utility PhoenixTool, which, despite its closed code and the requirement of .NET 3.5, still remains one of the best utilities for non-destructive modification of UEFI-compatible firmware.
The forum speaks little, does not write articles, but I could not mention it.

Conclusion

Well, I told about people, it remains to collect all the mentioned vulnerabilities into a table, as promised in the first part, and write an article outside this cycle about the practical use of SecureBoot.
If you have questions, or you are interested in some topic related to UEFI, which I have not yet touched - welcome to the comments.
Thank you for your attention, read the above comrades and enlighten.

PS
I have not written anything about myself (otherwise, don’t give me a random, they will transfer it to “I am PR”), but let me quote from Corey Kallenberg:

FYI for anyone who is interested in security issues, you should also be following @NikolajSchlej