How Do I Do Research?

Much has been done in the research field about conducting research. This is a broad and diverse area of information science. The foundation of it is called scientific method and in simple words: it is the use of experimentation and observation to answer questions. What many people dismiss and are, in my opinion, the two most important points are:

Read More

SMMMmmmm - when root is not enough

Swimming, Diving, Hopefully not Drowning!

I got a super nice project, and for that I needed to learn how the SMM really works. Again I started dipping my toes in this ocean of knowledge and I hope I don’t get too excited and drown myself before even getting started ;) For the people who are not sure if they want to read all this:

TL;DR

In SMM, it is possible to modify SMM saved execution context. SMM also sets its own IDT, it is initialized by the BIOS (DXE) and tons of cool stuff.

Read More

Learning about the BIOS


or why do we discuss how to authenticate the user to the machine, but never the machine to the user


My path into low-level security

I have been away for a while as you may or may not have noticed and the reason for that is a great one! I am learning new things and as usual I will try to share my notes here. They are going to be chaotic and I can not give you any guarantee that I got it right, so please let me know if something looks weird ;)

Read More