Conference:  Defcon 31

Authors: Alex Tereshkin Principal System Software Engineer (Offensive Security), NVIDIA, Adam Zabrocki Distinguished Engineer (Offensive Security), NVIDIA

2023-08-01

The Baseboard Management Controller (BMC) is a specialized microcontroller embedded on the motherboard, typically used in servers and other enterprise-level hardware. The security of the BMC is critical to the overall security of the system, as it provides a privileged level of access and control over the hardware components of the system, including the ability to perform firmware updates, and even power the system on and off remotely. When the internal offensive security research team was analyzing one of the NVIDIA hardware, they detected several remotely exploitable bugs in AMI MegaRAC BMC. Moreover, various elevations of privileges and "change of scope" bugs have been identified, many of which may be chained together resulting in a highest severity security issue. During this talk we would like to take you on the journey of the whole attack sequence: from having zero knowledge about a remote AMI BMC with enabled IPMI (yeah, right) to flashing a persistent firmware implant to the server SPI flash. The chain will be about a dozen bugs long, so buckle up.

Conference:  KubeCon + CloudNativeCon Europe 2023

Authors: Jorge Palma

2023-04-19

The presentation discusses the importance of building sustainable, carbon-aware cloud-native apps and reducing carbon emissions for k8s workloads using the CNCF open-source project KEDA.

• Sustainability in the technology space requires reducing emissions while facing greater demand to build scalable applications
• Green software principles include energy efficiency, hardware efficiency, and carbon awareness
• Carbon intensity is the measure of the amount of carbon produced in order for the energy that we use to be created
• The carbon-aware scalar for KEDA uses demand shaping to scale workloads based on the carbon intensity of the infrastructure where they're running
• The carbon-aware scalar is implemented using a Kubernetes operator that reads infrastructure provider's data from a config map
• The carbon-aware scalar is an open-source wrapper for public sources of data
• The carbon-aware scalar allows users to define carbon emission thresholds and maximum replicas
• The project is being developed for CADA core and users are encouraged to join the sustainability efforts
• Join the CNCF sustainability tag and check the links for more information