IPMI’s Inconvenient Truth: A Conversation With Dan Farmer

The work of brilliant computer security researchers often borders on a kind of madness. After all, it takes dedication and a certain amount of monomania to dig through the mush of disassembled source code or the output of application fuzzers and find the one software vulnerabilities - or chain of vulnerabilities - that might lead to a successful attack.

Farmer is warning of the danger posed by insecure implementations of IPMI, which is used to remotely manage servers in large-scale deployments.

Often, this work puts you at odds with what most of us consider "the real world." Notably: the well-respected researcher Dragos Ruiu had many in the security community wondering about his sanity after he sounded the alarm about a super stealthy piece of BIOS malware he dubbed "BadBIOS" that seemed to be everywhere and nowhere, all at once.

Dan Farmer finds himself in a similar position as he continues to sound alarms about the security threat posed by insecure implementations of the Int...

To read the full post subscribe and log in. Subscription is free and you can register below. Alreayd a member? Log in below!

New users register here