Firmware—the low-level software that controls hardware before the OS boots—was a blind spot. For years, researchers warned about BIOS attacks, but they were considered "theoretical" or requiring physical access. The general consensus was: If an attacker has admin rights, you’ve already lost. destroyed that illusion.
Rogers used the platform to address the elephant in the room: the ongoing legislative battle over encryption and the "Going Dark" debate. He argued that privacy and security were not mutually exclusive and that the government needed a legal framework to access encrypted communications to prevent terrorist attacks. blackhat.2015
Before diving into the bombshells of Black Hat 2015, it is crucial to understand the context. In mid-2015, the industry was obsessed with two things: Heartbleed (from 2014) and the rise of Ransomware. Most enterprise defense budgets went towards next-gen firewalls, endpoint detection, and frantic patching of operating systems. destroyed that illusion
For the first time, forced vendors like Apple and Lenovo to acknowledge that firmware-level rootkits were not science fiction; they were already being used by nation-states (specifically, the Equation Group, revealed by Kaspersky earlier that year). Before diving into the bombshells of Black Hat