bolha.us

1 post1 participant0 posts today

Philip Molloy"Since bootloaders run before operating systems run, they mostly have UEFI-provided services as APIs to rely on. Therefore, bootloaders do not benefit from modern operating system security features"<a href="https://www.microsoft.com/en-us/security/blog/2025/03/31/analyzing-open-source-bootloaders-finding-vulnerabilities-faster-with-ai/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.microsoft.com/en-us/security/blog/2025/03/31/analyzing-open-source-bootloaders-finding-vulnerabilities-faster-with-ai/</a><a href="https://mastodon.social/tags/linuxboot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxboot</a>

Anoncheg<a href="https://techhub.social/tags/dailyreport" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dailyreport</a> <a href="https://techhub.social/tags/gentoo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#gentoo</a> <a href="https://techhub.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://techhub.social/tags/linuxkernel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxkernel</a> <a href="https://techhub.social/tags/linuxboot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxboot</a> <a href="https://techhub.social/tags/installation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#installation</a> <a href="https://techhub.social/tags/osinstallation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#osinstallation</a> <a href="https://techhub.social/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microsoft</a> <a href="https://techhub.social/tags/wifi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#wifi</a> OS Installation Memos. For Gentoo Linux 🐧: - wifi/bluetooth adapter trigger loading of binary firmware blobs from installUSB, it is better to remove it before installation. Driver may be fully opensource or requre firmware analspy. <a href="https://en.wikipedia.org/wiki/Comparison_of_open-source_wireless_drivers" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://en.wikipedia.org/wiki/Comparison_of_open-source_wireless_drivers</a> - Ensure that SSD is supported (NVME) in kernel - To speedup kernel building disable: + Network device support > Ethernet driver support and Wireless LAN + HID - > devices drivers - Firstly try Legacy BIOS. Don't disable anything in kernel.For MS Windows 🪟: configure firewall to block outgoin and store backups at separate partition. 🤡

Thierry Laurion<a href="https://mastodon.online/@novacustom" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@novacustom</a>Grateful to NovaCustom for their generous financial contribution and collaboration to integrate Heads firmware into their hardware offerings.This partnership highlights the growing adoption of Heads as a trusted solution for secure boot verification and tamper detection.Looking to adapt Heads to your specific needs? Explore our consultation services: <a href="https://osresearch.net/Consultation-Services/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://osresearch.net/Consultation-Services/</a>Want hardware preflashed with Heads? Check out our trusted vendors: <a href="https://osresearch.net/Vendors/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://osresearch.net/Vendors/</a><a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://infosec.exchange/tags/FirmwareSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FirmwareSecurity</a> <a href="https://infosec.exchange/tags/Heads" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Heads</a> <a href="https://infosec.exchange/tags/linuxboot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxboot</a> <a href="https://infosec.exchange/tags/firmware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#firmware</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/qubesos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#qubesos</a> <a href="https://infosec.exchange/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://infosec.exchange/tags/coreboot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#coreboot</a>

Tommi 🤯Done!Installation was bumpy… The main issue was that I chose <code>btrfs</code> for <code>/boot</code>, which apparently needs <code>ext4</code> instead.Now I am getting this error message during boot, does anyone have any idea about how to solve this? (Please tell me I don’t need to reinstall…)Apart from that everything seems to be working well! I will conclude the configuration tomorrow.<a href="https://framapiaf.org/@debian" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@debian</a> <a href="https://fosstodon.org/@frameworkcomputer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@frameworkcomputer</a> <a href="https://pan.rent/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://pan.rent/tags/LinuxInstall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinuxInstall</a> <a href="https://pan.rent/tags/Debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Debian</a> <a href="https://pan.rent/tags/DebianInstall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DebianInstall</a> <a href="https://pan.rent/tags/DebianTrixie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DebianTrixie</a> <a href="https://pan.rent/tags/Debian13" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Debian13</a> <a href="https://pan.rent/tags/GRUB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GRUB</a> <a href="https://pan.rent/tags/LinuxBoot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinuxBoot</a> <a href="https://pan.rent/tags/help" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#help</a> <a href="https://pan.rent/tags/Framework" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Framework</a> <a href="https://pan.rent/tags/FrameworkLaptop" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FrameworkLaptop</a>

Kevin Karhan :verified:<a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@BleepingComputer</a> pretty shure <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> supoort is more of an <a href="https://infosec.space/tags/accident" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#accident</a>, but eother way it clearly shows the problem that <a href="https://infosec.space/tags/overcomplex" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#overcomplex</a> garbage like <a href="https://infosec.space/tags/UEFI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UEFI</a> has.<ul><li>The solution is to swutch over to <a href="https://infosec.space/tags/LinuxBoot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinuxBoot</a> nee. <a href="https://infosec.space/tags/NERF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NERF</a> instead!</li></ul>

Kevin Karhan :verified:<a href="https://infosec.space/@wravoc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@wravoc</a> IMHO, <a href="https://infosec.space/tags/TPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TPM</a> & <a href="https://infosec.space/tags/UEFI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UEFI</a> are both <a href="https://infosec.space/tags/Scams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Scams</a> and neither can be trusted due to being <a href="https://infosec.space/tags/backdoored" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#backdoored</a> and <a href="https://infosec.space/tags/Bloatware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Bloatware</a> respectably.Personally, I want a machine that is purposefully <a href="https://infosec.space/tags/incompatible" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incompatible</a> with <a href="https://infosec.space/tags/CensorBoot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CensorBoot</a> by <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> (and thus <a href="https://infosec.space/tags/Windows11" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows11</a>) by using <a href="https://infosec.space/tags/LinuxBoot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinuxBoot</a> / <a href="https://infosec.space/tags/NERF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NERF</a> and no TPM at all!Sadly I guess that means I've to use the <a href="https://infosec.space/tags/RISCv" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RISCv</a> version of the <a href="https://fosstodon.org/@frameworkcomputer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@frameworkcomputer</a> mainboard for that... The fact that UEFI has more code than the <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://infosec.space/tags/Kernel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kernel</a> with all it's drivers yet less than 100 contributors makes it inacceptable!

Daniel aka CyReVolt 🐢I am happy to announce <a href="https://mastodon.social/tags/Fiedka" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Fiedka</a> the <a href="https://mastodon.social/tags/firmware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#firmware</a> editor v1.3.4 🥳Now with a nice welcome screen, toolbar, CBFS (coreboot) parsing and <a href="https://mastodon.social/tags/UEFI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UEFI</a> editing capabilities. You can remove DXEs, and if space allows, replace BdsDxe with your own app to roll out <a href="https://linuxboot.org" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://linuxboot.org</a> via the <a href="https://mastodon.social/tags/LinuxBoot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinuxBoot</a> button. Someone has already done that on real hardware, as I heard. \o/Download and more information: <a href="https://fiedka.app" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://fiedka.app</a> 🐙PS.: Progress on the AMD PSP analysis is also happening (see screenshot). :-)

Recent searches

Search options

Administered by:

Server stats:

#linuxboot