Dasharo TrustRoot Ephemeral Key Incident
Published at December 22, 2025 · Michał Kopeć · Maciej Pijanowski · 8 min read
This report details a release engineering incident where a Dasharo firmware update successfully performed End-of-Manufacturing (EOM) fusing on NovaCustom laptops but utilized an ephemeral testing key instead of the persistent production key. We provide a technical analysis of the situation and outline impact for affected end users....
Windows HLK for Firmware Validation
Published at December 11, 2025 · Filip Gołaś · 23 min read
Learn about introducing a new tool to the arsenal of Dasharo testers. Windows Hardware Lab Kit - a framework able to perform over 3000 tests used to certify hardware and drivers as compatible with Windows...
Categories: miscellaneous
Gigabyte MZ33-AR1 Porting Update: BMC IPMI commands and Upstream
Published at December 5, 2025 · Michał Żygowski · 11 min read
The Gigabyte MZ33-AR1 porting effort is slowly coming to an end. In the previous blog post we already showed a booting Linux and Windows. Now we show the finishing touches before Dasharo release: BMC IPMI commands, HCL tooling updates for the incoming Phoenix platforms and the Turin upstream status....
Categories: firmware
Porting Dasharo to ASRock Rack SPC741D8/2L2T
Published at December 2, 2025 · Michał Kopeć · 12 min read
This is a post about the process of porting Dasharo to a modern Intel-based server platform. Join me to learn how a coreboot port is integrated into Dasharo and enhanced with Dasharo features....
Categories: firmware
Stop dreading NIS2: Unlock your firmware digital sovereignty with Zarhus.
Published at November 28, 2025 · Kamil Aronowski · 12 min read
The NIS2 Directive marks a new era of mandatory cyber risk management and accountability, with a focus on supply chain integrity. Today, we'll discover how Zarhus empowers you to master NIS2 compliance effortlessly, so you can take back control, secure your digital sovereignty, and focus on what truly matters - YOUR way....
Published at November 27, 2025 · Sergii Dmytruk · 20 min read
Dasharo on MeteorLake NovaCustom laptops has reached HSI-3. This took extending support for Intel BootGuard in coreboot and combining TPM event logs of coreboot and EDK II....
Dasharo Tools Suite: the story about scalability and stability, roadmap
Published at November 24, 2025 · Daniil Klimuk · 33 min read
Check out latest DTS upatest and roadmap. I will start from intro to DTS and the feature that are coming to it: hardware attestation, Chain of Trust and Root of Trust provisioning and verification, new hardware support. Then the brand new DTS E2E testing methodology, that help us maintain and further develop DTS, will be introduced and explained in details....
Categories: app-dev firmware miscellaneous os-dev
Gigabyte MZ33-AR1 Porting Update: ACPI and bugfixes
Published at November 5, 2025 · Michał Żygowski · 29 min read
In this blog post we will explain the effort of porting platform-specific ACPI code and show the extent of bugfixes required to run operating systems without issues on AMD Turin server platform, the Gigabyte MZ33-AR1....
Categories: firmware
Context-Based Auth.: Identify host by environment
Published at October 24, 2025 · Mateusz Kusiak · 13 min read
Geofencing - a mechanism that allows limiting various types of access to a specific area. To do so, often GPS or cellular information utilized. The issue is, stationary computers and laptops often lack needed hardware. …but what if we could use just the wifi-chips embedded in those devices to achieve even more secure result?...
Categories: iot miscellaneous security
Qubes OS Summit 2025 in Berlin: From R4.3 Features to Qubes Air Architecture
Published at October 20, 2025 · Piotr Król · 22 min read
Qubes OS Summit 2025 took place September 26-28 in Berlin, bringing together the community for talks on R4.3 updates, GUI improvements, infrastructure advances, and Qubes Air architecture. The event featured contributions from the Dasharo ecosystem including server firmware foundations, NovaCustom updates, UEFI Secure Boot progress, and TrenchBoot compatibility work. Day three hackathon focused on practical implementation including the Dasharo Patchqueue Initiative with XenServer expertise....
.png){kind=small}
