TrenchBoot AEM gains support for UEFI installations
Published at June 10, 2025 · Krystian Hebel · 13 min read
A feature craved by many is finally here. AEM can now be used with Qubes OS installed under UEFI. Oh, and some automated testing. But mostly UEFI....
Categories: bootloader firmware hypervisor os-dev security
Automating Firmware Security: CI for DBX and Microcode Updates in Dasharo
Published at May 29, 2025 · Michał Kopeć · 10 min read
Microcode and DBX are critical components in establishing the security of your platform. This blog post will discuss how Dasharo automates their updates, making our firmware more transparent and your platform more secure....
Published at May 20, 2025 · Daniil Klimuk · 30 min read
This post will introduce some of the very popular attacks that target electronic devices - the RAM attacks, but the main topic will be the verification of ram-wipe software solution protection from the attacks....
Categories: security
ZarhusBMC: The Beginning - Porting OpenBMC to the X11SSH Platform
Published at April 28, 2025 · Mateusz Kusiak · 12 min read
Reclaim your server! Can you trust a machine that runs unauditable code on a BMC? OpenBMC can solve this. This blog post is a summary of what it takes to build OpenBMC for an unsupported platform...
Enabling Secure Boot on ODROID M1 (RK3568B)
Published at April 22, 2025 · Michał Iwanicki · 14 min read
This blog post describes how to enable Secure Boot on ODROID-M1(RK3568B). Read how to write hash of public key to OTP memory, how to sign loader and how to build signed U-Boot with enabled signature verification....
Cache timing attacks: testing whether your system is susceptible
Published at April 18, 2025 · Michał Iwanicki · 13 min read
Post will explain basic workings of cache and cache timing attacks. We will also explore possible ways how to test whether system we are using is susceptible to more common cache timing attacks....
Categories: security
CROSSCON, its Hypervisor, and Zarhus
Published at April 10, 2025 · Wiktor Grzywacz · 19 min read
Learn about CROSSCON, how it's hypervisor works, and why running Zarhus on top of it streamlines development and testing on the RPi4....
Categories: firmware security virtualization
Conclusions from RAM data remanence tests
Published at February 20, 2025 · Maciej Pijanowski · Krystian Hebel · 3 min read
A practical summary from the two previous blog posts presenting results of RAM data remanence tests....
Categories: firmware miscellaneous
Research of RAM data remanence times, part 2
Published at January 24, 2025 · Krystian Hebel · 16 min read
Continuing from where we left off, we've run the same tests on different hardware, both platforms and memory modules. This blog post skips all the theory and description of how the measurements were obtained, please read the previous one if you're interested in these details....
Categories: miscellaneous
Research of RAM data remanence times
Published at December 13, 2024 · Krystian Hebel · 14 min read
Dynamic RAM must be periodically refreshed to maintain its content. JEDEC specifies how often this has to be done to ensure proper operation. In this post, we will see for how long the data can be recovered if it isn't....
Categories: miscellaneous
.png){kind=small}
