Archive 2022

Qubes OS summit 2022 - Summary

Published at October 5, 2022 · Norbert Kamiński ·  10 min read

Three weeks ago 3mdeb with Qubes OS team had organized next edition of the Qubes OS summit. This year summit was a face-to-face event hosted in Berlin, which took place from the 9th to the 11th of September....

Categories: miscellaneous os-dev


Infrastructure for Xen development and debugging

Published at July 4, 2022 · Piotr Król · Norbert Kamiński ·  5 min read

Back in 2018 at OSFC, we've presented AMD IOMMU enabling for PC Engines apuX (GX-412TC) platforms. Our hypervisor of choice was Xen and we used it to verify the PCI pass-through feature. Unfortunately, the booting process was not exactly stable. In this article, you can check how to prepare infrastructure for Xen development and debugging...

Categories: firmware os-dev security


Minimal OS for Fobnail

Published at June 23, 2022 · Tomasz Żyjewski ·  7 min read

The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. During this phase, we focused on researching OS for hosting Fobnail Attester...

Categories: security


Fobnail Token - Fobnail provisioning

Published at May 25, 2022 · Krystian Hebel ·  9 min read

This phase is about provisioning Fobnail Token itself. The closing point of that process is creating a certificate for Token that can be used later after attestation succeeds...

Categories: security




Open Source Firmware on TigerLake platforms - part 1

Published at April 14, 2022 · Michał Żygowski ·  9 min read

This post describes efforts of building open source firmware for Tiger Lake UP3 RVP platform and the problems faced in the process. Tiger Lake is one of the newest Intel processors for which the FSP and EDK2 MinPlatform has been recently released....

Categories: firmware




Fobnail Token - platform provisioning

Published at March 21, 2022 · Krystian Hebel ·  7 min read

The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. This phase was focused on platform provisioning....

Categories: firmware security


A new source of trust for your platform - Dasharo with Intel TXT support

Published at March 17, 2022 · Michał Żygowski ·  9 min read

Do you trust the firmware on your system? No? Then this post is a must-read for you. Get to know what Intel Trusted Execution Technology (TXT) is and how it may help you securely measure and attest your operating system and software running on your machine. You will also hear about open-source implementation of Intel TXT for Ivy Bridge/Sandy Bridge platforms including Dell OptiPlex 7010 / 9010....

Categories: firmware security



KGPE-D16 open-source firmware status

Published at February 3, 2022 · Michał Żygowski ·  6 min read

This post covers the struggles and efforts behind the revival of KGPE-D16. Something that community was waiting for a long time. With Dasharo firmware the platform obtained a new life and sees a new daylight with more security features and improvements....

Categories: firmware security


Porting EDK II to an old Allwinner A13 tablet

Published at January 18, 2022 · Artur Kowalski ·  7 min read

Most ARM SoC's run U-Boot or some custom bootloader. That was the case with Allwinner SoC's, until I started porting EDK II to my A13 tablet. In this post, I will tell you about the current UEFI support status on Allwinner SoC's, my future plans, and how to test UEFI on a compatible device...

Categories: firmware manufacturing