.png){kind=small}
Fobnail vs other boot security projects
Published at October 28, 2021 · 11 min read
Have you ever thought about securing the boot process of your computer? No? This post will compare the available open source boot process hardening projects and explain the importance of signing and protection the software/operating system you launch. You will also get to know how the boot process may be secured even further and with the incoming Fobnail security token....
Open Source Firmware on AMD Milan server processors
Published at September 9, 2021 · 6 min read
There were times where AMD was actively supporting open source firmware ecosystem by providing silicon initialization code. With a few years break AMD is now trying to support open source firmware again with the mobile platform like Chromebooks. However, the recent achievements have made everybody think that open source firmware is also possible on servers....
Categories: firmware
Dell OptiPlex and coreboot - a story about porting cursed hardware (part 2)
Published at June 1, 2021 · 10 min read
This post is a second part of the series which tells a story about porting Dell OptiPlex 9010 workstation to open-source firmware - coreboot. What was simple is long past us in the first part of the series. This time we are taking a deeper dive into the technical aspects of Environmental Controller reverse engineering and locating the problem with machine not booting after AC loss....
Categories: firmware
Booting coreboot on Intel Comet Lake S RVP8
Published at August 31, 2020 · 10 min read
This blog post shows the procedure of building coreboot for a Comet Lake S platform. Also it describes problems occurred when building and booting the image. As a bonus, few tips and tricks will be shown how to fix/workaround these kind of problems....
Dell OptiPlex and coreboot - a story about porting cursed hardware (part 1)
Published at June 24, 2020 · 7 min read
This post begins a new series telling a story of a stubborn firmware engineer who overcame never-ending amount of obstacles to create a Dell OptiPlex 9010 workstation as open as possible. In this series, you will not only read about the adventures which accompanied the work on the hardware but also you will have a chance to learn the way of BIOS developer....
Categories: firmware
Installing TrenchBoot in UEFI environments
Published at May 6, 2020 · 17 min read
This blog post will show you how to install NixOS on UEFI platforms and how to install TrenchBoot on them....
Categories: firmware os-dev security
User friendly tutorial for enabling HTTPS support in iPXE
Published at May 6, 2020 · 5 min read
This article will show you how to replace old HTTP with much safer HTTPS when booting platforms/computers over network. You will read how to quickly incorporate open-source network booting solution based on coreboot and iPXE projects to your daily life....
Categories: coreboot firmware security
Boot Guard - pre-execution firmware verification on Protectli FW6
Published at February 21, 2020 · 9 min read
This post will not describe how to guard your shoes. However, will definitely introduce you to Boot Guard feature present on Intel processors which allows firmware verification before the first instruction executes. One may call it pre-execution firmware verification. The post will also show you how Boot Guard can work well with coreboot based firmware on an example of Protectli FW6....
Meltdown and Spectre on PC Engines apu2
Published at May 29, 2019 · 9 min read
As a continuation the Meltdown and Spectre blog post, this post present the vulnerability status and mitigation with microcode update on PC Engines apu2. Read the post and get to know the open source tools for vulnerability and mitigation checks, as well as exploiting proof of concepts....
Meltdown and spectre. What are they and what they are not?
Published at March 20, 2019 · 6 min read
Meltdown and Spectre At the turn of the year 2017 and 2018, the world of security and computing has shaken. It was the time when we first heard about vulnerabilities that affect almost every modern processor (mainly x86 architecture) manufactured during the last 20 years. They have been named as Meltdown and Spectre and belong to one family of flaws caused by speculative execution. In this post, I will describe what they are and how they are threatening the users of modern machines....
Categories: security