Published at June 23, 2022 · Tomasz Żyjewski · 7 min read
The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. During this phase, we focused on researching OS for hosting Fobnail Attester...
Categories: security
Fobnail Token - Fobnail provisioning
Published at May 25, 2022 · Krystian Hebel · 9 min read
This phase is about provisioning Fobnail Token itself. The closing point of that process is creating a certificate for Token that can be used later after attestation succeeds...
Categories: security
Fobnail Token - platform attestation
Published at April 6, 2022 · Artur Kowalski · Krystian Hebel · 6 min read
The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. This phase was focused on attestation....
Fobnail Token - platform provisioning
Published at March 21, 2022 · Krystian Hebel · 7 min read
The Fobnail Token is an open-source hardware USB device that helps to determine the integrity of the system. The purpose of this blog post is to present the development progress of this project. This phase was focused on platform provisioning....
Published at October 8, 2021 · Michał Kopeć · 5 min read
An introduction to TPMs. Let's explore the differences between common implementations of TPMs and how they might matter to you....
Categories: security
Qubes OS & 3mdeb 'minisummit' 2020 summation
Published at June 17, 2020 · Kamila Banecka · 8 min read
The second Qubes OS & 3mdeb minisummit is ahead of us. We had gone through four evenings of topics devoted to Qubes OS, so it is time for broad summation of the event....
Categories: firmware miscellaneous security
Qubes OS and 3mdeb 'minisummit' 2020
Published at May 15, 2020 · Kamila Banecka · 5 min read
Once again, we will meet on QubesOs & 3mdeb minisummit 2020 discussing #QubesOS, #firmware, #coreboot, #security and #TPM related topics. All the event details are presented in the following blog post....
Categories: firmware miscellaneous security
How to mitigate ROCA TPM vulnerability?
Published at April 17, 2019 · Krystian Hebel · 10 min read
ROCA vulnerability was discovered (October 2017) in a software library, RSALib, provided by Infineon Technologies. That library is also used in TPM modules. When this vulnerability is present, a pair of prime numbers used for generating RSA keys is chosen from a small subset of all available prime numbers. This results in a great loss of entropy. Details and exact numbers can be found here. UPDATE 2021-10-20: provided new link for TPM firmware updates (old one was no longer working), added info about patch for openssl-1....
.png){kind=small}
