Let’s continue measuring where we left off, move from the bootloader side to the kernel world, and try out the IMA, integrity measurement subsystem in Linux.
Continue reading...hardening
Yocto Hardening: Measured Boot
So far we have mostly been focusing on hardening the kernel and userspace, but this time we will zoom out a bit and take a look at securing the entire system.
Continue reading...Yocto Hardening: Kernel and GCC Configuration
This time we’re going to be doing two things to improve the security: hardening the Linux kernel, and setting hardening flags for GCC.
Continue reading...Yocto Hardening: Firewalls, Part 2: firewalld
Find all of the Yocto hardening texts from here! People often ask me two things. The first question is “Why did you choose to write this...
Continue reading...Yocto Hardening: Firewalls, Part 1: nftables
Find all of the Yocto hardening texts from here! The eternal task of making the Yocto Linux build an impenetrable fortress continues. Next, we’ll look into...
Continue reading...Yocto Hardening: Finding & Fixing CVEs
Find all of the Yocto hardening texts from here! Last time when we were talking about Yocto hardening we focused on setting up extra users to...
Continue reading...Yocto hardening: Non-root users, sudo configuration & disabling root
Find all of the Yocto hardening texts from here! Cybersecurity. The never-ending race between you trying to secure your precious IoT device and some propeller head...
Continue reading...
