Lately, the blog posts here have been quite serious: TPMs, virtualization, integrity checks, etc. However, those things are not the best thing about computers.
Continue reading...linux
Yocto Hardening: IMA and EVM
Let’s continue measuring where we left off, move from the bootloader side to the kernel world, and try out the IMA, integrity measurement subsystem in Linux.
Continue reading...Yocto Hardening: Measured Boot
So far we have mostly been focusing on hardening the kernel and userspace, but this time we will zoom out a bit and take a look at securing the entire system.
Continue reading...Yocto Emulation: Setting Up QEMU with TPM
Last time we got QEMU to launch u-boot, started kernel, and mounted a virtual drive. This time we are “just” going to add a TPM device to the virtual machine.
Continue reading...Yocto Hardening: Kernel and GCC Configuration
This time we’re going to be doing two things to improve the security: hardening the Linux kernel, and setting hardening flags for GCC.
Continue reading...Yocto Hardening: Firewalls, Part 2: firewalld
Find all of the Yocto hardening texts from here! People often ask me two things. The first question is “Why did you choose to write this...
Continue reading...Yocto Hardening: Firewalls, Part 1: nftables
Find all of the Yocto hardening texts from here! The eternal task of making the Yocto Linux build an impenetrable fortress continues. Next, we’ll look into...
Continue reading...Open-source contribution: RTL8821AU driver recipe
This is a story of how I became a useful member of society by doing my first open-source contribution. It all began one fateful afternoon, when...
Continue reading...
