Conversation

Notices

1. Embed this notice
   Larvitz :fedora: :redhat: (larvitz@burningboard.net)'s status on Thursday, 02-Oct-2025 05:01:19 JST Larvitz :fedora: :redhat:

   HSI:4 (Host Security ID Level 4) achieved!

   My ThinkPad T14s Gen4 AMD + Fedora 43 (Beta) setup featuring:

   - Secure Boot
   - TME (Total Memory Encryption)
   - IOMMU + pre-boot DMA protection
   - TPM 2.0 with PCR0 reconstruction
   - SPI replay protection
   - CET platform support
   - Kernel lockdown enabled

   Plus the software layer:
   - LUKS full-disk encryption
   - NitroKey 3 (fully open-source hardware token!)
   - FreeIPA + Smartcard authentication
   - SELinux enforcing

   Defense in depth, the open-source way.

   #linux #fedora #security #itsec #nitrokey #crypto #opensource #thinkpad

   • Embed this notice
     7666 (7666@comp.lain.la)'s status on Thursday, 02-Oct-2025 05:01:18 JST 7666

     in reply to
     @Larvitz So is HSI:5 gonna be mandatory phaser arrays on the laptop to prevent against pipe wrench attacks?
     Johnny Peligro likes this.
   • Embed this notice
     Phantasm (phnt@fluffytail.org)'s status on Thursday, 02-Oct-2025 07:23:24 JST Phantasm

     in reply to

     • 7666
     @7666 @Larvitz I can't imagine a computer mitigating the cute asian gf attack.
     gf-leaking-state-secrets.jpeg
     ✙ dcc :pedomustdie: :phear_slackware: likes this.