Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mas.to/users/libreleah/statuses/113517253546935943">Leah Rowe is not a Rowebot (libreleah@mas.to)'s status on Thursday, 21-Nov-2024 05:50:58 JST</a><a href="https://mas.to/@libreleah" title="libreleah@mas.to"><img src="https://gnusocial.jp/avatar/5880-48-20240717022419.webp" width="48" height="48" alt="Leah Rowe is not a Rowebot" style="position: absolute; left: 0; top: 0;">Leah Rowe is not a Rowebot</a><div><a href="https://kanoa.de/@mstrohm/113517239225663408" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://kanoa.de/@mstrohm">@mstrohm</a> I'm uncertain as to whether U-Boot supports UEFI's "SecureBoot" feature; I haven't tested it yet, but I will.</p><p>Libreboot has (since very early days) supported a feature that I call "Secure libreBoot", whereby GRUB is the primary payload (after coreboot init) or SeaBIOS doesn't load oproms and loads GRUB straight away, with the SeaBIOS menu disabled.</p><p>GRUB then requries a password, optional GPG check on your kernel, and full disk encryption including /boot.</p><p>See:</p><p><a href="https://libreboot.org/docs/linux/grub_hardening.html" rel="nofollow noreferrer">https://libreboot.org/docs/linux/grub_hardening.html</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4036978#notice-7889973">In conversation</a><time datetime="2024-11-21T05:50:58+09:00" title="Thursday, 21-Nov-2024 05:50:58 JST">about 5 days ago</time> <span>from <span><a href="https://mas.to/@libreleah/113517253546935943" rel="external" title="Sent from mas.to via ActivityPub">mas.to</a></span></span><a href="https://mas.to/@libreleah/113517253546935943">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Leah Rowe is not a Rowebot (libreleah@mas.to)'s status on Thursday, 21-Nov-2024 05:50:58 JSTLeah Rowe is not a Rowebot
in reply to
- Moritz Strohm
@mstrohm I'm uncertain as to whether U-Boot supports UEFI's "SecureBoot" feature; I haven't tested it yet, but I will.
Libreboot has (since very early days) supported a feature that I call "Secure libreBoot", whereby GRUB is the primary payload (after coreboot init) or SeaBIOS doesn't load oproms and loads GRUB straight away, with the SeaBIOS menu disabled.
GRUB then requries a password, optional GPG check on your kernel, and full disk encryption including /boot.
See:
https://libreboot.org/docs/linux/grub_hardening.html
In conversationabout 5 days ago from mas.topermalink

Public

Embed Notice

HTML Code

Corresponding Notice