-
The Heads documentation [suggests](https://osresearch.net/Heads-threat-model/#system-firmware):
>Finally, once Coreboot has been flashed into the ROM, the write protect pins on the ROMs can be shorte…
-
Hi I want to utilize the Bytes TPM for disk unlocking but it dosen't show up.
Issue #203 may be related. So i double-checked i'm on the latest firmware via `lvfs` and enabled the Intel ME as sugges…
-
@zaolin @rminnich
Currently, the Boot Loader Specification ignores security topics like measured and verified boot. I have to admit that these topics are somewhat orthogonal to the discovery of boo…
-
### Component
systemd-boot
### Is your feature request related to a problem? Please describe
I'm using plain linux kernels built with efi stub, compiled in initramfs and cmdline, and those ar…
-
At the moment, PCR prediction in pcr-oracle relies on the sequence of events in the UEFI eventlog to always be the same. pcr-oracle will just re-compute a new hash for each event, taking into account …
-
**Is your feature request related to a problem? Please describe.**
tl;dr - An UEFI dbx update (from version 312 to 377) appears to have tripped the Bitlocker Boot Policy protection.
I'm dual booti…
-
Hello. I'm happily using your latest OC files, so thank you for that!
An ongoing issue I have noticed (long before OC, on Clover as well) is increased power consumption and resource utilization aft…
-
**Project description**
keylime provides a remote attestation implementation working with a TPM
can be used to check integrity of a Linux system
uses TPM quotes, measured boot log and Linux IMA …
-
Hello there again.
I'm really impressed by this project. Good work!
I would love to bundle wyng under Heads for different reasons:
1. Have a copy of /var/lib/wyng.backup under /boot. Heads cr…
-
When I run tpm2_pcrread, PCRs 0-7 isnt being set by the firmware. I'm running ArchLinux on a Samsung Chromebook 4+ (CASTA) with the 4.20.0 firmware. This issue prevents me from sealing keys in my TPM …