Version Paracetamol 1.4142g
Workshop: Secure Boot Workshop
Secure boot received quite a bit of negative publicity, but if it's not used against you and you can deploy your own keys, it can be a nice tool for improving the security of your computer. This workshop will explain how you can set up secure boot on Linux with your own keys.
I will start by giving a short introduction to secure boot and after that we will go hands-on and make your device more secure! Ideally we start with a system that already boots via UEFI, but it's actually not too complicated to change a system booting via CSM (the BIOS compatibility mode) to booting via UEFI in-place, so we can also do that in the workshop.
The standard setup after this workshop will be a signed GRUB2 that then in turn verifies the kernel and initramfs it boots, but other setups are also possible. Of course you can also take part if you don't want to touch your device but rather just want learn something about secure boot or discuss some ideas you have.
You shouldn't be afraid to use a command line, we will need it a lot. You should also be somewhat familiar with how your distribution manages installed kernels so that you know what to do on updates and how to automate this.
Things you want to bring with you:
- The device on which you want to set up secure boot
- Some recovery boot medium (like a GRML usb drive)
Things you should do beforehand:
Standard disclaimer: I'm not responsible for any damage. In the past there were some notebooks with nasty bugs in their firmware, so I can't rule out that we trigger some. I don't think there will be bricked devices, but you should be aware that it could happen.
Anfang: 21:00 Uhr
Raum: Intensivstation (Workshops)
- Kreißsaal (Saal 1.11)
- Coronary bypass at the heart of the Intertubes, badly needed
- Chirurgie (Saal 1.04)
- Medical Security Nightmares