09-20, 11:40–12:10 (Europe/Berlin), Design Session Room
The security posture of an operating system heavily relies on its ability to assess and utilize hardware security features. However, a significant gap exists in the awareness of these capabilities, limiting the potential for comprehensive security evaluation. This session will explore the landscape of hardware security assessments across various ecosystems, including GNOME’s Device Security Settings, KDE Plasma’s Firmware Security page, and Qubes OS Security Report. We will discuss the importance of exposing hardware security interfaces to operating systems and drawing insights from tools like lscpu and /proc/cpuinfo. This session aims to answer the question of how to make Qubes OS Security Report implementation a leading role model in the OSS ecosystem by building robust frameworks for security feature detection and ensuring protection against misconfigurations and vulnerabilities.
Piotr Król is an open-source firmware enthusiast who founded 3mdeb in
March 2015. His expertise is rooted in the hacker ethos of collaborative
innovation and transparency, guiding 3mdeb's focus on projects like
Zarhus OS, a Yocto-based Embedded Linux distribution, and Dasharo, a
coreboot downstream project. These projects are dedicated to open
development, embedded firmware resilience, platform security,
transparency, the right to repair, and digital sovereignty.
Piotr's deep involvement in open-source firmware includes key computing
areas such as Root of Trust, Secure, Verified and Measured Boot, TPM,
coreboot, UEFI, EDK II, Yocto, U-Boot, and Linux. He often speaks at
significant industry events like FOSDEM, Xen Developers Summit, and
Platform Security Summit, sharing his insights and promoting the
open-source firmware ecosystem. Piotr is dedicated to sharing knowledge
by serving as a Trainer at OpenSecurityTraining2, offering free and open
educational materials to advance the open-source firmware ecosystem.