Zarhus Developers Meetup 0x1

Welcome to Zarhus Developers Meetup. Here we would like to welcome all our guests to this small non-public meetup, where we will present the results of the Zarhus Team's recent work. We would like to reiterate on Zarhus: Trustworthy Embedded Linux Distro presentation and give you a heads up about the vision and mission we would like to follow. It is not only about marketing but also about honest openness, authenticity, and accountability, which should be the foundation of every project focusing on trustworthiness.

How does work Kicksecure's ram-wipe and how strong is its protection against RAM attacks?

Presentation will briefly describe basic concepts such as working of cache and cache addressing to allow for understanding of later parts. After that we will focus on cache timing attacks and how do they work with some examples. We will talk about current progress in implementing those tests in CROSSCON hypervisor and what mitigations it has against those attacks.
During presentation there will be short demo showcasing attack that will allow us to get access to information we shouldn't be able to.

This talk explores the practical aspects of deploying Zarhus on the CROSSCON hypervisor with a complete root filesystem. The presentation outlines the steps required to get the setup working, discusses challenges encountered during the process and their solutions, reviews the current state of Zarhus support for the CROSSCON hypervisor, and highlights the planned next steps in its development.

Reclaim your server! BMCs (Baseboard Management Controllers) are the backbone of remote server management. They allow for monitoring platform health, performing recoveries, troubleshooting and general management of your platform directly from your web browser. But the issue is, is the platform really yours when such a crucial component runs unauditable code? Can one trust such component? That's exactly what OpenBMC tries to solve. OpenBMC is an open-source firmware alternative for BMCs. It offers more flexibility and customization, and above all, it's more secure since its source code can be audited and is kept up to date. In the talk, we'll discuss our current effort in porting OpenBMC to Supermicro x11ssh platform. We'll go over some caveats of compiling OpenBMC for not (yet) supported platform, current state of upstream, how to test the built image under QEMU and where are we currently at with executing the code on a real hardware.

Join us for closing remarks where the Zarhus Team will share our vision for the future and how you can get involved! We’ll discuss our efforts to engage with you and our community and explore the projects we can tackle together. Zarhus is a Yocto-based distribution for embedded devices that draws inspiration from OpenXT and Qubes OS, focusing on maximizing synergy with open-source firmware like Dasharo. We prioritize building a strong Root of Trust and Chain of Trust while leveraging various Trusted Execution Environments (TEEs). Don’t miss this opportunity to learn more and discover how you can contribute to our mission. Your input is essential; together, we can shape Zarhus' future!