Recent searches

No recent searches

Search options

Only available when logged in.
med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon

Administered by:

Server stats:

335
active users

med-mastodon.com: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.3

#initramfs

0 posts0 participants0 posts today
Continued thread
Fossery Tech :debian: :gnome:

(more Linux news in original post)

Initramfs vulnerability lets attackers with physical access compromise encrypted systems by entering incorrect password several times and accessing the debug shell on Ubuntu 25.04 and Fedora 42 systems:
omgubuntu.co.uk/2025/07/ubuntu

Linux kernel 6.15.6 and 6.12.37 LTS deliver TSA (Transient Scheduler Attacks) mitigations:
phoronix.com/news/Linux-6.15.6

Wayback is now hosted on FreeDesktop.org:
phoronix.com/news/Wayback-Free

System76 Adder WS laptop available with Intel Core Ultra i9 and NVIDIA 50 series:
9to5linux.com/system76s-adder-

(FOSS news in comments)

OMG! Ubuntu · New Linux Security Flaw Uses Initramfs to Inject MalwareA newly found security flaw in Ubuntu could allow attackers with physical access to bypass full disk encryption. Learn how the attack works.
#WeeklyNews#News#Linux
Replied in thread
Kevin Karhan :verified:

@Yuki @OS1337 @bjornsdottirs no need to go beyond 1440kB when using mlb instead of #syslinux (which wastes 200kB on it's own!)

  • Also including the #initramfs into the #Kernel can save more due to better compression than two seperate files.

Needless to say the core idea is to be a continuation of #tmsrtbt and a "minimalist #linux distro" as in "#SSH #Terminal #Firmware"...

GitHubGitHub - OS-1337/mlb: Minimal Linux BootloaderMinimal Linux Bootloader. Contribute to OS-1337/mlb development by creating an account on GitHub.
#linux#SSH#Terminal
Replied in thread
Kevin Karhan :verified:

@xeniac I know that this is the case, but it's not a technical unavoidance despite the #RaspberryPi being a non-#UEFI - #arm device.

  • Even on the old, #32bit boards.

The solution in that regard would be to boot into a #live / #setup mode like with #RaspberryPiOS for #i586-based #PCs and extend it to a setup that allows creating a new custom image with #LUKS - #FDE enabled and properly encrypted.

  • OFC on a #Pi0W that would mean one would've to plug in a 2nd MicroSD with a USB-Adapter but that's not the Point.

I'm not even demanding much, just a simple #TUI / #CLI setup like @ubuntu / #UbuntuServer has with basic customizations.

  • I'm not even expecting it to go so far as to offer including #dropbear - #SSH in the #initramfs so one can boot into the encrypted install and unlock it remotely. Just gimme the blinking cursor at the boot asking me to enter the password for the encrypted partition...
#dropbear#SSH#initramfs
Replied in thread
*
Kevin Karhan :verified:

@trysdyn Granted, this is why I want to avoid as many packages as possible for OS/1337...

Because the likelyhood if such a #SupplyChainAttack via a #SideChannel to work is exponentially greater the more components I include.

That being said, #Linux distros are quicker to fix that than any #Windows or #macOS version ever will, because those have to maintain #Govware #Backdoors in order to be legal to sell and offer globally - espechally in places like the "P.R." #China...

And yes, @OS1337 doesn't come with #xz but it does utilize XZ for #Kernel and #initramfs compression, tho that's the algorithm and the Linux-own implementation...

Replied in thread
Kevin Karhan :verified:

@SweetAIBelle @starchy @OS1337

Yeah, I've barely built #mlb and sadly it seems like an abandoned project - I only pulled a fork so I can build the executeable and run it...

I also need to basically build everything except the FDD image, #linux #Kernel and mlb beforehand so I can just include the #initramfs.cpio into the kernel and finally shave ~ 200kB free...

Also thx for your continous contributions to OS/1337 ...

github.com/OS-1337/OS1337/issu

GitHubBoot: "CORE" Edition: Alternative to syslinux - saving up to ~200kB of space on FDDs. · Issue #10 · OS-1337/OS1337By kkarhan
#OS1337
Replied in thread
Kevin Karhan :verified:

@starchy I mean, I don't have #xz as a tool in it, I merely use xz compression for the #Linux #Kernel and #initramfs, and the latter one is scheduled to be integrated into the Kernel Build Pipeline to save space and being able to use #mlb instead of #syslinux so @OS1337 fits on a #1440kB #Floppy and neither @SweetAIBelle nor I are failing builds be a few kB...

github.com/OS-1337/mlb/release

GitHubRelease 20240312 · OS-1337/mlbcompiled against musl-cross i486 - ( thx @landley for providing that) running LDFLAGS=--static CROSS_COMPILE=./i486-linux-musl-cross CFLAGS="-Os" make ARCH=x86 in terminal. This should be used for ...
#OS1337#EmbeddedLinux#Distro
TrendingLive feeds
About