Screenshotting from Mastodon because of character limit:

Screen with a shield and padlock above it, along with the text: "Security Boot Fail"

UEFI menu options for security settings greyed out completely and cannot be modified

Welp. I have encountered a Acer Swift 3 SF314-42 laptop which enforces secure boot by default AND where the UEFI setup menu for security options have been greyed out.

I was trying to install Alpine Linux, but seems like I have to make a bootable USB with the shim to get it to boot. Interesting.

Go on, circumvent these measures & keep our tech open and free.

But know that many hackers find basic hardware hacking tools too costly and out of reach. WE'RE OUTRESOURCED.

PUSH BACK BEFORE THESE POLICIES BECOME NORMALIZED. DON'T RELY ON HACKING ALONE TO SAVE US.

/END

Quote Tweet by AvadxFeirm: "OK, so that means every data center and server also wont be able to run Linux as well right? i swear these people who think they know how the world works, when in reality they don't know shit what would happen is there will either be an exception for certain hardware for big tech to use, and we'll just buy that from the second hand market, or big companies will just move their infrastructure outside of the affected area because its cheaper to migrate all your labor and infrastructure, than it is to fiddle with an "approved" OS, and deal with the bugs, service issues, and vulnerabilities because its what the government demands and as for consumers we'll just buy second hand from others offering unlocked variants of the hardware, and there will be variants even if they come from the shenzhen tech markets" Quote Tweet by Gaylem Returns to Drangleic: "The humble Chinese motherboard"

Quote Tweet by Computer_coinsBraz: Stop buying their shit and start building open source fuck em matter fact age verification no needs to be on the ballot

Goose chase meme: Panel 1: Who fabricates the boards and chips? Panel 2: BIJ WHO FABRICATES THE BOARDS AND CHIPS?

People who think "oh we'll just buy Chinese motherboards and chips" or "just use open source hardware"

WHO FABRICATES THE BOARDS AND CHIPS FOR OSHW? DO YOU BELIEVE STATES LIKE CHINA AREN'T INTERESTED IN SIMILAR MEASURES OF CONTROL?

This is the tech equivalent of tankie-ism.

/8

Snippet from GiovanH's article: A Hack is Not Enough The Smartbrains are not exempt from society. Once a policy is being enforced on the 80% of people who can’t fight or don’t care, it’s easy to categorize the deviants as cheats and criminals. All of a sudden it will be the case that you can’t adjust, and by then there will be systems to prevent any complaining from changing that fact. Best-case scenario the hackers are the last ones to fold which means by the time it affects them everyone else has already given up. This is why I’m making the complaint I’m making. This is why it’s so dangerous for the technically enfranchised to be falsely confident. The people who care enough and understand the thing won’t raise as much of a fuss if they are given a way to work around the restriction. But this lack of pushback from experts encourages the shift to happen. The more normalized something is the harder it is to take action against it, and the more discouraged something is the easier it is to ban it and write off people who complain as fussy outliers. You can’t let a workaround be the last bastion standing between you and harm, because it will fall.

This is why GiovanH's blog article is a must-read.

People assume that accessible hacks of invasive systems will always exist, and users hacking their devices is to be expected.

THIS SHOULDN'T BE A NORM. THIS IS AN ARMS RACE AND WE'RE OUTMATCHED. /7

blog.giovanh.com/blog/2025/10...

Screenshot of Chipshouter Kit and its price: $4605

Laser fault injection setup with Keysight DS1101A Fault Injection Laser System

Google Search Query: DS1101A Fault Injection Laser System cost AI Overview: The DS1101A Fault Injection Laser System from Keysight, used for advanced securitytesting of smart cards and chips, is priced at approximately $53,600 - $54,000 USD per unit. This high-end, specialized security equipment is available directly through Keysight or authorized sales partners. Key details regarding the DS1101A: * Cost: Recorded import data shows a price of around $53, 619.63 for one unit. * Purpose: It is used to perform laser fault attacks to evaluate chip security against top- tier, international standards. * Features: It includes a specialized set of lasers, advanced optics, and, for high-precision, flexible, and fast, control, a sophisticated software. For the most accurate, up-to-date pricing or to request a quote, it is recommended to contact Keysight Technologies directly.

Again, no one assumes that any system can be made 100% bulletproof. But that was never the point is it?

The end game is for manufacturers to harden their devices against cheaper tools and raise the barrier to entry such that it costs a fortune for hackers who might even try. /6

Screenshot of Hackaday article: FLAW IN AMD PLATFORM SECURITY PROCESSOR AFFECTS MILLIONS OF COMPUTERS

Screenshot of wired article: Intel Chip Flaws Leave Millions of Devices Exposed Security experts have warned of Intel's Management Engine for years. A new set of confirmed vulnerabilities that impact PCs, servers, and loT devices shows they may have been right.

There have been vulnerabilities in ME and PSP, and there MAY BE a way for users to bypass these checks.

But this assumes:
- Someone out there will put in labor to circumvent these things and release it freely, even at great expense.
- A simple, user doable hack even exists.

/5

Manufacturer response to IOActive's disclosures regarding AMD PSP implemenation flaws: Acer: “We appreciated your information about a possible vulnerability in Acer product. After thoroughly investigation, AMD PSB is an Optional Design during develop on consumption product, it's not a mandatory requirement in Swift 3 SF314-42; even though AMD PSB status is not enabled by default, platform with Secure Boot and Secure Flash are in position to protect system if malicious code injecting to flashROM, so we don’t consider this as a vulnerability.” Lenovo: “Platform Secure Boot was introduced as a standard feature on all consumer Lenovo laptops in 2022, and laptops manufactured prior to this date were not designed with this feature in mind. Enabling it on devices now in the field would be likely to frustrate consumers if any unexpected issues arise.” Huawei: “The PSB function was not enabled on our early AMD platform product, the PSB-like function(also known as “Intel Boot Guard”) was enabled on our later Intel platform product (such as MateBook 16s 2022). We confirmed with the BIOS supplier (Wingtech Technology) of the AMD platform product, there is no modification plan for this issue. To avoid confusing users, we kindly ask you not to disclose this issue. [...]"

For now, these functions are not strictly enforced or turned on in a lot of consumer devices.

But is there anything stopping nation states from forcing hardware manufacturers and OEMs to do so?

What options do you have in such a case? /4

Intel Boot Guard: Boot flow

Slide: Early PSP Boot Procedure On-Chip Bootloader: 1. Load PSP_DIRECTORY 2. Load AMD_PUBLIC_KEY 3. Verify AMD_PUBLIC_KEY 4. Load PSP_FW_BOOT_LOADER 5. Verify with AMD_PUBLIC_KEY Off Chip Bootloaer: 1. Initialize PSP 2. Load more directories 3. Load and verify applications

Slide: BOOT PROCESS: RYZEN * PSP boots before the x86 cores * On-Chip Bootloader loads Off-Chip bootloader from flash * Off-Chip Bootloader loads and executes apps in specific order * System is initialized by different ABL stages * Load UEFI image and release x86 cores from reset

How do these security processors verify the firmware integrity?

Through a set of cryptographic keys and their hashes, which are used to verify the cryptographic signature of the UEFI firmware. These keys or hashes are *burned* into the processor and cannot be changed. /3

Black Hat USA 2019 slide about Intel CSME: What Is CSME? CSME is an embedded subsystem in Platform Controller Hub (PCH) * Stands for Converged Security & Manageability Engine * Standalone low power Intel processor with dedicated Hardware (HW) CSME is Root of Trust of the platform * Provides an isolated execution environment protected from host SW running on main CPU * Executes CSME Firmware (FW)

Slide from 36C3 Talk "Uncover, Understand, Own - REGAINING CONTROL OVER YOUR AMD CPU" AMD SECURE PROCESSOR A Dedicated Security Subsystem * AMD Secure Processor integrated within SoC - 32-bit microcontroller (ARM Cortex-A5) * Runs a secure OS/kernel * Secure off-chip NV storage for firmware and data (i.e. SPI ROM) * Provides cryptographic functionality for secure key generation and key management * Enables hardware validated boot Hardware Root of Trust Provides Foundation for Platform Security

Since the late 2000s, computer chipsets have shipped with security processors like Intel Management Engine and AMD Platform Security Processor.

Part of their job is to verify that the UEFI firmware is from the computer OEM and has not been tampered with or comes from a 3rd party. /2

Screenshot of Chloe's tweet: people saying "they can't force Linux to do age verification!! it's open source!!" are being incredibly naive the next step is locking bootloaders/BIOS at the hardware level and every computer only capable of running approved OSes with age verification

The QRTs to @chloetankahhui.bsky.social shows the extent of naivety that a lot of people have.

No one who does hardware security believes that any system is bulletproof, but do you really think that circumventing these things will always be a simple firmware mod or hardware hack?

Let's dive in. /1

Front of Yugoslav era radiation dose calculator

Back of Yugoslav era radiation dose calculator

I wonder if this is the sort of thing that might interest you @nuclearanthro.bsky.social but many weeks ago someone showed me a Yugoslav era radiation dose calculator

Hope you might enjoy this!

Can I DM you?

What I mean is that the drive is read-only by default, and you can't change the files, until you provide some credentials to prove you're authorized to modify the contents of the drive

I am still figuring out how authentication would work in practice, and I might write a program for that

Did you enjoy our zines on Archival and Data Distribution, and Vectoralism?

You can find both digital and printable PDFs on undergnd.online/zine

We don't just talk about archival and data distribution, we walk the talk! 😉

They are also available on Internet Archive: archive.org/details/@und...

This is a tool that has to be combined with operational security practices by a community (i.e who gets to know about the existence and location of such a dead drop?)

The point of deadflash is just to protect the integrity of, as well as maintain a record of who changed files on the drive

It doesn't; but you can do multiple things if you're really so dedicated, including plant such material in a community space.

Such a threat is outside the scope of the deadflash project, and no hardware project can protect against those threats anyway.

deadflash-hw A easily concealable flash drive designed for data archival and distribution in hostile environments of censorship.

Anyway, if you're interested in the hardware, it is open source!

Check out deadflash's repository at: codeberg.org/bitowlonline...

Firmware repo coming soon

Baochip devkit

Baochip SoC block diagram

As such, I am really excited for the @baochip.com to become available!

It it's in a really tiny CSP package, and has USB 2.0 HS as well as SDIO. I managed to get a devkit for this: github.com/baochip/dabao

At the time this project was conceived in November last year, the ESP32-P4 was the only thing that had USB 2.0 HS, high speed SDIO, which was in a small enough package (10x10 mm QFN) to fit on a flash drive and was reasonably priced. It was on hold until the P4 became generally available.

The purpose deadflash is to allow communities distribute files on the drive, while keeping opportunists from tampering with the contents of the drive.

The goal is not to stop a dedicated attacker (you cannot!) from tampering with the contents, but to keep out 15 minute opportunists.

The threat we are trying to protect against are far-right nuts finding out the location of dead-drops and putting material like child sexual abuse material on the drive and then calling the cops. A whole community could then be in legal hot water for no reason.

One method of distributing information in a way that would be harder to pin down would be to create "dead drops.". A flash drive could be placed a hole in the wall on the side of a building, unlocked utility boxes, etc.

But why not use a regular flash drive for this?

Utah book banners now want to make Little Free Libraries susceptible to criminal charges Conservative book banners in Utah are targeting Little Free Libraries and want to make the owners susceptible to criminal charges.

We are seeing a rise of policies designed to restrict access to information online and offline.

People in states like Utah wish to go after "Little Free Libraries" by campaigning to make owners of these libraries criminally liable for not adhering to book bans.
www.themarysue.com/utah-book-ba...

tl;dr: It's mounted read-only by default, and mountable as R/W only after authentication; the point being to distribute files in a manner you can prove no one tampered with its contents.

See @undergndonline.bsky.social zines about archival and data distribution: undergnd.online/zine#archiva...

Top of Deadflash PCB: Major Components: - ESP32-P4 - MKDN512GCL-ZC 64 GB SD NAND flash - W25Q128JVP Dual/Quad SPI Flash

Bottom of Deadflash PCB Contains a Molex 2p Picoblade connector for RTC battery, 40 MHz crystal and power regulators

I had been working on a project for #39C3, sadly manufacturing and shipping got severely delayed and it didn't arrive on time (I cri), but here goes anyway:

This is Deadflash. A flash drive with a ESP32-P4 as a controller. Why bother making a flash drive, and a very expensive one at that? A 🧵

How can we organize against restrictive laws such as age verification? What can hackers and organizers do to make sense of the world around us in the face of cheaply generated AI disinformation?

If you're at #39C3, come say hi!

Laptop, with code editor open; Blahaj on the seat opposite

Embedded dev while on the ICE -- can Joyce get her demo out in time for #39C3?

Parts of the internet just stopped working Outage comes around a month after Amazon Web Services outage also took much of the internet offline

First it was AWS, then it was Microsoft Azure, and now, it's Cloudflare!

www.independent.co.uk/tech/cloudfl...

The Framework forums thread got insanely unwieldy, so I wrote up a (somewhat shorter) summary post of the situation

crimier.github.io/posts/Framew...