GNU/HardenedLinux translates ‘Platform Firmware Security Defense…’ ebook to Chinese

Re: https://firmwaresecurity.com/2018/07/28/new-ebook-platform-firmware-security-defense-for-enterprise-system-administrators-and-blue-teams/

The book “Platform Firmware Security Defense for Enterprise System Administrators and Blue Teams“, which Paul English of PreOS security wrote, introducing the concept of firmware security for the system administrator audience:

https://preossec.com/Newsletter-Q3-2018/
https://preossec.com/products/ebook-download

has been translated to Chinese, by the GNU Hardened Linux project!

https://github.com/hardenedlinux/hardenedlinux_translations/tree/master/platform_firmware_security_defense

more info:

https://hardenedlinux.github.io/

 

io386: tool wrapping around ioperm(2), iopl(2), outb(b), etc.

Introduction: A command line tool wrapping around ioperm(2) iopl(2) outb(2), etc.
Where it is needed: Designed for Linux-as-bootloader-payload schemes like Heads, in order to perform low-level IO operations, e.g. triggering SMIs.

https://github.com/hardenedlinux/io386

 

Hardened Linux and firmware

I recently noticed Hardened Linux, because they were calling CHIPSEC. I just noticed they have some informational pages with info on Intel ME/AMT/UEFI and other technologies:

https://github.com/hardenedlinux/firmware-anatomy

https://github.com/hardenedlinux/firmware-anatomy/blob/master/hack_ME/firmware_security.md

https://github.com/hardenedlinux/firmware-anatomy/tree/master/hack_ME

https://github.com/hardenedlinux/firmware-anatomy/blob/master/hack_ME/me_info.md

https://hardenedlinux.github.io/about3/

https://hardenedlinux.github.io/system-security/2017/07/31/firmware_chipsec.html

https://translate.google.com/translate?hl=enu&u=https://hardenedlinux.github.io/system-security/2017/07/31/firmware_chipsec.html

 

Hardened Linux: coreboot and CHIPSEC

A bit more information on Hardened Linux’s use of CHIPSEC, in this case coreboot-centric:

https://firmwaresecurity.com/2017/07/31/hardened-linux-using-chipsec/

“# Enabling some security features at runtime in case of which vendor provided implementation improperly.”

https://github.com/hardenedlinux/Debian-GNU-Linux-Profiles/blob/master/scripts/harbian_fw/fw_hardening_runtime.py

There aren’t many CHIPSEC-based codebases, Hardened Linux is one relatively new one.