A simple UEFI bootable program to load and display a bmp image file.
A new set of instructions (no scripts or code) for creating a UEFI Shell boot drive:
[…] In this blog, we will describe the standard Secure Boot configuration of a Fedora 29 installation on a Dell Latitude E5470 laptop, which we use in our day-to-day work, and show you how to harden it to a reasonable extent.[…]
Utimate Uefi Dual Boot Guide for the stubborn system. A quick guide for setting up UEFI, grub and refind for dual boot on stubborn systems (namely my laptop a HP ENVY15)[…]
The UEFI Forum has released a new version of the PI spec. William’s blog entry has a copy of the relevent section of the release notes:
Some input from Nikolaj:
This helper application takes an EFI executable, builds a FAT filesystem around it, adds a startup script and runs qemu to run the executable.[…]
A new GUI UEFI config tool, written with Python and Qt5: Quoting 100% of the documentation: “This is a GUI for UEFI config”
I started this whole thing because I wanted to run my own kernel-mode code while still having access games protected by anti-cheat that don’t allow test signing, and I didn’t want to shell out the time and money required to get an EV certificate. […]I’m going to start out by patching binaries on disk, but the end result will be a UEFI application that patches all binaries in memory. […]
it appears there might be a maintainer for the Lua EFI port!
Small screensaver for uefi, written in assembler.
Pequeño salvapantallas para uefi
Tarea programada 1 de Sistemas Operativos
Steve McIntyre has posted an update on Debian’s UEFI Secure Boot status, to the debian-boot and debian-efi mailing lists. Excerpt:
I’ve just pushed changes to a few bits of d-i this weekend to make SB work for amd64:
* build/util/efi-image: […]
* build/config/arm.cfg, build/config/x86.cfg: […]
* debian/control: […]
* grub-installer/grub-installer: […]
The effect of these changes is that the next daily and weekly debian installer images (tomorrow) should Just Work (TM) end-to-end with UEFI Secure Boot. The changes to efi-image also mean that our next live image builds will do SB (for live and installation).
I’ll test all these again in the next couple of days to verify that things have pulled through as I expect, then it’s time to post to d-d-a and write a blog too. We’ve made great progress already. These last changes just tie it all together for end users.
“UefiLog is a lightweight log system in UEFI environment“
I notice that Microsoft’s Project Mu has a PrintScreenLogger tool (Ctrl+PrtScn):
and that it is already getting some forks:
Before that, there was RU.EFI command line tool (F12):
and Nikolaj’s CrScreenShotDXE (LeftCtrl+LeftAlt+F12):
And there are probably a few other options I’m not aware of, including by IBVs/ODMs.
From BlackHat USA 2018’s Tool Arsenal:
Micro-Renovator: Bringing Processor Firmware up to Code
by Matt King
The mitigations for Spectre highlighted a weak link in the patching process for many users: firmware (un)availability. While updated microcode was made publicly available for many processors, end-users are unable to directly consume it. Instead, platform and operating system vendors need to distribute firmware and kernel patches which include the new microcode. Inconsistent support from those vendors has left millions of users without a way to consume these critical security updates, until now. Micro-Renovator provides the ability to apply microcode updates without modifying either platform firmware or the operating system, through simple (and reversible) modifications to the EFI boot partition.
Another Snake Game for UEFI!
Sednit UEFI malware is back in the news, because of the recent CCC video, some are hearing about it for the first time, and because Kaspersky Lab is tweeting about it, confusing people that the news came from Kaspersky instead of ESET. Instead, I wish Kaspersky’s GReAT team would be giving some new news about their UEFI research, as hinted from an upcoming BlueHat Israel talk:
[..]For the past year, Kaspersky’s Global Research and Analysis Team (GReAT) extracted and processed thousands of UEFI dumps, applying anomaly analysis and code similarity techniques in order to find the “things that lurk in the shadows”[…]