I have come to bury the BIOS, not to open it: The need for holistic systems

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
  • RPi4

    Raspberry Pi 4 UEFI Firmware Images

    Most ARM hardware is cellphones, raspberry pi and the Mac M1, which certainly aren't that type.

    But a lot of ARM hardware is that type. The keywords are SBSA / SBBR / SystemReady. If your hardware is SBBR compatible then Fedora and Ubuntu's ARM64 iso, and Windows ARM64, downloaded from their website, will at least boot fine (drivers are a different question as always).

    There's a good list of supported hardware in the lower half of https://community.arm.com/arm-community-blogs/b/architecture... . Many systems from Avantek, Gigabyte, NXP, Marvell, Solidrun etc are standardizing on this way of booting.

    DeviceTree is low-level enough that you can implement UEFI on top of it. There's a UEFI port for the Raspberry Pi 4 at https://rpi4-uefi.dev/ that produces an SBBR layer, allowing it to boot any off-the-shelf ARM64 SBBR distro.

  • docs

    Hardware and software docs / wiki (by AsahiLinux)

    Not really. The list of firmware is lengthy, and most of it is loaded by the bootloader. Though some is indeed loaded by the OS.

    https://github.com/AsahiLinux/docs/wiki/Introduction-to-Appl...

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • ukip

    USB Keystroke Injection Protection

    The author links to UKIP[0], a Linux daemon that they built to try to protect against these kinds of attacks. Did a quick "apt search" on my Debian machine, but nothing came up. Do any major distros package this, and do any install and enable it by default?

    I guess it uses heuristics to determine if a device is evil, and that could cause a lot of false positives (which would create spurious bug reports and support cases for distro maintainers), so maybe having something like that installed and running by default isn't a great idea.

    [0] https://github.com/google/ukip

  • coreboot

    Mirror of https://review.coreboot.org/coreboot.git. We don't handle Pull Requests.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts