On 6 April 2018 at 15:05, Holger Levsen <hol...@layer-acht.org> wrote:
> On Fri, Apr 06, 2018 at 09:22:52AM +0000, 799 wrote:
> > As mentioned I have also drafted a how-to to setup Coreboot on a X230,
> > including building the pi, flashrom and extracting Blobs.
> out of curiosity: does resume work reliably for you? For me it didnt
> with coreboot (and the free VGA bios) but it does with legacy bios...
as described in the howto I have extracted the vga.rom from my own
I can use resume and the laptop reconnects its network adapters as soon as
it wakes up.
So far no issues at all.
I've run into one problem when I tried to start my AppVMs after flashing
Some VMs where unable to boot (sys-net and also some other AppVMs),
Get the message PCI device <qubes.ext.pci.PCIDevice object at 0xblablabla>
does not exist
Following the suggestions mentioned here and removing some devices which
doesn't make sense.
qvm-pci ls <APPVM>
qvm-pci detach <APPVM> <DEVICE>
I had to open Qubes Settings for the sys-net VM to assign the Wifi Network
controller back to the VM.
It got lost after flasing coreboot.
> The coreboot config I have used is here:
> > https://github.com/Qubes-Community/Contents/blob/
> thanks, depending on your answer to the above question I probably
> compare yours with mine ;)
Can you share your config file?
I am sure that there is room for improvement in my config.
> > I wrote the how-to as I need to look at several places to get everything
> > together for example how to extract Blobs, how to merge two bios files
> > one etc.
> > It seems to me that if I run Coreboot with grub + encrypted boot, there
> > no need to run anti evil maid, as the boot partition can't be messed
> > Is this correct?
> mostly. The boot partition cannot be messed up but the components of
> your computer can be changed (eg a keyboard controller recording your
> keystrokes) and anti-evil-maid is designed to also detect those attacks.
> However these attacks are also much more sophisticated and require more
> time and are harder to do that just replacing a kernel image on an
> unencrypted boot partition.
Ok, I have not yet understand all the pieces of anti evil maid and of
course you are right that replacing my keyboard with a keyboard which has a
keylogger installed will make my system reasonable unsecure.
On the other hand, I don't think that I am a high profile target and if
this would change, I guess there are much easier ways to get the
https://en.wikipedia.org/wiki/Enhanced_interrogation_techniques ... :-o
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to firstname.lastname@example.org.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.