hi, On Fri, Apr 06, 2018 at 09:22:52AM +0000, 799 wrote: > As mentioned I have also drafted a how-to to setup Coreboot on a X230, > including building the pi, flashrom and extracting Blobs.
out of curiosity: does resume work reliably for you? For me it didnt with coreboot (and the free VGA bios) but it does with legacy bios... (and btw, with legacy bios resume is quite very reliable again, just sometimes/often the wireless doesnt work after resume; though now I found out a workaround: just suspend+resume until it comes back with working wireless... ;) > The coreboot config I have used is here: > https://github.com/Qubes-Community/Contents/blob/master/docs/coreboot/x230-configfile thanks, depending on your answer to the above question I probably compare yours with mine ;) > I wrote the how-to as I need to look at several places to get everything > together for example how to extract Blobs, how to merge two bios files into > one etc. > It seems to me that if I run Coreboot with grub + encrypted boot, there is > no need to run anti evil maid, as the boot partition can't be messed with. > > Is this correct? mostly. The boot partition cannot be messed up but the components of your computer can be changed (eg a keyboard controller recording your keystrokes) and anti-evil-maid is designed to also detect those attacks. However these attacks are also much more sophisticated and require more time and are harder to do that just replacing a kernel image on an unencrypted boot partition. -- cheers, Holger -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180406130502.dwuq4gqwkaxfivv3%40layer-acht.org. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: PGP signature