We’re hiring on the Red Hat Bootloader team! Work on GRUB2, shim, the Linux kernel, and core bootloader toolchains — the foundation of every Red Hat system.
Location: Brno, Czech Republic 🇨🇿
Apply here : https://redhat.wd5.myworkdayjobs.com/Jobs/job/Brno---Tech-Park-Brno---C/Senior-Software-Engineer---Bootloader-Engineer--Brno-Office--Czech-Republic-_R-051395-1
#RedHat #Bootloader #GRUB2 #Shim #LinuxKernel #OpenSource #Hiring #Fedora
Implementing #Container Runtime #Shim: #runc
https://iximiuz.com/en/posts/implementing-container-runtime-shim/
Liveslak 1.8.2 re-adds Secure Boot support
When Slackware-current upgraded the Grub package to 2.12, liveslak lost the ability to boot on a computer with Secure Boot enabled.
Grub 2.12 is a lot stricter than the previous 2.06 release when it comes to trusting the files it loads and executes. The way it works now is as follows (step 1 and 2 a
https://alien.slackbook.org/blog/liveslak-1-8-2-re-adds-secure-boot-support/
#Slackware #Software #certificate #gpg #grub #liveslak #secureboot #shim
I have the following #problem in #Linux #Ubuntu
When I installed it on the #Lenovo P50, I did not find the option to change the mode from #UEFI to #Legacy, so I installed Ubuntu with UEFI mode enabled.
Is it possible to disable UEFI mode and remove the #shim-signed package (and its dependencies) inside Ubuntu?
Interesting detail in the description of the main EFI changes merged for #Linux 6.9[1]:
"'"Avoid creating mappings that are both writable and executable while running in the EFI boot services. This is a prerequisite for getting the x86 #shim loader signed by MicroSoft again, which allows the distros to install on x86 PCs that ship with EFI secure boot enabled."'"
[1] https://git.kernel.org/torvalds/c/70ef654469b371d0a71bcf967fa3dcbca05d4b25
Patch Now: Shim vulnerability affects nearly all Linux distros https://www.linux-magazine.com/Online/News/Bootloader-Vulnerability-Affects-Nearly-All-Linux-Distributions #security #bootloader #shim #vulnerability #CVSS #HTTP #bug #Linux #OpenSource #patch #FOSS
#Bootloader-Lücke: Viele #Linux-Distributionen sind gefährdet | Security https://www.heise.de/news/Bootloader-Luecke-gefaehrdet-viele-Linux-Distributionen-9624201.html #shim
@mcfly
No, the #SHIM vulnerability is NOT a "Remore Code Execution vulnerability" [sic]. Unless of course one would be so silly as to remote boot over the public internet.
It is a mere inside threat. Exploitation would need a quite sophisticated "evil maid". So in the end it is 'nothing to write home about'.
A Microsoft researcher found it—and it’s somehow Microsoft’s fault.
A critical vulnerability in most #Linux distributions now has a patch ready. Enterprise users especially need this if booting using HTTP or PXE.
So go get it. In #SBBlogwatch, we patch #shim and update the DBX. At @TechstrongGroup’s @SecurityBlvd: https://securityboulevard.com/2024/02/linux-shim-bootkit-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc
An interesting vulnerability in the #shim package affects nearly all Linux distributions since the past decade.
https://thehackernews.com/2024/02/critical-bootloader-vulnerability-in.html
"Shim macht auf Linux-Systemen Secure Boot nutzbar."[1] ist irgendwie wie "Nasse Straßen führen zu Regen", wie es Michael Crichton beim "Gell-Mann Amnesia Effect"[2] erwähnt. 🤔
Klar, irgendwie stimmt der Satz. Aber irgendwie auch nicht, denn ohne etwas wie #Shim ließen sich #Linux-Distributionen auf modernen #UEFI-Systemen out-of-the-box gar nicht erst nutzen, solange #SecureBoot aktiv ist. 🤨
[2] https://en.wikipedia.org/wiki/Michael_Crichton#Gell-Mann_amnesia_effect
Critical #shim bug impacts every #Linux boot loader signed in the past decade
https://securityaffairs.com/158792/hacking/critical-shim-bug-linux.html
#securityaffairs #hacking
Hi, my name is Shim Shady! (NVD CVSS 9.8 - Critical)
Critical vulnerability
CVE-2023-40547 was identified in the #Shim software (used by most Linux distributions during the boot process). Particularly - to support Secure Boot.
https://eclypsium.com/blog/the-real-shim-shady-how-cve-2023-40547-impacts-most-linux-systems/
It's been nearly 8 years since I 3D printed a shim...
➡️ https://rasterweb.net/raster/2015/12/28/3d-printed-shim/
#3DPrinting @3dprinting@techhub.social #shim #hack
Red Hat is #hiring!
The Bootloader Engineering Team(Core Platforms Engineering) in Red Hat is looking for the sheer talented and open to all with the suitable skills passion and dedication.
#Hiring #RedHat #Fedora #bootloader #shim #Grub #firmware #uefi #OpenSource
🌎 Remote / Mexico
⏰ Full-time
🏢 Red Hat
Link to apply for this position on this diverse team:
https://global-redhat.icims.com/jobs/100038/principal-software-engineer/job
