Re: Discussion topic(s) for Tuesday's meeting? :-) - BALUG-Talk

15 Apr 2025


      Sorry for late reply,
This sounds like just what I was hoping to learn about
To give some context, I am currently trying to learn how to make
reproducible OS builds using mkosi https://github.com/systemd/mkosi
One of the big advantages of the tool is that is helps get closer to the
points outlined in Fitting Everything together
https://0pointer.net/blog/fitting-everything-together.html by Pottering
in which he outlines some key goals including:
- increasing usage of the TPM to increase security
- self-signing keys so we can have operating systems that are both
immutable AND hackable (no more corporate signed keys!)
- ensuring the validity of the entire stack by using secure boot, encrypted
home drives, and sandboxing for user applications to make a more secure
environment
All of this is with the goal of running particleos
https://github.com/systemd/particleos eventually but i would settle for
just a custom-rolled arch distro that I upgrade in A/B fashion. But one of
the fundamental assumptions of all of this is that im self-signing keys and
using them for everything from secure-boot, to my home drive if necessary
but I have held off from learning these security topics until now!
On Thu, Apr 10, 2025 at 10:54 PM Michael Paoli via BALUG-Talk <
balug-talk@lists.balug.org> wrote:
...
---------- Forwarded message ----------
From: Michael Paoli michael.paoli@berkeley.edu
To: BALUG-Talk balug-talk@lists.balug.org
Cc: Darrion Burgess dargondab9@gmail.com
Bcc:
Date: Thu, 10 Apr 2025 22:52:53 -0700
Subject: [BALUG-Talk] Discussion topic(s) for Tuesday's meeting? :-)
Thanks all, yes meeting last month was excellent, thanks for making it
so!
So, I was thinking, topic(s) (not that we need be limited to such) for
meeting this month (soon - Tuesday!) ... and following a bit from last
month's meeting, perhaps something along the lines:
Linux encryption and security hardware.
So, perhaps around LUKS, TPM chip, YubiKey, FIDO2, etc.
More-or-less extension of fair bit that was discussed at last meeting.
And, not too horribly redundant with presentations/talks/topics that
have been done at BALUG before (e.g. done LUKS presentation before,
have at least had security as topic, but don't think we've (much)
covered TPM chip, YubiKey, FIDO2, etc. before, so was thinking to mix it
up and expand it a bit more.
Also, did we have some other question(s)/topic(s) from last meeting that
we didn't quite get around to covering?
Feel free to let me know your thoughts, and I'll put together at
least something regarding (at least leading, but by no means limited to)
topics for the meeting, and will get that then updated on the web site,
and also use that for items sent to the Announce list before the
meeting.  Anyway, I'm hoping/aiming to get that done and at least
initial bits out in the next couple days or so
---------- Forwarded message ----------
From: Michael Paoli via BALUG-Talk balug-talk@lists.balug.org
To: BALUG-Talk balug-talk@lists.balug.org
Cc: Darrion Burgess dargondab9@gmail.com
Bcc:
Date: Thu, 10 Apr 2025 22:52:53 -0700
Subject: [BALUG-Talk] Discussion topic(s) for Tuesday's meeting? :-)
_______________________________________________
list: BALUG-Talk@lists.balug.org help: https://lists.balug.org/help/
unsubscribe email: balug-talk-unsubscribe@lists.balug.org