This year has seen a number of people putting quite some effort into strengthening the @barebox bootloader's security posture .
At @LinuxSecSummit in Amsterdam, I had the opportunity to present some of the work: security-focused documentation, fuzzing, hardening and a new framework for runtime access control.
The (correct!) slides are online now: https://static.sched.com/hosted_files/lsseu2025/94/hardening-the-barebox-bootloader.pdf
Here are the slides for my "State of SELinux" presentation this afternoon at the @LinuxSecSummit in Amsterdam. For those who are interested, I'll also be hosting a SELinux BoF later today at the conference.
https://paul-moore.com/docs/2025-lss_eu-state_of_selinux-pcmoore-r2.pdf
I'm going to be presenting #Incus OS at the upcoming @LinuxSecSummit https://lssna2025.sched.com/event/1zalr/putting-together-a-secure-virtualization-and-containerization-platform-stephane-graber-zabbly
Gonna be giving a talk "SLUB Internals for Exploit Developers" at @LinuxSecSummit next week.
Plan to cover the basics one needs to know before writing exploits for slab bugs; slides coming along π
Also gonna stay around for @linuxplumbersconf.