In this comprehensive episode of "Nerding Out with Viktor," we delve into the intricate world of coreboot, a leading open-source BIOS technology. Joining the discussion are Matt DeVillier, also known as Mr. Chromebox, renowned for his contributions to coreboot, first as a community member, and later professionally at Purism and AMD. Also joining is David Hendricks, a seasoned expert with a background at major tech companies like Facebook, Google, and Amazon.
David Hendricks sets the stage by recalling his initial foray into coreboot during his internship with project founder Ron Minnich. He narrates his experiences at Los Alamos National Lab and his pivotal role as the first firmware engineer for Google's Chrome OS team. Matt Devillier shares his journey from a hardware enthusiast to becoming a notable figure in the coreboot community, with a focus on x86-based Chrome OS devices.
The episode dives deep into the mechanics and significance of coreboot, contrasting it with U-Boot and highlighting its varied applications, particularly in Chromebooks and server environments.
A significant segment of the conversation focuses on security within BIOS technology. The experts discuss Secure Boot, differentiate between Google's verified boot and UEFI Secure Boot, and emphasize BIOS control for robust security. They also examine critical BIOS vulnerabilities like LogoFail and PixieFail, underscoring their impact on the security landscape.
Supply chain security emerges as a key topic, with discussions around the importance of transparency and control in the firmware development process. The conversation delves into Software Bill of Materials (SBOMs) and their role in ensuring firmware integrity and trust, reflecting coreboot's commitment to supply chain security.
For organizations contemplating a transition to coreboot, the discussion illuminates the associated challenges and steps, emphasizing the need for early engagement with ODMs and the value of consulting services. The potential of RISC-V in the open hardware field and coreboot's involvement in this evolving area is also explored.
Matt and David conclude the episode with insights into the circular economy and coreboot’s role in extending the lifespan of hardware. They discuss its importance in developing countries and sustainable computing practices.
This episode of "Nerding Out with Viktor" offers a thorough understanding of coreboot, its impact on technology, its crucial role in BIOS security and supply chain integrity, and a vision for the future of BIOS technology and open-source firmware development.
Useful Resources:
Discover more about coreboot (www.coreboot.org), including consultant links (coreboot IBVs), hardware vendors using coreboot, and extensive documentation at coreboot's homepage.
Explore MrChromebox.tech (mrchromebox.tech) for Matt DeVillier's (Mr. Chromebox) custom distribution of coreboot.
Access Converged Security Suite (github.com/9el..., a suite of tools designed for provisioning Bootguard, enhancing the security of your devices.
Utilize goswid (github.com/9el..., a tool for generating Software Bill of Materials (SBOM) within coreboot, ensuring firmware transparency and integrity.
For developers and enthusiasts, find comprehensive information on Chrome OS Devices (www.chromium.o..., including those powered by coreboot, at Developer Information for Chrome OS Devices. Note that almost all recent x86 and ARM models of ChromeOS devices use coreboot, with the exception of the earliest models.