• she/they

pdx queer dev, now an Old


cathoderaydude
@cathoderaydude

This is the third and final tentpole of the Quick Start series. It has all been building up to this. There will be more episodes, but I told all those stories so I could tell this one.



You must log in to comment.

in reply to @cathoderaydude's post:

when i saw quicklook was efi i was like "... oh! hmmm." my ass was not ready for DayStarter. my ass was not ready for DayStarter in the slightest. what are we even doing with computers. they should make, like, kibble for executives that is packed with all the New Innovative Features you'd swear they need to survive

good piece as usual

something of note, which you might actually know but which wasn't mentioned in the video: tools like the open source version of memtest86+ actually compile a standalone EFI binary while building it, which you can then stash in your EFI System Partition (ESP) and boot directly in several different ways. you can add it as an entry to the firmware's UEFI boot menu (using efibootmgr or whatever other tooling you want), you can set it up as an option in systemd-boot or GRUB or whatever other boot manager you're using, etc. there's some Linux distros that already do this (with memtest86+ or the commercial version from PassMark or some other diagnostic tool), allowing you to skip loading the kernel entirely and just go straight to this barebones EFI application that uses as little memory as possible to make the testing more reliable

I spent some time setting this up as a feature for the custom Linux distro that a previous employer maintained which lacked this feature, because integrating a standalone memtest86+ into the base OS install would have been hugely useful for the hardware support people, but I ended up getting laid off before I finished implementing it and nobody else at the company had any interest in making the support teams' lives easier

The storytelling you have done with this is fantastic

As you were discussing the EFI executable for looking at exported outlook data i was like "Yeah, no, that's not a hack that's just normal" and then you fucking DROPPED BOMBS ON US

Tacking on to the end of your rant about how these things are added so that we can get product refreshes, I can't help but wonder if the TPM requirement for Windows 11 was Microsoft throwing laptop and mobo manufacturers a bone.

Based on Matthew Garrett's (mjg59) posts about TPM, I am inclined to believe that it is generally in good faith. The Linux (and probably Haiku) people want this as much as MS, they just want it to, you know, not ignore that they exist for the most part, but there are... sort of understandable reasons for why that's been a rocky process.

I remember at the time it was announced that a lot of security people were more confused that it was TPM over another chip/protocol. Probably more to do with how open of a standard it is (I am not a expert in this kind of Hardware, I just know enough that this video genuinely made me go mad.)

I am also not an expert by any means, which is why my take is basically "if someone far, far more knowledgable than me thinks it's a good idea, it might be."

mjg is pretty aggressively leftist and anti-corporate from what I've seen, and is also willing to decry an entire computing concept as "stupid bullshit that shouldn't exist" if that's how he really feels, so I feel like the fact that he has instead spent years debunking misconceptions about TPM and working hard towards supporting Secure Boot rather than just calling for people to boycott it so vendors can't get away with making it absolutely required says a lot.

I really hope the JPEGs DayStarter uses are loaded by the firmware into RAM before the OS starts booting. Accessing the disk in the SMM at the same time as the OS will not end well.
The pause feature also sounds like something that will cause a random hardware device to time out and crash if you use it the right time.
And how does it detects that Windows has finished booting? What if the detection stops working after a Windows update?

… Imagine doing this after having decided that reading/writing Outlook database files was too risky.

In discussing this with a person much more expert than me after I finished the video, they strongly suspect that this IS the case, because UEFIs FAT32 FS driver would not be available once the CSM takes over. Also, a closer reading of HP's daystarter slide suggests that it IS the responsibility of the UEFI code to hold the football so charlie brown can kick it from the SMM

also they had something to say about EFI offering some kind of "boot process complete" signal, though I wasn't sure how that worked when CSM is involved

I kinda expected you to bring in a security guy who might find some gnarly security holes in these programs, considering your joke about how this episode would "kill at least 50 firmware engineers" and your brief segment on third party addons in the ExpressGate episode, but a Ring -2 calendar viewer that can pause/hang Windows's boot process is plenty horrifying as-is.