Manuel Traut

Fediverse Profile link: https://mountains.social/@manut

Over the years Manuel gained experience in building Linux BSPs with different methods and toolkits. With this knowledge in mind he maintained the embedded linux build environment (ELBE http://elbe-rfs.org) for several years. Manuel has given Linux-related talks at RTLWS, LinuxTag and Chemnitzer Linuxtage, Embedded Linux Conference Europe, all systems go and at debconfs.

Manuel loves to run Debian (Mobian) on its daily phone and maintains some packages that are also useful on mobile phones running Mobian like cozy.

Accepted Talks:

An introduction to immutable OS images

An immutable image is a OS installation that limits the user by modifying sensitive parts of the OS.

But what shall this be good for?

Limit myself of using my computer?
Increasing security by detecting modifications?
Protecting end users of an embedded device?

What kind of immutable images can we build? Read-only RFS? Only ‘/usr’ is immutable. What are the benefits / drawbacks / use-cases of different concepts?

What about runtime security? Using Integrity Policy Enforcement, to go beyond SecureBoot.