Calls: Send in your ideas. Deadline February 1st, 2023.

TPM 2.0 for HEADS

TPM 2.0 support for open source BIOS replacement firmware

HEADS is an open source custom firmware for laptops that aims to provide slightly better physical security and protection for data on the system. HEADS combines physical hardening of specific hardware platforms and flash security features with custom coreboot firmware and a Linux boot loader in ROM. This moves the root of trust into the write-protected region of the SPI flash and prevents further software modifications to the bootup code. HEADS allows to verify that laptop hardware has not been tampered with in transit or in your absence (so-called evil maid attack). Until now HEADS is mostly used with older Thinkpad X230 and T430 laptops. As part of this funded project we will develop HEADS to support state of the art hardware.

Run by Nitrokey GmbH

Logo NLnet: abstract logo of four people seen from above Logo NGI Assure: letterlogo shaped like a tag

This project was funded through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073. Applications are still open, you can apply today.

Navigate projects

Please check out NLnet's theme funds, such as NGI Assure and NGI Zero Entrust.

Want to help but no money to spend? Help us by protecting open source and its users.

.