's Avatar

@ejaaskel.bsky.social

Embedded Software developer, blogger and maybe a few other things as well. Blog at https://ejaaskel.dev

21 Followers  |  7 Following  |  60 Posts  |  Joined: 30.11.2024  |  1.7784

Latest posts by ejaaskel.bsky.social on Bluesky

Writing a Distro for No-one (or Anyone) Yocto Project Summit 2025.12 In Yocto-based projects, the distribution is commonly a means to an end - sandwiched between the BSP and business logic, it often simply "exists". But what if the distro itself is the focus of the pro...

I’ll be presenting at Yocto Project Summit this year. It’ll be a quick lighting talk about creating generic Yocto distributions

pretalx.com/yocto-projec...

12.11.2025 08:25 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Protecting U-Boot Command Line - ejaaskel This text should help you harden U-Boot by fixing the lowest-hanging fruit: unfettered access to the bootloader control interface.

New blog post on how to harden access to the U-Boot command line interface

ejaaskel.dev/protecting-u...

05.11.2025 10:53 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
kas-sulka kas configuration for building Sulka

Release 0.2.0 of the secure Yocto distro Sulka is out now. You can get started here, and feel free to ask if you’ve got questions

codeberg.org/AltidSec/kas...

14.10.2025 17:35 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Hack After Dark Hack After Dark on Oulussa 18.10.2025 jÀrjestettÀvÀ hakkerihenkinen tapahtuma. Tapahtuma on vapaamuotoinen, sisÀltÀÀ puheenvuoroja, verkostoitumista, keskusteluita ja mahtavan hakkerivisan. Hack After...

I’ll be presenting at Hack After Dark in Oulu, Finland on October 18th. The topic is a familiar one, humans and cybersecurity. More info from the link below

tarlab.fi/HackAfterDark

03.10.2025 09:26 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Module Signing Keys (Without Building Kernel) - ejaaskel In this blog post we will talk about module signing keys in a situation where the entity developing and signing kernel modules cannot build in their keys.

I wrote a bit more about the kernel module signing to my blog

ejaaskel.dev/module-signi...

01.10.2025 06:57 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Yocto Hardening: Kernel Module Signing - ejaaskel This time we have a relatively simple and effective hardening measure that may prevent big headaches: kernel module signing.

New blog post about Yocto hardening is now out. This time we’ll discuss about signing kernel modules

ejaaskel.dev/yocto-harden...

22.09.2025 09:56 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Thanks! Seems useful for staying in the loop

20.09.2025 05:16 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I spent a day studying and trying to understand EU CRA. Surprisingly, it wasn’t the dullest day ever

17.09.2025 19:06 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Open Source Summit Europe 2025: Thinking Outside the (Linux) Box: Securi... View more about this event at Open Source Summit Europe 2025

The slides for my #OSSummit Europe presentation are pretty much done, and the β€œbeta test” presentation today went well. Looking forward to doing the actual presentation the next Monday!

osseu2025.sched.com/event/25VnI/...

21.08.2025 08:05 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Making a presentation feels a bit like making music. After certain point all the β€œimprovements” end up making the final result worse

18.08.2025 10:12 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

For someone who’s scared of flying, the constant β€œyour flight is in X days” reminder mails are quite stressing

13.08.2025 07:08 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Some recent updates to Sulka distro, too many to list out in a single post so you’ll have to settle for LinkedIn screenshot

22.07.2025 15:04 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Yocto Hardening: Multi-Factor Authentication - ejaaskel In this blog post, I'll show how to integrate Google Authenticator into a Yocto system to enhance the security of remote login flows.

It's frustrating when you accidentally copy-paste your secret password into a chat and get your account hacked. Fortunately, multi-factor authentication can prevent that. This applies to the embedded Linux devices as well. I wrote a blog on how to enable MFA on Yocto: ejaaskel.dev/yocto-harden...

02.07.2025 08:43 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Balatro is going to destroy my productivity

27.06.2025 20:16 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
meta-sulka-distro Meta-layer for Sulka, hardened Yocto Linux distribution

Some additions to Sulka, secure Yocto distro, from the past few weeks:
- Added kas configuration
- Added rudimentary tests
- Added password expiration option
- Hardened /proc and tmpfs moutns
- Changed password encryption to yescrypt
- Few more smaller changes

Link here
codeberg.org/altidsec/met...

26.06.2025 05:41 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Open Source Summit Europe 2025: Thinking Outside the (Linux) Box: Securi... View more about this event at Open Source Summit Europe 2025

In my excitement I forgot to share here that I’ll speaking in the Embedded Linux conference (part of Open Source Summit Europe) about how humans affect the security of embedded systems osseu2025.sched.com/event/25VnI/...

24.06.2025 05:40 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Introducing Sulka, the Hardened Yocto Distro - ejaaskel For years I have been telling myself that it's a bit too much for a single person to try and manage a distro, but now I think it's time to give it a go.

I started to write a secure Yocto distro to put the lessons learned from my Yocto Hardening blog series into use. It’s still quite early in the development, but it’s in a stage where it can be tested ejaaskel.dev/introducing-...

13.06.2025 07:19 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Running Zephyr RTOS on NEORV32 Soft Processor - ejaaskel The last time I was playing with an FPGA I connected Basys 3 and Raspberry Pi. It's time to increase the difficulty a bit and create our SoC using FPGA.

Here’s the first part in case you missed it

ejaaskel.dev/running-zeph...

21.05.2025 06:32 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Adding SPI & AXI to NEORV32 Design - ejaaskel In the previous part we created an FPGA design that runs NEORV32 and is capable of booting Zephyr. Let's improve it by adding an SPI block and external memory.

Continuing with the FPGA stuff in the new blog post, getting a bit deeper into the block design.

ejaaskel.dev/adding-spi-a...

21.05.2025 06:17 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Running Zephyr RTOS on NEORV32 Soft Processor - ejaaskel The last time I was playing with an FPGA I connected Basys 3 and Raspberry Pi. It's time to increase the difficulty a bit and create our SoC using FPGA.

Stydying FPGA continues, this time we’re throwing an RTOS into the mix ejaaskel.dev/running-zeph...

15.05.2025 06:36 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Configuration with PACKAGECONFIG in Yocto - ejaaskel The OpenEmbedded build system used by the Yocto Project has a powerful feature that is slightly hidden in the documentation: package configuration.

New blog post about package configuration in Yocto is out now:

ejaaskel.dev/configuratio...

07.05.2025 06:54 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Linux & FPGA, The Perfect Match? - ejaaskel FPGA, one of life's big mysteries. Let's combine Raspberry Pi 5 and Basys 3 boards and see how we can demonstrate communication between these two devices.

I wrote a blog post about how to connect two boards with three jumper wires, and that’s approximately a 14 minute read. I may need to learn more concise writing. But yes, a new text about connecting a RasPi and an FPGA board to each other and using UART to communicate:

ejaaskel.dev/linux-fpga-t...

24.04.2025 09:36 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
β€œWith Rust, you have the hangover first”

β€œWith Rust, you have the hangover first”

From an internal conference

02.04.2025 20:27 β€” πŸ‘ 83    πŸ” 4    πŸ’¬ 2    πŸ“Œ 0
Encrypting In Yocto With fscryptctl - ejaaskel In this blog text I'll briefly cover how to use fscryptctl to encrypt and decrypt directories in an embedded Linux system.

You might wonder why the new encryption blog post has a picture of a deer in it. It's because it is a key deer, and encryption uses keys, and that is hilarious.

ejaaskel.dev/encrypting-i...

02.04.2025 16:47 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I'd like to switch back to Mastodon, but I already spent an hour trying to make a Bluesky feed plug-in look correct in WordPress. I feel like I'm too invested in this to quit.

02.04.2025 12:27 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Vibe coding basically sounds like an upgrade to low-code/no-code tools. Or a downgrade, not 100% sure yet.

19.03.2025 13:32 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Yocto Hardening: Block Device Encryption with dm-crypt - ejaaskel Data safety is crucial in the embedded systems. The devices can store information that should be kept secret. Encryption can be used to achieve exactly that.

Also, in case you missed it, here’s the first part

ejaaskel.dev/yocto-harden...

19.03.2025 07:52 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Yocto Hardening: File System Encryption with fscrypt - ejaaskel Let's continue encryption with the second part and move on to file system encryption.

The second blog post about encryption in Yocto is out now. This time we’re getting into file system encryption.

ejaaskel.dev/yocto-harden...

19.03.2025 07:51 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

I've been using Linux recently and the smugness it makes me feel is divine. You guys raved about everything except the smugness. You should lead with that next time you sell it to the mainstream

13.03.2025 09:53 β€” πŸ‘ 2227    πŸ” 160    πŸ’¬ 139    πŸ“Œ 23

I mean, if I knew a lot about AI or if I was selling AI services, it would make sense to post stuff like that. But neither is true. I'll have to reduce browsing LinkedIn, that's true for sure.

14.03.2025 07:40 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@ejaaskel is following 6 prominent accounts