Explore the world of open source firmware security in this 39-minute conference talk from Hack In The Box Security Conference. Dive into the Heads project, an open source custom firmware and OS configuration designed to enhance physical security and data protection for laptops and servers. Learn about the project's roots in firmware vulnerability research, its implementation of physical hardening and flash security features, and its use of custom Coreboot firmware with a Linux boot loader in ROM. Discover how Heads moves the root of trust into write-protected ROM, prevents modifications to bootup code, and uses TPM for hardware key storage and drive decryption. Examine the system's signed hypervisor, kernel, and initrd images, as well as its immutable root filesystem. Gain insights into how these firmware and software changes address various attack vectors against boot processes and physical hardware, raising the difficulty for potential attackers.