News & Updates

LamBoot v0.9.0 closes the long-standing shim 15.8 ShimLock-uninstall gap that previously broke stock distro /boot-on-ext4 under Secure Boot — structurally, not via a workaround. v0.8.3 said “use UKI as workaround”; v0.9.0 says “stock distros work.”

What shipped

• Native ext4 read backend (SDS-2) on top of the ext4-view Rust crate — read-only by design
• Native PE loader (SDS-3) — own image verification + load, no firmware LoadImage chainload
• Native trust chain (SDS-4) — covers what shim/firmware can’t see
• BLS multi-FS discovery (SDS-5) — scan BLS Type 1 entries on every mounted volume
• Pop!_OS / systemd-boot-discoverable-EFI auto-discovery — first non-systemd-boot bootloader to pick up Pop!_OS kernels
• EFI Fallback chainload self-loop guard — safe to write LamBoot to the firmware-fallback path repeatedly
• Append-mode trust log with per-image SHA-256

The Pop!_OS angle

Pop!_OS uses System76’s kernelstub to lay kernels out at \EFI\Pop_OS-<root-uuid>\vmlinuz.efi — a systemd-boot-style auto-discovered layout per the Boot Loader Specification, with no BLS Type 1 entries. Before v0.9.0, LamBoot’s discovery missed Pop!_OS entirely. Pop!_OS is the only mainstream distro shipping kernelstub-managed kernels-on-ESP without BLS Type 1 entries; LamBoot now picks it up first-class. Live evidence from VM 124: trust log shows entries_discovered total=7, Pop!_OS Recovery selected, image_verified verified_via=degraded_trust_sb_direct, image_loaded_native loader=native_pe_loader.

Read-only /boot guarantee

The ext4-view crate is read-only by design — LamBoot’s code literally cannot modify your /boot, backed by language and crate guarantees. This is a stronger claim than any other mainstream Linux bootloader can make.

Coordinated lamboot-tools v0.3.0

Shipped alongside: esp-deploy.sh as a canonical library sourced by other commands; a new offline lamboot-esp deploy subcommand for VM-template builders and offline repair; hardened foreign-bootloader detection at \EFI\BOOT\BOOTX64.EFI; first-class BootOrder reorder.

Coverage

Debian 13, Ubuntu 24.04 / 25.10, Fedora 43, and Pop!_OS 24.04 fully covered under specific Secure Boot + filesystem configs. Test suite: 137 host tests + 219 bats + verify-claims 84/0/1.

What’s next

v1.0’s anchor shifts to Path D — Microsoft shim-review submission, the first Rust bootloader through rhboot/shim-review. Removes per-system MOK enrollment; broadens trust baseline to Microsoft-signed level. Native btrfs and xfs read backends follow. Microsoft UEFI CA 2011 expires June 2026 — a timeline factor for fleet operators.

Download

Tag v0.9.0. Tarball: lamboot-0.9.0-x86_64.tar.gz. SHA-256: b7058cc5e58c5406d877cdb2991c75fe20919fef6c6b2b712c259bfaa0b9918d.

Lamco RDP Server v1.4.2 is now available with important compatibility fixes and expanded test coverage.

What's Fixed

• PipeWire/pipewire-rs 0.9.2 compatibility — resolved breaking changes in the latest PipeWire Rust bindings
• VA-API VP9 encoding fix — corrected hardware-accelerated VP9 encoding for libva 2.22+

Testing

The test suite now includes 415 passing tests, continuing our commitment to comprehensive automated verification.

Availability

v1.4.2 is available via Flatpak, AUR, and RPM Fusion. Debian packaging is pending sponsor review.

Lamco RDP Server is now available in RPM Fusion nonfree for Fedora 43 and Fedora 44 — making it the first Wayland-native RDP server available as a standard Fedora package.

Fedora users can install with a single command:

sudo dnf install lamco-rdp-server

Packages are available for both x86_64 and aarch64 architectures.

The lamco-rdp-server source package has been submitted to mentors.debian.net for inclusion in the Debian nonfree component. The package is awaiting sponsor review.

Once accepted, Debian and downstream distributions (including Ubuntu) will be able to install Lamco RDP Server directly from their package managers.

All 7 of our open source Rust crates have been updated with the latest improvements. Total downloads across all crates have surpassed 1,831.

Updated Crates

• lamco-rdp — Core RDP protocol implementation
• lamco-wayland — Wayland compositor integration
• lamco-gfx — Graphics pipeline and encoding
• lamco-input — Keyboard and mouse input handling
• lamco-clipboard — Clipboard synchronization
• lamco-audio — Audio playback via PipeWire
• lamco-net — Network transport and TLS

All crates are available on crates.io under permissive open source licenses.

We're excited to announce that NetKit v1.0.1, our professional WiFi analysis library for Kotlin, is now available on Maven Central!

What is NetKit?

NetKit is a comprehensive Kotlin Multiplatform library providing everything you need to build professional WiFi analysis tools. With 7 modular libraries and over 3,500 automated tests, NetKit brings enterprise-grade network analysis to Android, JVM, and Kotlin Multiplatform projects.

What's New in v1.0.1

Maven Central Publication

NetKit is now published to Maven Central under our verified io.lamco namespace. This means developers can add NetKit to their projects with zero configuration:

dependencies {
    implementation("io.lamco.netkit:core:1.0.1")
}

No custom repositories, no special setup - just add the dependency and go!

Four New Modules

We've expanded NetKit with four powerful new modules:

1. Analytics - Time series analysis, correlation detection, and visualization
2. Export - Multi-format export (CSV, JSON, PDF, Markdown, HTML, GeoJSON, KML)
3. Intelligence - ML-based predictions, anomaly detection, optimization
4. Security - Advanced security analysis with industry-first WPA3-SAE-PK detection

Quality & Documentation

• 3,561+ automated tests (92% code coverage)
• 100% KDoc API documentation
• GPG-signed releases for security
• Comprehensive examples and guides

Why Maven Central?

Maven Central is the industry standard for JVM libraries, used by millions of developers worldwide. Publishing to Maven Central signals that NetKit is:

• Production-ready - Used in real applications (like WiFi Intelligence)
• Professionally maintained - Semantic versioning, signed releases
• Trustworthy - Verified namespace, comprehensive testing
• Enterprise-grade - Suitable for commercial and enterprise use

Get Started

Visit our Developer Documentation to start building with NetKit, or browse the Maven Central Repository to see all available modules.

We can't wait to see what you build with NetKit!