diff --git a/content/posts/linux/Desktop-Linux-Hardening.md b/content/posts/linux/Desktop-Linux-Hardening.md
index 4026e40..febd279 100644
--- a/content/posts/linux/Desktop-Linux-Hardening.md
+++ b/content/posts/linux/Desktop-Linux-Hardening.md
@@ -257,12 +257,14 @@ Note that these configurations do not disable unprivileged user namespaces. Ther
 Read through this section on how to harden your boot parameters:
 - [2.3 Boot Parameters](https://madaidans-insecurities.github.io/guides/linux-hardening.html#boot-parameters)
 
-Kicksecure comes with these boot parameters by default. This section is fairly short, so I'd recommend that you read it through. With that being said, here are all of the parameters that you would need:
+Kicksecure comes with some of these boot parameters enabled by default. This section is fairly short, so I'd recommend that you read it through. With that being said, here are all of the parameters that you would need:
 
 ```
-slab_nomerge init_on_alloc=1 init_on_free=1 page_alloc.shuffle=1 pti=on vsyscall=none debugfs=off oops=panic module.sig_enforce=1 lockdown=confidentiality mce=0 quiet loglevel=0 spectre_v2=on spec_store_bypass_disable=on tsx=off tsx_async_abort=full,nosmt mds=full,nosmt l1tf=full,force nosmt=force kvm.nx_huge_pages=force randomize_kstack_offset=on
+slab_nomerge init_on_alloc=1 init_on_free=1 page_alloc.shuffle=1 pti=on vsyscall=none debugfs=off oops=panic module.sig_enforce=1 lockdown=confidentiality mce=0 quiet loglevel=0 spectre_v2=on spec_store_bypass_disable=on tsx=off tsx_async_abort=full, mds=full, l1tf=full,force nosmt=force kvm.nx_huge_pages=force randomize_kstack_offset=on
 ```
 
+Regarding Kicksecure, it [no longer](https://forums.whonix.org/t/kernel-hardening/7296/493) uses `mce=0` and does not enforce either `module.sig_enforce=1` or ` lockdown=confidentiality` as they lead a lot of hardware compatibility issues. They also [add](https://github.com/Kicksecure/security-misc/blob/master/etc/default/grub.d/40_cpu_mitigations.cfg) the `l1d_flush=on` and `mmio_stale_data=full,nosmt` mitigations and apply the additional `extra_latent_entropy` parameter.
+
 Note that [SMT](https://en.wikipedia.org/wiki/Simultaneous_multithreading) is disabled due to it being the cause of various security vulnerabilities. Also, on rpm-ostree based distributions, you should set the kernel parameters using `rpm-ostree kargs` rather than messing with `GRUB` configurations directly.
 
 ### Restricting access to /proc and /sys