diff --git a/nixos/boxes/foureighty/custom-kernel.nix b/nixos/boxes/foureighty/custom-kernel.nix
index c204462a..6fcf382f 100644
--- a/nixos/boxes/foureighty/custom-kernel.nix
+++ b/nixos/boxes/foureighty/custom-kernel.nix
@@ -9,6 +9,44 @@
       MCORE2 y
       ENERGY_MODEL y
       INTEL_TXT y
+      LOCKUP_DETECTOR y
+      HARDLOCKUP_DETECTOR y
+      BUG y
+
+      SECURITY_SELINUX_DISABLE  n
+
+      STRICT_KERNEL_RWX  y
+
+      DEBUG_CREDENTIALS      y
+      DEBUG_NOTIFIERS        y
+      DEBUG_SG               y
+      DEBUG_STACKOVERFLOW    y
+      SCHED_STACK_END_CHECK  y
+
+      SHUFFLE_PAGE_ALLOCATOR  y
+
+      SLUB_DEBUG  y
+
+      PAGE_POISONING            y
+      PAGE_POISONING_NO_SANITY  y
+      PAGE_POISONING_ZERO       y
+
+      SECURITY_SAFESETID  y
+
+      PANIC_TIMEOUT  -1
+
+      GCC_PLUGINS  y
+      GCC_PLUGIN_LATENT_ENTROPY  y
+
+      GCC_PLUGIN_STRUCTLEAK  y
+      GCC_PLUGIN_STRUCTLEAK_BYREF_ALL  y
+      GCC_PLUGIN_STACKLEAK  y
+      GCC_PLUGIN_RANDSTRUCT y
+      GCC_PLUGIN_RANDSTRUCT_PERFORMANCE  y
+
+      ACPI_CUSTOM_METHOD  n
+      PROC_KCORE          n
+      INET_DIAG           n
     '';
   } ];
 }
diff --git a/nixos/boxes/foureighty/default.nix b/nixos/boxes/foureighty/default.nix
index b5e7f1c0..c35ad2cf 100644
--- a/nixos/boxes/foureighty/default.nix
+++ b/nixos/boxes/foureighty/default.nix
@@ -18,7 +18,7 @@
     ../../mercurial
   ];
 
-  boot.kernelPackages = pkgs.unstable.linuxPackages_latest_hardened;
+  boot.kernelPackages = pkgs.linuxPackages_latest_hardened;
   boot.loader.grub = {
     enable = true;
     version = 2;
diff --git a/nixos/gui/default.nix b/nixos/gui/default.nix
index 340e9806..fc4b9d1c 100644
--- a/nixos/gui/default.nix
+++ b/nixos/gui/default.nix
@@ -34,6 +34,7 @@
       libreoffice
       mindforgerPatched.mindforger
       passff-host
+      pdfarranger
       python38Packages.binwalk-full
       qemu aqemu
       shotwell