heise+ | Keine Updates mehr: Sicherheitsrisiken von veralteten UEFI-BIOS-Versionen
Die meisten älteren PCs, Notebooks und gebrauchten Computer erhalten keine BIOS-Updates mehr. Es stellt sich die Frage, wie unsicher solche Rechner sind.
Been down the rabbit hole of #UEFI boot issues lately and have been poking around specifically with the Secure Boot process and how it works out-of-the-box in #Linux distros like #Debian / #LinuxMint with #Shim & #GRUB.
For more than you probably wanted to know about Secure Boot, check my write-up:
The article was published September 29, 2023 (9 days ago).
The guide provides every option available, too. Starting with using their Windows Subsystem for Linux (WSL), to using a Virtual Machine, and even on "Bare Metal" alongside Windows.
That's right, Microsoft now tells you how to dual-boot Linux. 🤯
Yeah but that's just minimally less bad than going full #heads as aftermarket #firmware and requiring all executeables to be signed by the device owners' personal PGP keys...
Use fwupd to deploy #Linux firmware #update's and more:
The #fwupd project is an #opensource framework that allows end users to update #firmware on thousands of different devices. Although it was initially designed for the #laptop and #desktop use case, it is now being used on everything from Chromebooks, #IoT devices, #mobile phones, and headless servers in datacenters.
Fritzbox-Sicherheitsleck analysiert: Risiken und Gegenmaßnahmen
AVM schließt bei vielen Fritzboxen eine Sicherheitslücke. Unserer Analyse zufolge lässt sie sich aus der Ferne ausnutzen – sogar mit abgeschaltetem Fernzugriff.
I’m looking for a a consultant with a good understanding of layers 1-3 of the WiFi networking stack. We have solid RF engineers and application layer software folks, but could use some help in the middle. This is for an in market medical device.
Mit neuen Firmware-Upgrades beschleunigt Prusa nicht nur den MK4, sondern auch den MINI. Zudem erklärt Josef Průša, wieso Geschwindigkeit nicht alles ist.
I spoke at FOSSY this summer in Portland and the videos have been posted recently. If you'd like to see my talk about Free Software Policy with Semi-Firm Firmware, where I compare firmware with tofu, you can find the video here:
I want to replace my existing wall thermostat with something smarter but NOT connected to "the Cloud" for security reasons. The more open the #firmware the better.
My goals are to be able to deploy wireless temperature sensors in every room of the house and be able to script things from a #raspberrypi with API calls to the device. Any suggestions?
People keep referring to the Cat 22 flip phone as a dumb phone. It has a touch screen, runs Android, and has the Google Play Store. It is a flip phone, but I think that's too much to even qualify as a "feature phone". Just being a flip having a smaller screen, and having a physical keypad doesn't make something a "dumb phone".
A #DumbPhone is something that has a non-extensible #Firmware with only the functions baked in #ROM to be supported.
A #FeaturePhone however would at least allow customizations in terms of look and feel or some content - like ringtones, maybe some [Java Mobile] Games, and being able to play music.
TWiLightMenu Release v26.1.1 (github.com)
Includes nds-bootstrap v1.0.1...