| |||||||||||||
Papering over a binary blobPapering over a binary blobPosted Sep 29, 2011 0:37 UTC (Thu) by Cyberax (✭ supporter ✭, #52523)Parent article: Papering over a binary blob
Stoopid.
First, if there's a rootkit in the current firmware then you're screwed. Permanently.
Second, if there's no rootkit in the current firmware but you still can reprogram the hardware then you are just as screwed as ever.
Third, if there's a hardware vulnerability then there's no way you'll be able to fix it by updating the firmware.
(Log in to post comments)
Papering over a binary blob Posted Oct 3, 2011 8:16 UTC (Mon) by pbonzini (subscriber, #60935) [Link]
That's the same thing you could say 25 years ago about putting your OS in ROM: "First, if there's a rootkit in the OS then you're screwed. Permanently. Second, if there's no rootkit in the OS but you still can reprogram the hardware then you are just as screwed as ever. Third, if there's a hardware vulnerability then there's no way you'll be able to work around it by updating the OS."
The microcontroller indirection is asking the vendor to put himself on the same level as their users. If the users cannot prepare updates, neither should the vendor. If the vendor can, so should the users.
Firmware is where a lot of interesting stuff happens for many network cards. Freedom of firmware is nowadays what freedom of OSes and drivers was when Stallman wrote the GNU manifesto. He won that front, why should he resign to vendors on this one?
Papering over a binary blob Posted Oct 6, 2011 15:11 UTC (Thu) by renox (subscriber, #23785) [Link]
> The microcontroller indirection is asking the vendor to put himself on the same level as their users. If the users cannot prepare updates, neither should the vendor. If the vendor can, so should the users.
How is-it "asking the vendor"?
Note that for the firmware of a radio HW, this could even lead your products to be banned..
|
|||||||||||||