To update blobs or not to update blobs
2 days ago
- #firmware
- #security
- #open-source
- Hardware often runs non-free software, referred to as firmware, which can be stored in ROM, flash, or pushed at runtime.
- Most firmware is non-free, sometimes cryptographically signed or encrypted, making replacement or examination difficult.
- Key considerations include whether firmware updates introduce unwanted functionality, security flaws, or backdoors.
- Trust in firmware vendors is complicated by lack of transparency and the inability to verify source code.
- Firmware in ROM cannot be fixed if found to be hostile, posing a long-term risk.
- Hardware vendors could backdoor firmware, and updates might introduce new vulnerabilities.
- Locking firmware updates to vendors only is seen as restrictive and anti-user.
- Firmware bugs can be severe, such as SSD vulnerabilities bypassing encryption, necessitating updates.
- Reverse engineering firmware is possible but more challenging than auditing source code.
- Firmware vulnerabilities can compromise the OS, especially without strong IOMMU protection.
- Replacing non-free firmware with another non-free version doesn't reduce the number of active non-free components.
- Users must balance trust in CPU vendors with the necessity of using their hardware.
- CPU microcode updates can fix bugs or mitigate vulnerabilities but may introduce new risks.
- Firmware updates should be optional, allowing users to define their own security models.
- Free firmware enables user improvements and enhances hardware functionality.