this post was submitted on 18 Dec 2024
196 points (97.1% liked)
Technology
59982 readers
4564 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Can't say I've ever seen an example of signed firmware that didn't exist to further exploit the working class.
You've never used Linux?
Signed firmware just means you can prove a given key was used to sign something. Most Linux distributions sign their packages so you know one of the trusted keys from the maintainers was used to sign the packages (and yes, this includes firmware), which prevents a man-in-the-middle from modifying packages.
The only problem I have with signed firmware is if there's no way to change the acceptable keys. Signing itself is an important security feature, its only problematic if the user can't upload their own signed packages.