TP-link is reportedly being investigated over national security concerns linked to vulnerabilities in its very popular routers.

  • sugar_in_your_tea@sh.itjust.worksEnglish
    21·
    1 day ago

    Signed firmware doesn’t cost anything, so I’m not sure what you mean by “keep the poors out.” Signed firmware has a very valid use case for preventing supply chain attacks. The only time I have an issue with it if there’s no way to make your own signed package or bypass the requirement.

    • ms.lane@lemmy.worldEnglish
      21·
      11 hours ago

      It costs the ability to flash your own firmware.

      The only time I have an issue with it if there’s no way to make your own signed package or bypass the requirement.

      That’s 100% of all signed firmware implementations.

      • sugar_in_your_tea@sh.itjust.worksEnglish
        1·
        3 hours ago

        These checks are usually at the application level, so flashing via telnet/SSH still works. It’s generally not like TPM where the boot will be blocked if the signature doesn’t match, and in many cases, systems with those protections have a way to set your own keys (e.g. like with GrapheneOS on Pixel phones).