TP-link is reportedly being investigated over national security concerns linked to vulnerabilities in its very popular routers.

  • john89@lemmy.ca
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    1
    ·
    13 hours ago

    Can’t say I’ve ever seen an example of signed firmware that didn’t exist to further exploit the working class.

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      7 hours ago

      You’ve never used Linux?

      Signed firmware just means you can prove a given key was used to sign something. Most Linux distributions sign their packages so you know one of the trusted keys from the maintainers was used to sign the packages (and yes, this includes firmware), which prevents a man-in-the-middle from modifying packages.

      The only problem I have with signed firmware is if there’s no way to change the acceptable keys. Signing itself is an important security feature, its only problematic if the user can’t upload their own signed packages.

      • ms.lane@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        49 minutes ago

        Requiring signed firmware is just a lock to keep poors out.

        It’s Never used for consumers benefit, not once, not ever.