TP-link is reportedly being investigated over national security concerns linked to vulnerabilities in its very popular routers.

  • sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    1
    ·
    4 days ago

    Signed firmware doesn’t cost anything, so I’m not sure what you mean by “keep the poors out.” Signed firmware has a very valid use case for preventing supply chain attacks. The only time I have an issue with it if there’s no way to make your own signed package or bypass the requirement.

    • ms.lane@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      3 days ago

      It costs the ability to flash your own firmware.

      The only time I have an issue with it if there’s no way to make your own signed package or bypass the requirement.

      That’s 100% of all signed firmware implementations.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 days ago

        These checks are usually at the application level, so flashing via telnet/SSH still works. It’s generally not like TPM where the boot will be blocked if the signature doesn’t match, and in many cases, systems with those protections have a way to set your own keys (e.g. like with GrapheneOS on Pixel phones).