Recent content by James888

Thanks for that info but that wasn't what I meant by "what does firmware-linux mean?". From https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git "update DMCUB to v0.0.172.0 for various AMDGPU ASICs fix broken cirrus firmware symlinks Update the microcode files for Adreno...

But is it official or an opinion? Different people in different groups explain things differently, so whom do I trust? I like to see official references (even though not all official references are valid because official references can spread myths too). If you want people to understand you...

Firmware is an electronic industry designation, not an OS one because firmware is hardware which software is downloaded to. It's yet another misnomer, like Linux. Firmware is an IC chip and firmware is the software that gets downloaded to a firmware IC chip. Mx Linux is not Mx Linux-the-kernel...

Beliefs are not facts. The problem with the terminology is that 75% of what they are updating isn't firmware, but drivers -- and they are not the same thing. Only if you know what the threat is, and you can't know what the threat is if the information about it is obfuscated or not documented...

Thank you very much for that reply. It was enough info so that I could more easily find additional info. This is what I have found out so far... From https://landley.net/code/firmware/old/ From https://lwn.net/Articles/748586/ Also there is this from...

That's called obfuscation and because it reduces transparency, it is bad for security. The issue isn't what the definition of firmware is, the issue is exactly what firmware are they modifying/updating? I can tell that you have obviously never had a security clearance or training for it, and...

That is interesting, but scary. It's interesting because they say they are downloading flash into RAM for execution, which makes sense because flash is very slow -- but -- specifically which ROM/flash are they loading into RAM? BIOS would be vulnerable to exploitation if it were loaded into RAM...

Irrelevant because that doesn't answer the question of what does firmware-linux do, and where is it documented what it does?

Yes, we more often than not have no choice but to take measured risks, but that doesn't give us license to ignore the risks, it just means we must ALWAYS ACTIVELY TRY TO MINIMIZE risks, and that is my goal here. I will never stop talking about the risks I am taking when I have updates and I...

In Security clearance classes they teach that "You can never be too paranoid when it comes to security" :oops:. I believe in that philosophy; it's a good philosophy. Security is always something that should be gone over with a very fine-tooth comb and always taken seriously. I don't think this...

Linux is not hardware, it is an OS, so it should have been called "driver-motherboard", except that actually has no specific meaning. That's why I say calling it "firmware-Linux" is a very, very vague description of what it does, and I haven't seen any proof of what it does yet. What things are...

You are also correct. The problem is knowing how to minimize risks or when to recognize when the risk is minimal. "Trust me this is safe" is not one of those ways. Asking the right questions always helps though, hence the reason I tried to ask the right questions. The answer z7vl7abxc gave me...

What's that? All drivers, proprietary or open source, are part of the kernel. On Windows, proprietary drivers cannot be considered a "need" when it is forced upon us by Microsoft. Open source drivers can work just as well on Windows as on Linux, but Microsoft won't allow it, allegedly for...

That is why I know brcm80211 is an IC and Atheros is a product name, both of which belong to the wifi controller built by Qualcomm, which makes both names misnomers. They should have named it "driver-Atheros-wireless" and "driver-Atheros-ethernet". And "Linux" is not the name of my motherboard...

Background: I have a security clearance (inactive for now) and as part of that security clearance, I receive free online security classes and newsletters from the NSA or military, and I pay attention to those classes. So when I see questionable things, it makes me suspicious (and as one my...