For many of us firmware blobs necessary for hardware to function are a fact of life. Matthew Garret outlines a reasoning matrix for deciding whether updating these blobs makes sense from a security standpoint. Would be good to integrate this in our security guide.
3 Likes
I like it, I didn’t dissect every point but from a quick read-through I pretty much agree with everything from an in-general standpoint.
One thing to add specifically in the context of Whonix, updating blobs is almost certainly superior to not updating blobs for Whonix users, because we rely on virtualization to provide strong security boundaries. Similar to Qubes, if the hypervisor is broken, all our security and anonymity guarantees go straight out the window. (This is also arguably a good reason to prefer Intel over AMD, because Intel provides microcode updates for consumer CPUs that do not require full firmware updates, while AMD requires system firmware updates to update microcode except on some workstation and (all?) server CPUs. That makes it a whole lot harder to get microcode updates.
2 Likes
Related:
1 Like