Chewy@discuss.tchncs.de to Linux@lemmy.ml · 11 months agoJust about every Windows and Linux device vulnerable to new LogoFAIL firmware attackarstechnica.comexternal-linkmessage-square103fedilinkarrow-up1368arrow-down114cross-posted to: technology@lemmy.worldhackernews@derp.foo
arrow-up1354arrow-down1external-linkJust about every Windows and Linux device vulnerable to new LogoFAIL firmware attackarstechnica.comChewy@discuss.tchncs.de to Linux@lemmy.ml · 11 months agomessage-square103fedilinkcross-posted to: technology@lemmy.worldhackernews@derp.foo
minus-squarewmassingham@lemmy.worldlinkfedilinkarrow-up3·11 months agoIf it’s only on the ESP, it won’t persist across reinstalls, and definitely not drive swaps. But I do see mentions of attacking via firmware capsule. If that works, then yes, that will persist.
minus-squareNaN@lemmy.sdf.orglinkfedilinkEnglisharrow-up3·11 months agoESP is usually not cleared on a reinstall unless somebody takes the extra step to do so. Since each OS has its own directory within the ESP their installers don’t push it. I was mostly referring to modification in firmware though.
If it’s only on the ESP, it won’t persist across reinstalls, and definitely not drive swaps.
But I do see mentions of attacking via firmware capsule. If that works, then yes, that will persist.
ESP is usually not cleared on a reinstall unless somebody takes the extra step to do so. Since each OS has its own directory within the ESP their installers don’t push it. I was mostly referring to modification in firmware though.