Technology

60015 readers

2480 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago

MODERATORS

320

US targets TP-Link with a potential ban on the Chinese routers (www.theverge.com)

submitted 2 days ago by avieshek@lemmy.world to c/technology@lemmy.world

116 comments fedilink hide all child comments

TP-link is reportedly being investigated over national security concerns linked to vulnerabilities in its very popular routers.

you are viewing a single comment's thread
view the rest of the comments

[–] sugar_in_your_tea@sh.itjust.works 1 points 1 day ago (1 children)

Signed firmware doesn't cost anything, so I'm not sure what you mean by "keep the poors out." Signed firmware has a very valid use case for preventing supply chain attacks. The only time I have an issue with it if there's no way to make your own signed package or bypass the requirement.

[–] ms_lane@lemmy.world 1 points 15 hours ago (1 children)

It costs the ability to flash your own firmware.

The only time I have an issue with it if there's no way to make your own signed package or bypass the requirement.

That's 100% of all signed firmware implementations.

[–] sugar_in_your_tea@sh.itjust.works 1 points 7 hours ago

These checks are usually at the application level, so flashing via telnet/SSH still works. It's generally not like TPM where the boot will be blocked if the signature doesn't match, and in many cases, systems with those protections have a way to set your own keys (e.g. like with GrapheneOS on Pixel phones).