Chewy@discuss.tchncs.de to Linux@lemmy.ml · 1 year agoJust about every Windows and Linux device vulnerable to new LogoFAIL firmware attackarstechnica.comexternal-linkmessage-square72fedilinkarrow-up1344cross-posted to: cybersecurity@lemmy.mlnews@lemmy.linuxuserspace.showtechnology@lemmy.worldhackernews@derp.foohackernews@lemmy.smeargle.fanstechnology@lemmy.zip
arrow-up1344external-linkJust about every Windows and Linux device vulnerable to new LogoFAIL firmware attackarstechnica.comChewy@discuss.tchncs.de to Linux@lemmy.ml · 1 year agomessage-square72fedilinkcross-posted to: cybersecurity@lemmy.mlnews@lemmy.linuxuserspace.showtechnology@lemmy.worldhackernews@derp.foohackernews@lemmy.smeargle.fanstechnology@lemmy.zip
minus-squarewmassingham@lemmy.worldlinkfedilinkarrow-up3·1 year agoIf it’s only on the ESP, it won’t persist across reinstalls, and definitely not drive swaps. But I do see mentions of attacking via firmware capsule. If that works, then yes, that will persist.
minus-squareBitrot@lemmy.sdf.orglinkfedilinkEnglisharrow-up3·1 year agoESP is usually not cleared on a reinstall unless somebody takes the extra step to do so. Since each OS has its own directory within the ESP their installers don’t push it. I was mostly referring to modification in firmware though.
If it’s only on the ESP, it won’t persist across reinstalls, and definitely not drive swaps.
But I do see mentions of attacking via firmware capsule. If that works, then yes, that will persist.
ESP is usually not cleared on a reinstall unless somebody takes the extra step to do so. Since each OS has its own directory within the ESP their installers don’t push it. I was mostly referring to modification in firmware though.