Chewy@discuss.tchncs.de to Linux@lemmy.ml · 1 year agoJust about every Windows and Linux device vulnerable to new LogoFAIL firmware attackarstechnica.comexternal-linkmessage-square105fedilinkarrow-up1368arrow-down114cross-posted to: cybersecurity@lemmy.mltechnology@lemmy.world
arrow-up1354arrow-down1external-linkJust about every Windows and Linux device vulnerable to new LogoFAIL firmware attackarstechnica.comChewy@discuss.tchncs.de to Linux@lemmy.ml · 1 year agomessage-square105fedilinkcross-posted to: cybersecurity@lemmy.mltechnology@lemmy.world
minus-squarewmassingham@lemmy.worldlinkfedilinkarrow-up3·1 year agoIf it’s only on the ESP, it won’t persist across reinstalls, and definitely not drive swaps. But I do see mentions of attacking via firmware capsule. If that works, then yes, that will persist.
minus-squareNaN@lemmy.sdf.orglinkfedilinkEnglisharrow-up3·1 year agoESP is usually not cleared on a reinstall unless somebody takes the extra step to do so. Since each OS has its own directory within the ESP their installers don’t push it. I was mostly referring to modification in firmware though.
If it’s only on the ESP, it won’t persist across reinstalls, and definitely not drive swaps.
But I do see mentions of attacking via firmware capsule. If that works, then yes, that will persist.
ESP is usually not cleared on a reinstall unless somebody takes the extra step to do so. Since each OS has its own directory within the ESP their installers don’t push it. I was mostly referring to modification in firmware though.