Re: [Tails-dev] Documentation about BIOS and firmware attack…

Supprimer ce message

Répondre à ce message
Auteur: geb
Date:  
À: tails-dev
Sujet: Re: [Tails-dev] Documentation about BIOS and firmware attacks
Hello,

syster via Tails-dev:
> I've just been reading through the new /doc/about/warnings/.
>
> It includes "No operating system can protect against BIOS and firmware
> attacks" and explains why that is, followed by a suggestion how to
> reduce that issue.
>
> What I'm missing is a hint to use Libre/Coreboot as an option to prevent
> some of such attacks. (at least that is my assumption)
>
> https://tails.boum.org/doc/about/warnings/


I am not sure how relevant it would be here : libreboot/coreboot
computers is mostly a niche market, in general and especially if you
consider the few models that can run 100% without firmware.

Being a nice market, it is costly, hard to setup, and hard to find,
especially 100% blob free hardware. I am not sure more than a few
percents of the Tails audience would do the switch.

Therefore I don't think it would qualify as an actionable input/advice,
and so how relevant it would be to add it. Giving unactionable security
advises is a bad practice: If users an unable to do anything based on
it, except noting there are solutions which are not available to them,
it make just them feel less safe, powerless, and thus sad... :/

(I found the page being great regarding this last problem btw: it warns
the users, but immediately after, slow down and either mentions
solutions if actionable ones exist, either remind them there are
unlikely to encounter those attacks in real life, and should not worry
to much (which is nicer, but also true) :-) )