Do you want an easy to remove wifi module?
Yes
75.00%
3
No
25.00%
1
4 vote(s)
* You voted for this item. [Show Results]

Suggestion / Warning about closed source wifi and keyboard / touch pad firmware
#1
How can you call pinebook pro "open" when it requires a closed source WiFi firmware? (and closed source keyboard / touch pad firmware)
"ath9k" or "carl9170" would be a good solution because they are open and work on 5GHz.
The TERES by Olimex suffers from this problem too but I was easily able to remove the wifi module on the motherboard with a heat gun and some rosin.
The pinebook pro looks incredibly difficult to remove the wifi chip from the motherboard.
The next generation of pinebook pro should include an open source wifi option or an easy way to remove anything that is not open source.
(No I do not work for Olimex. I just want a better pinebook.)

If someone can get physical access to your pinebook (and reverse engineer the firmware or buy it from the manufacturer), they could upload a modified keyboard firmware that includes a key logger.
I use tamper evident stickers over some of the screw holes and over the SD card slot to prevent this.

Please complete the poll to show support for an easily removable wifi module.
Open source freedom fighting is hard to do without any help.
  Reply
#2
(10-08-2022, 10:57 AM)omarcomputing Wrote: If someone can get physical access to your pinebook (and reverse engineer the firmware or buy it from the manufacturer), they could upload a modified keyboard firmware that includes a key logger.
I use tamper evident stickers over some of the screw holes and over the SD card slot to prevent this.

Or they could modify your operating system to do whatever.

If they can, you can.

You already can alter the keyboard firmware. You can turn off the Wi-Fi. Mine is turned off; I use a USB WiFi dongle.
:wq



[ SRA accepts you ]
  Reply
#3
(10-08-2022, 12:37 PM)KC9UDX Wrote:
(10-08-2022, 10:57 AM)omarcomputing Wrote: If someone can get physical access to your pinebook (and reverse engineer the firmware or buy it from the manufacturer), they could upload a modified keyboard firmware that includes a key logger.
I use tamper evident stickers over some of the screw holes and over the SD card slot to prevent this.

Or they could modify your operating system to do whatever.

If they can, you can. 

You already can alter the keyboard firmware.  You can turn off the Wi-Fi.  Mine is turned off; I use a USB WiFi dongle.

I realize that but the idea for this thread is to show support for an easy to remove WiFi module.

In a root encrypted file system you cannot modify the OS without knowing the encryption key but you can change the unencrypted boot loader with a malicious one. If the keyboard / touchpad firmware was open source, it along with the unencrypted boot loader can be verified on boot with an external device similar to Librem Key from Purism. I think the best solution to remedy this is to use tamper evident stickers over some of the screw holes and over the SD card slot.

Just because the WiFi chip is "turned off" does not guarantee that it will remain radio silent (unless turning it off removes power to the chip.) Can someone confirm this? The best way to know for sure is to physicaly remove it. You have a closed source keyboard firmware turning off the Wifi so you cannot trust it. A physical switch to turn off the wifi chip (like on the pinephone) would be a better solution or better yet a way to remove the chip entirely. Right now I have the antenna disconnected but I still plan to physically remove the WiFi chip at the risk of destroying the motherboard.
  Reply
#4
Turning it off does remove the power. I think you can find the information you seek in the wiki.

It would be a pretty good trick to update your keyboard firmware without your notice. Especially just for the sake of installing a keylogger in the wifi "firmware" that's on your encrypted root device (it would be still much easier to modify the much better documented operating system). If you're that worried, you can permanently remove power to the chip pretty easily. The schematics are available. But that won't stop someone doing the same for whatever alternative interface you use.

The keyboard firmware has been cracked. You can do what you like with it, example source code is available.

I'm tempted to install my USB dongle inside the case of the PBP.
:wq



[ SRA accepts you ]
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  ISO keyboard Pinebook pro for sale tgrauss 3 2,517 11-01-2022, 04:45 AM
Last Post: tgrauss
  Keyboard/Touchpad update SH61F83 IC zaphod80013 4 1,780 09-14-2022, 03:56 AM
Last Post: Carl
  WiFi Signal Strength? B34N 1 546 07-22-2022, 01:35 PM
Last Post: poVoq
  Selling PineBook PRO with ISO Keyboard + NVME firefox-58 27 11,756 04-08-2022, 06:23 AM
Last Post: firefox-58
  Selling PineBook PRO with ANSI Keyboard + NVME woodeen 3 2,022 11-30-2021, 06:38 PM
Last Post: luca22
  wifi hotspot ip address symbol.accounting@gmail.com 1 1,200 11-07-2021, 12:58 AM
Last Post: dukla2000
Bug Wrong FN keys after keyboard FW update j4n3z 2 1,701 10-19-2021, 01:57 AM
Last Post: j4n3z
Information 3rd party keyboard review golbinex 4 2,555 08-17-2021, 06:15 AM
Last Post: boteium
  Trackpad firmware update Luke 263 286,952 07-28-2021, 12:52 PM
Last Post: Luke
  Wifi Troubles IDEFK 17 10,272 05-24-2021, 05:03 AM
Last Post: walterbe

Forum Jump:


Users browsing this thread: 1 Guest(s)