10-08-2022, 06:10 PM
(10-08-2022, 12:37 PM)KC9UDX Wrote:(10-08-2022, 10:57 AM)omarcomputing Wrote: If someone can get physical access to your pinebook (and reverse engineer the firmware or buy it from the manufacturer), they could upload a modified keyboard firmware that includes a key logger.
I use tamper evident stickers over some of the screw holes and over the SD card slot to prevent this.
Or they could modify your operating system to do whatever.
If they can, you can.
You already can alter the keyboard firmware. You can turn off the Wi-Fi. Mine is turned off; I use a USB WiFi dongle.
I realize that but the idea for this thread is to show support for an easy to remove WiFi module.
In a root encrypted file system you cannot modify the OS without knowing the encryption key but you can change the unencrypted boot loader with a malicious one. If the keyboard / touchpad firmware was open source, it along with the unencrypted boot loader can be verified on boot with an external device similar to Librem Key from Purism. I think the best solution to remedy this is to use tamper evident stickers over some of the screw holes and over the SD card slot.
Just because the WiFi chip is "turned off" does not guarantee that it will remain radio silent (unless turning it off removes power to the chip.) Can someone confirm this? The best way to know for sure is to physicaly remove it. You have a closed source keyboard firmware turning off the Wifi so you cannot trust it. A physical switch to turn off the wifi chip (like on the pinephone) would be a better solution or better yet a way to remove the chip entirely. Right now I have the antenna disconnected but I still plan to physically remove the WiFi chip at the risk of destroying the motherboard.