12-07-2019, 10:35 PM
@CuriousTommy ,
I just performed a cursory review of the lvfs website. What I did not learn in that review is specifically how lvfs secures the firmware from receipt, to storage, and then to dissemination. In other words, how can the end user be reasonably assured that the firmware being used to update a device is in fact from the vendor and not malware? This question assumes the vendor is not publishing malicious firmware as Asus did in the past.
Can you elaborate on that? In my experience stupidly easy is not always better.
I just performed a cursory review of the lvfs website. What I did not learn in that review is specifically how lvfs secures the firmware from receipt, to storage, and then to dissemination. In other words, how can the end user be reasonably assured that the firmware being used to update a device is in fact from the vendor and not malware? This question assumes the vendor is not publishing malicious firmware as Asus did in the past.
Can you elaborate on that? In my experience stupidly easy is not always better.