01-15-2020, 04:40 PM
About the default Debian
The most critical software comes from Pine64
- Linux Kernel is behind: 4.4.207 vs 4.4.210
- Firefox and Chromium come as binary blobs. It's not clear how they were modified. Perhaps check if their versions are behind as well.
Not all Debian software is actively supported, either. /usr/bin/check-support-status from the debian-security-support package lists several package on my machine which don't get security updates.
About the hardware
The two Cortex-A72 "out-of-order execution" cores are vulnerable to Spectre and Meltdown. Due to their simplicity, the 4 Cortex-A53 "in-order execution" cores are neither vulnerable to Spectre nor Meltdown.
You better visit your banker in person
The most critical software comes from Pine64
- Linux Kernel is behind: 4.4.207 vs 4.4.210
- Firefox and Chromium come as binary blobs. It's not clear how they were modified. Perhaps check if their versions are behind as well.
Not all Debian software is actively supported, either. /usr/bin/check-support-status from the debian-security-support package lists several package on my machine which don't get security updates.
About the hardware
The two Cortex-A72 "out-of-order execution" cores are vulnerable to Spectre and Meltdown. Due to their simplicity, the 4 Cortex-A53 "in-order execution" cores are neither vulnerable to Spectre nor Meltdown.
You better visit your banker in person