>updooted ALVR from the arch AUR on my desktop a couple of days agohow cooked am i?
>>109045643If it would have been Windows or macOS, you would have to do clean reinstall of UEFI and whole OS, but good thing it was Linux. Now you can just remove the package and everything is good. Open source was basically the best thing here.
>>109045643>tfw metaverse alpha tester
>>109045682isnt current UEFI (barring some unknown zero day or supply chain attack from the manufacturer) fairly safe regardless of OS used? like if you try to update it it checks that the update isnt some bullshit/virus and is actually a legit update from the manufacturer and has a correct hash?
>>109045643what am I looking at? amazon warehouse employee of the month?
>>109045763Microsoft used the same private keys to sign all third-party UEFI binaries. That basically meant that after it was hacked, anybody can sign your motherboard UEFI and install rootkits that can control your whole motherboard even if you reflash UEFI (BIOS). Windows is so trash that even as a Palantir tier spyware for cuck slaves, it is WORST quality trash. The fact that /g/ even allows anons to post from Windows or macOS machine is INSANE. This low iq sheep cattle should be locked out of the /g/.
>>109045880doesnt every manufacturer have their own firmware update keys? how is microshit related to this they dont make motherboards
>>109045763It's bypassable, kind of like how old consoles can be jailbroken, I used a known vulnerability to flash coreboot on my stinkpad just the other day
>>109045846You can see they are adjusting his make-up. My educated would be they are recording some dystopian sci-fi short video, where guy wants to become a bird.
>>109045941i thought you needed a flash programmer board + clip and another computer to switch out firmwares. how does this vulnerability work? if your OS was compromised could they use it to to replace your firmware or would that require physical access to the laptop
>>109045954you're an observant one
>>109045988>i thought you needed a flash programmer boardYou usually do, unless you are exploiting a known vulnerability, that's the whole point>how does this vulnerability work?https://doc.coreboot.org/mainboard/lenovo/ivb_internal_flashing.html>if your OS was compromised could they use it to to replace your firmwareYeah
>>109045991Thank you!
>>109046014>October 3, 2019so this only applies if your dont update your firmware ever as i said current UEFI is fairly secure
>>109046036That's a generalization, whether or not your firmware is safe depends entirely on the manufacturer and whether they even feel like patching it or not, lenovo just happens to be okay at doing so (but you can still do it by just downgrading the bios which there are no checks against)Not only that, if you bought your laptop second-hand you have no idea what the previous owners have done to it in its lifetime.
>>109045921That is the whole point. Microsoft overrides the keys with their own private keys that are same on all motherboards even though they should be unique. You can fix your motherboard by installing Artix Linux.
>>109046130this doesnt make sensemicrosoft cant hack mb manufacturers unless they manage to steal their private keys and if they did that they'd be sued into oblivionunless you're running s microsoft surface laptop they dont know what your firmware's keys are
>>109045846This.
>>109046197It's not a hack, it's literally a factory default. Motherboard manufacturers (OEMs) pre-install Microsoft's public keys into the UEFI firmware at the factory so the board can boot Windows out of the box via Microsoft's unsecure wrongly implemented private keys included in the motherboard. Microsoft doesn't need to steal private keys; OEMs willingly add Microsoft's public keys to the allowed signature database ("db"). They use it to manage the Key Exchange Keys, which update the signature database ("db"). Microsoft's public keys are simply added to the "db" so that signed bootloaders (Windows) are allowed to run. When you install Linux, you can wipe Microsoft's keys and enroll your own, or use a bootloader already signed by Microsoft's unsecure TRASH keys that are generated WRONG by MICROSOFT.
>>109045846amazon wagecage was too expensive so they replaced it with a remote vr rig for third worlders to train AIwhat you're seeing it the initial testing
>>109046266are you talking about secureboot? im talking about the firmware update keysas for secureboot you literally can put or delete whatever you want there you make the keys you want to use you dont have to have any microshit key installed
>>109046280ONLY USE LINUX.The private keys used to sign motherboard firmware updates are owned and controlled partly by Microsoft and mainly by the OEM. Microsoft does possess these private keys and can push firmware updates. Microsoft's keys are pre-installed by OEMs for convenience. Motherboard firmware can absolutely be compromised through the update process. Modern systems use UEFI Capsule Updates, where Windows (or OEM software) downloads a firmware payload and passes it to the UEFI to be flashed upon reboot.If you suspect that spyware Windows or macTroon is in your system, software cannot clean it. You must use a hardware SPI flasher to physically clip onto the BIOS chip on the motherboard and overwrite it with a clean firmware dump and install Linux immediately.ONLY USE LINUX.
>>109046628how would using linux help if you're saying uefi is backdoored by microshit
>>109046648You can flash your own keys. If you install Windows, Windows replaces those with their own keys. How difficult this is to understand for you? Holy shit you are brain damaged.
>>109046689the OS cant just put secureboot keys into your firmware on it's oen bro thats not how it works. you have to go into UEFI settings and put keys in yourself from a drive or you use setup mode to register your os.and no i dont think microshit has firmware keys of OEMs so they can hack firmware of motherboards i think microshit's firmware update system is probably just a copy of fwupd.you're acting like microsoft is some elite hacker group that has it's fingers in every pot in reality its a huge corporation that's vary cautious about such things because they'd get nuked off the face of the planet in lawsuits if they did what you suggest
>>109046776>has no idea how anything works>Reddit spacing>retardMakes sense.
>>109046856what the fuck is reddit spacing what does reddit have to do with uefi retard
>>109046873First time here, I see. Fuck off zoomer.
>>109047084you dont know what you're talking about retard
>>109047096you're saying that about yourself
>>109047458im saying that about you
>>109047464yeah you exactly
>>109047549you
>>109045682>Now you can just remove the package and everything is good.
>>109047096You're being rage baited by a llm
>>109049734nah
>>109045763Nah
>>109045643>cookedall zoomers must die
>>109045643I checked my shit and I don't see anything with ALVR or any of the infected packages hopefully. I did a search but who tf even knows. Should probably reinstall.
>>109046776https://wiki.gentoo.org/wiki/Secure_BootYou are wrong anon, you can set your own it's the same thing microjeets do. How can you be so stupid, yet so confident?
>>109050656
>>109045846>>109046247https://www.youtube.com/watch?v=uuTZwod_EKI
