• NaN@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    19
    ·
    edit-2
    11 months ago

    This is worse than many, since it persists across reinstalls and even potentially drive swaps, and fools systems such as secure boot.

    • wmassingham@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      11 months ago

      If it’s only on the ESP, it won’t persist across reinstalls, and definitely not drive swaps.

      But I do see mentions of attacking via firmware capsule. If that works, then yes, that will persist.

      • NaN@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        ESP is usually not cleared on a reinstall unless somebody takes the extra step to do so. Since each OS has its own directory within the ESP their installers don’t push it. I was mostly referring to modification in firmware though.