You are reading the article Proprietary Firmware Poses A Security Threat, Ubuntu Founder Says updated in March 2024 on the website Moimoishop.com. We hope that the information we have shared is helpful to you. If you find the content interesting and meaningful, please share it with your friends and continue to follow and support us for the latest updates. Suggested April 2024 Proprietary Firmware Poses A Security Threat, Ubuntu Founder Says
Mark Shuttleworth, the founder of the popular Ubuntu Linux distribution, believes proprietary and unverifiable firmware code poses a serious security threat to users and he encourages hardware manufacturers to implement support for their innovations through the Linux kernel instead.
“Your biggest mistake might be to assume that the NSA is the only institution abusing this position of trust—in fact, it’s reasonable to assume that all firmware is a cesspool of insecurity courtesy of incompetence of the worst degree from manufacturers, and competence of the highest degree from a very wide range of such agencies,” he said.
Shuttleworth argues that manufacturers have made a habit of adding support for new functionality through firmware because in the past they were shipping computers with Windows, an operating system they couldn’t change. However, that’s not the case with Linux, and Linux “is almost certainly the platform that matters” in the new world of embedded devices, he said.
The Advanced Configuration and Power Interface (ACPI), a specification that allows operating systems to discover, configure and monitor hardware components, is an example of a design that shouldn’t be replicated in future devices, according to Shuttleworth.
“Arguing for ACPI on your next-generation device is arguing for a trojan horse of monumental proportions to be installed in your living room and in your data centre,” he said. “I’ve been to Troy, there is not much left.”Firmware’s a weak point
Over the years security researchers have found vulnerabilities in the proprietary firmware of many devices, from credit card readers to routers and industrial control systems, and they generally concluded that such software had not been developed with security in mind.
Last week, developers of Replicant, an Android-based operating system, claimed they found a backdoor in Samsung Galaxy devices that resulted from a vulnerability in the proprietary code handling communications between the Android OS and the firmware controlling the modem, also known as the baseband.
“Proprietary firmware can introduce vulnerabilities to an otherwise secure platform,” said Henry Hoggard, a security consultant at London-based security firm MWR InfoSecurity, Tuesday via email. “It is also possible that the firmware can contain backdoors that would give attackers high privileged access to the system.”New features should be added into Linux
Because of that, the Ubuntu founder believes that hardware manufacturers should start adding support for their new features directly into the Linux kernel and should provide only “declarative firmware that describes hardware linkages and dependencies but doesn’t include executable code.”
In theory this would be a good approach, because it would allow the code to be reviewed by a much wider audience and vulnerabilities to be more easily found and fixed, Hoggard said. “It would also give users the peace of mind that there are no malicious components present on their systems.”
However, there are some logistical issues, as vendors might not want to wait for their code to be accepted into the Linux kernel and may find it easier and more manageable to stick with the current model, Hoggard said. Vendors might also have a problem with this approach if it involves exposing their intellectual property, for example any algorithms they have developed in-house, he said.
You're reading Proprietary Firmware Poses A Security Threat, Ubuntu Founder Says
If you’ve ever paid attention to the market share statistics for desktop operating systems you probably know that Linux is most frequently pegged at about one percent.
Functionally this works just fine for users. The problem is that it makes it too easy for software and hardware vendors, makers of device drivers, and critics of all kinds to discount Linux’s importance in the marketplace. That, in turn, makes it less likely that new software will be ported to Linux, for example, or that key drivers will be created for the operating system; in short, it slows Linux’s growth.
What can you do about it? Well, if you use Linux already, you can make it known at DudaLibre, which maintains its “We are more than one percent” Linux counter to prove that the operating system accounts for more than the standard estimates suggest.
Next time you’re in the market for a new machine for your business, however, another way to help prove Linux’s market worth is by buying the distribution you choose preloaded. Not only will it save you the trouble of installing it yourself, but it can also help make sure everything “just works” out of the box, with support for any glitches that may arise.
Perhaps even more important, though, is that since there is a vendor keeping count, your purchase is sure to be included in the next batch of market data.
There are a number of very good vendors that will preload a computer with Ubuntu or other Linux distributions. Here are some of the best Linux-friendly vendors to check out.
Specializing in Ubuntu-powered laptops, desktops and servers, Colorado-based System76 is particularly notable because its success has just recently prompted it to start serving the United Kingdom as well. With a commitment to the ideals of open source software, System76 aims to help make it easy for consumers, businesses, schools and governments to make the transition to the world of open source software through world-class hardware, software and support. System76 ships to the United States, Canada, and the United Kingdom.
California-based ZaReason will install a variety of free and open source operating systems on its laptops, desktops and servers, including not just Ubuntu but several of its derivatives along with Debian and Fedora. International shipping is available.
Based in Atlanta, EmperorLinux has been supplying Linux laptops since 1999 to corporate, government, academic, and individual users. Customers can choose the hardware, the Linux distribution, and even the partition setup on their machine, which will be ready to use out of the box with full hardware support under Linux. International shipping is available.
Also specializing in laptops, California-based LinuxCertified offers a variety of installation, customization and training services as well, with support for a variety of Linux distributions including Ubuntu, Fedora, and openSUSE. International shipping is available.
Los Alamos Computers
With a long list of high-profile customers, New Mexico-based Los Alamos Computers offers both workstations and laptops with the customer’s Linux distribution of choice preinstalled, though it recommends Ubuntu, Debian, and gNewSense in particular. International service is available.
Though it has a somewhat mixed history with regard to Linux, it would be remiss not to mention Texas-based Dell, which has been offering Ubuntu preloaded on select machines since 2007. As of this writing, one minitower and one Inspiron laptop are listed on the company’s U.S. site preinstalled with Ubuntu.
Wherever you end up, though, know that your purchase will not only get you a powerful machine loaded with what’s arguably the best operating system on earth; it will also help create some long-overdue realistic market statistics.
Follow Katherine Noyes on Twitter: @Noyesk.
Samsung Galaxy A5 Active Firmware
Galaxy A5 Active Firmware (SM-G870A, AT&T)
Galaxy A5 Active Firmware (SM-G870F)
Galaxy A5 Active Firmware (SM-G870W, Canada)
How to download correct firmware file
This is the important part!
Be sure to check and find the correct the model no. of your Galaxy A5 Active. Then based on your device’s model no., look for the appropriate firmware build from above.
Now that you know the model no., download the latest firmware from above for that model no. exactly.
Next, install the firmware on your Galaxy A5 Active by following the guide linked right below.
How to Install Firmware
First, read our disclaimer, then take backup and then follow the guide below to install the firmware.
Disclaimer: Installing an official firmware through Odin doesn’t void your device’s warranty, but it remains an unofficial process and thus you need to be cautious of it. In any case, you only are responsible for your device. We won’t be liable if any damage occurs to your device and/or its components.
Backup, backup, backup! Create an appropriate backup of contacts, pictures, videos, songs and other important files stored on your device before proceeding with the steps below, so that in case something goes wrong you’ll have a backup of all your important files. Sometimes, firmware installation may delete everything on your device! Like, when you change the CSC of your device, knowingly or not.
Step-by-step Firmware Installation Guide
Let’s see how to install the firmware on your Galaxy A5 Active. Make sure you have more than 30% battery on your device.
Step 1. Make sure you have downloaded the correct firmware file on your PC. See above for how to download correct firmware file for your Galaxy A5 Active and download links.
Step 3. Also, download Odin PC software (latest version).
Step 5. Extract the Odin file. You should get the Odin exe file (other files could be hidden, hence not visible).
Step 6. Disconnect your Galaxy A5 Active from PC if it is connected.
Step 7. Boot into download mode:
Power off your device. Wait for 6-7 seconds after screen goes off.
Press and hold the three buttons Volume down + Home + Power together until you see Warning screen.
Press Volume Up to continue to download mode.
Step 9. Connect your device now using USB cable. Odin should recognize your device. It’s a must. When it recognizes, you will see Added!! message appearing in the Log box in bottom left, and the first box under ID:COM will also show a no. and turn its background blue. Look at the pic below.
You cannot proceed until you get the Added!! message, which confirms that Odin has recognized your device.
If you don’t get Added!! message, you need to install/re-install drivers again, and use the original cable that came with device. Mostly, drivers are the problem (look at step 2 above).
You can try different USB ports on your PC too.
Load the firmware files(s) on your device. This depends on how many files you got in step 4 above upon extracting the firmware .zip file.
Case 1: If you got a single .tar/.tar.md5 file, then load this into AP tab of your Odin software. Then go to next step.
Case 2: If you got more than one .tar/.tar.md5 file, then you must be having files starting with AP, CSC, Home_CSC, BL, CP, etc. stuff. In this case, choose the files as following. Select the firmware files as follows.
About CSC file: Using the HOME_CSC file won’t reset your device, and data on the phone shouldn’t be deleted. However, when we select regular CSC file, and it results in CSC on device being different than that in CSC file, your phone will be formatted automatically. You can even choose to ignore loading the CSC file, that may do alright too. But if it doesn’t works out, repeat the whole process and select CSC file this time around.
Info: When you load files, Odin checks the md5 of firmware file, which takes time. So, simply wait until that’s done and the firmware file is loaded. Don’t worry if Odin gets unresponsive for a while, it’s normal. Binary size will also show up in Odin.
Go back to Log tab now, as it will show the progress of firmware installation when you hit start button in next step.
Wait till installation is finished, after which your device will reboot automatically. You’ll get PASS message as shown below upon successful installation from Odin.
Some errors you may run into, and with respective solution.
If Odin gets stuck at setup connection, then you need to do this all again. Disconnect your device, close Odin, boot device into download mode again, open Odin, and then select the file and flash it again as said above.
If you get FAIL in the top left box, then also you need to flash the file again as stated just above.
That’s it. Let device restart automatically.
You can use the firmware for variety of purposes, which includes:
Fix your Galaxy A5 Active if it’s giving you force closes errors and restarts randomly.
Unbrick your Galaxy A5 Active if it’s bootlooping and stuck at logo when restarting.
Go Back to Stock on your Galaxy A5 Active — helps when looking to sell the device, or fix installing OTA updates if broken.
Restore Galaxy A5 Active to factory state.
Upgrade your Galaxy A5 Active to newer Android version.
Downgrade your Galaxy A5 Active to lower build no. at same Android version.
Unroot your Galaxy A5 Active.
Remove custom recovery like TWRP and CWM, if installed, on your Galaxy A5 Active.
Better known as ‘software for hardware,’ Firmware is a program that comes embedded in a piece of hardware such as a keyboard, hard drive, BIOS, or a video card. It is designed to give permanent instructions to communicate with other devices in a system and perform functions like basic input/output tasks.What is Firmware?
Firmware, like drivers, has the same function but differs in a way that it is stored on the hardware device itself while drivers are installed inside the operating system. Also, firmware can start on its own and do what it is programmed or designed to do while drivers must be run by the operating system.Types of firmware BIOS
The first thing to come to life after the computer is powered on is BIOS. It can interact with the hardware and check for any unknown errors. It then signals another program called bootloader which does the job of waking up the operating system sleeping inside the hard drive and put it in the random access memory. So, BIOS is primarily responsible for handling your computer’s hardware components and ensure that they function properly. Although good, the low-level software has remained almost unchanged for the last two decades, and because of this, it is now becoming outdated and un-supportive of modern technologies. For instance, BIOS still uses 16-bit code while most laptops and PCs run 32 and 64-Bit code.EFI
Knowing your computer’s BIOS version can help you find if you have the most up-to-date version of the firmware. On Windows computers, you can get the firmware version information using the Command Prompt. Alternatively, you can use an upgrade assistant for your device.
Read: Check if your PC uses BIOS or UEFI.Updating Firmware
Firmware updates are available from the hardware manufacturers. For instance, a firmware update for a network router may be released to fix bugs, security holes or enhance its capabilities.
Some firmware updates are applied normally and just seem like a regular software update. However, others can be quite time-consuming as they might involve copying the firmware to a portable drive and then loading it onto the device manually. That said, some devices, feature a dedicated section in the administrative console that lets you apply a firmware update or a user manual for a complete reference.
Read: Fix Firmware update failed in Windows.
It’s extremely important to make sure the device that’s receiving the firmware update does not shut down while the update is being applied. A partial firmware update leaves the firmware corrupted, which can seriously damage how the device works. So, just make sure that once you start a firmware updater, you let the update finish.Benefits and Importance of Firmware Update
Firmware update not only improves the functionality and features of your device but also fixes the performance issues. Moreover, the firmware update also helps a device remain competitive with the newer models in the market.
The firmware updates also contain the latest security patches. When you update your firmware, these latest security patches are automatically applied to your system. These security updates help protect your device from such types of attacks. Hence, a firmware update is important to tackle the increasing firmware attacks.
Read: How to update Router Firmware.Firmware vs. Software difference
Often, the word Firmware and software are used interchangeably, i.e., single or a collection of computer programs assigned with some task to do on the machine. But in reality, it’s the work that defines the roots of these categories (firmware and software) in which we put them.
For example, the software is virtual so it can be Copied, Changed, and Destroyed. It is often stored in memory that is easily accessible and even replaceable by the user. But in the case of firmware, the memory that it stores is often embedded in the device itself and is not replaceable by the user. This is done deliberately to prevent any tampering or removing as it is critical for the device to run and can cause serious consequences if removed.
Read: What are Device Drivers?
Also, software is often upgraded, and so the information stored in it is often modified/altered with each execution of the application. In contrast, the firmware does not really change much unless you modify the settings very often. There is also very little or no requirement to change the firmware of a device.Firmware vs Hardware difference
As explained earlier in this article, Firmware is a program or set of instructions fed into a hardware device. This set of instructions is necessary for the hardware device to function properly. On the other hand, hardware refers to the components of a computer and any other device. Processor, motherboard, RAM, hard disks, sound cards, Network Interface Card (NIC), etc., are some examples of hardware.Is firmware a type of hardware?
Firmware is not a type of hardware. It is completely different from the hardware. Hardware refers to the components of a device, like Integrated Circuit (IC), CPU, GPU, RAM, etc. On the other hand, firmware is a program embedded into a piece of hardware. Firmware contains the set of instructions necessary for performing different tasks by the hardware.What happens if I don’t update my firmware?
Hope this explains what firmware means.
Now read: How to update BIOS.
Technology, for sure has changed the way businesses are run. It has become an omnipresent and inevitable part of business operations, that span a wide range of devices and networks. It has, in a way made it cumbersome to efficiently manage the distributed tasks, requiring external help to sail through the day-to-day logistics all while being able to make strategic decisions. XenonStack is a technology service provider whose services range from designing cloud-native applications to providing big data analytics. It’s AI and data-centric solutions have won many laurels, including awards like Best Product of the Year 2023 by Software Technology Parks of India (STPI). Analytics Insight has engaged in an exclusive interview with Navdeep Gill, Founder & CEO, of XenonStack.What does XenonStack do and how are digital experience platforms like Xenonstack using data-driven decision analytics?
We are a Cloud Native and Data Intelligence Company and provide technology consulting and services that digitize and futurize businesses by leveraging cloud-native and AI to deliver data-centric experiences. Our services include Technology Consulting and Digital Platform Strategy, Assessment and Remediations, Development and Implementation, and Digital Operations (Managed Services, SRE, Observability).
We are an industry-agnostic company and the services we offer can help most sectors scale up and transform digitally. Currently, we have a strong presence in USA and UAE. Our team comprises 120+ employees with an analytic approach while focusing on enterprise agility and security. With Xenonstack, organizations get end-to-end solutions that are driven by data and outcomes. We help develop holistic priorities, underpinned by scorecards and metrics, that cover organizational health, talent, and culture, as well as data quality. Data and analytics are central for any business to reach a set of goals in a world driven by technology. We use Data Analytics as a Catalyst for Innovations, Services, and Product Development.
Making the most out of consumer patterns with Personalized customer experiences and Augmented analytics, we help businesses become more digitally strong, robust, and agile.Give us an insight into how XenonStack is using modern technology in providing its never seen services.
We are a tech-savvy brand that helps companies gain a strong foothold in the digital world. We use Cloud-Native, Cloud Platform Engineering, Data Engineering, IoT, Real-Time Analytics, Computer Vision, and EDGE AI to offer solutions to our clients. We serve Cloud Security and Observability to help make businesses more secure and insulated. We use SRE and Managed Services to help our clients with Metaverse, 5G, Metadata, Composable Data, and Analytics.How is XenonStack enabling CIOs to work towards a tech-services ecosystem for agility and resiliency?
We help CIOs by reinventing technology delivery and aim to Future-proofing the foundation to build a digital, tech-savvy vertical that is immune to or adapts easily to the ever-changing technology.
We create an integrated plan for risk management to insulate the business in case of unforeseen digital threats, leveraging technology to not only augment the business but also create value for the business. The aim is to accelerate digital transformation but to do so in a way that strengthens the bones of the business. We enhance business composability by rendering them with the right mindset, technologies, and set of operating capabilities to innovate and adapt quickly to changing business needs.What are the five challenges in the sector for implementing a digital strategy?
Digital transformation is in its nascent stage. Sprouting majorly after the pandemic, digital transformation is still at the stage of trial and error. Some hurdles need to be overcome before we can transcend into a wholesome digital era. Five of these key challenges are:
ii. Following a security-first approach – With enhanced AI-powered solutions, cybersecurity has become a concern. For most visionaries, having their operations online and depending on AI also increases their apprehension of cybersecurity and the complexity that digital transformation brings with it.
iii. Evolving Customer Needs – The democratization of information and the multiple channels for dissemination of information has made the consumer smart, aware, and demanding. With laptops and smartphones becoming like extended limbs, customer is looking for the best experience they can avail themselves of. As tech solutions grow so does consumer behavior, making it imperative for companies to stay agile, alert, and responsive. This requires reassessing digital strategy periodically to identify gaps and implement solutions.
iv. Lack of IT Resources and Management – Digital transformation requires a skilled and dedicated team. However, with the technologies changing and evolving ever so often, it is getting harder to hire trained personnel. Advanced data analytics, cyber security, and a sound digital strategy required trained personnel to tackle small and big problems at every step.
v. The challenge of agility – Digital transformation tends to be disruptive on account of changing processes in a company. Bifurcating a big process into two and navigating them in short-duration increments help in increased agility and flexibility, aiding transformation. Digital Transformation changes the way businesses operate and interact with their consumers. Integration of AI, technology, and machine learning tools is a complex but necessary process and a cookie-cutter approach is not the way. Without a response-based system in place, companies tend to fail during the initial transformation phase. Agile transformation, therefore, is a key factor that determines the success of digital transformations.Why is account-based marketing important for SaaS-based startups?
Account-based marketing makes sure that the brand language and your connection with the consumer are personalized and targeted. It helps you define your business coherently for your customer and sets you apart from your competition. Besides this, driving a broad brand name could be expensive. Account-based marketing enhances targeted ABM and high-quality nurture. It helps in shortening the sales cycle and synergizes the sales and marketing efforts.
Do you have an old smartphone or tablet that’s just lying around the house with no purpose? As long as it has a functioning camera, you can turn it into a home security camera. This is perfect for monitoring the inside of your home, office, garage or any other building.What you’ll need
To create your home security system, you’ll need the following:
A Camera. For the best results, I’d recommend using an old smartphone or tablet that you can set up as a dedicated security camera.
A Viewer. This is the device where you’ll monitor the feed from your security camera. For the best results, use the smartphone you are actively using.Installing the Alfred Home Security Camera mobile app
To start, install the Alfred app on your old smartphone or tablet. Alfred is cross-platform, so you can install it on any compatible Android or iOS device:
1. Install the Alfred mobile app (available for Android and iOS) on the device you want to use as your camera.
2. Launch the Alfred application. You’ll be prompted to create an account, so tap “Sign Up” and follow the onscreen instructions.
3. Once you’re logged into your account, tap the “Viewer/Camera” item in the toolbar and select “Camera.”
4. When prompted to set up this device as a camera, tap “OK.”
5. Alfred will now request permission to record video and take pictures and permission to record audio. If you’re okay with these requests, tap “Allow.”
Congratulations, your old, unwanted smartphone or tablet is now a fully-functioning security camera!How to set up your security camera
You can now position your old device so that it’s pointing at the area you want to monitor. This step can take some trial and error, imagination, and potentially also some duct tape or other fixtures!
To get the best results, you should generally:
Place your camera device around one to two meters away from the object(s) you want to monitor.
Avoid pointing your device at reflective surfaces, such as windows and mirrors, as this can result in false motion detection alerts and may also interfere with the picture quality.
Avoid pointing your camera at moving objects such as fans or objects that show movement such as TV and laptop screens.
Once your device is in position, you should avoid pressing the “Power” or “Home” buttons, as this may put the device into sleep mode or close the Alfred app entirely. Instead, allow the screen to dim and then turn off naturally.Monitor your home from any location
Next, install Alfred on the smartphone or tablet you’re using as your Viewer:
1. Install and launch the Alfred mobile app on your Viewer device.
2. Log into your Alfred account. Make sure it’s the same account you’re using on your Camera device!
3. Alfred will now request various permissions; grant these permissions to proceed to the next screen.
4. Tap the item in the Alfred menu bar and then select “Viewer.”
Once Alfred detects more than one device using the same account, it should link those devices automatically. Whenever you want to view the live feed from your Camera, simply launch the Alfred app on your Viewer, and the feed should appear automatically.Add motion detection to your home security system
By enabling Alfred’s motion detection, you’ll receive a push notification on your Viewer every time movement is detected:
1. Launch the Alfred app on the device you’re using as your Viewer.
2. Find the camera where you want to set up motion detection.
3. In the upper-left corner of the Camera feed, tap the little cog icon.
4. Find the “Motion Detection” slider and push it into the “On” position.
5. While you’re in the Settings, you may also want to change the sensitivity of the motion detection by tapping “Sensitivity” and then choosing from the available options: “High,” “Medium” or “Low.”
Now every time movement is detected, you’ll receive a push notification on the smartphone or tablet you’re using as your Viewer. You can then launch the Alfred app and see exactly what’s happening in real time.Accessing and storing Alfred’s security videos
Whenever it detects motion, Alfred will automatically record everything that’s happening and upload the clip to the cloud for safekeeping.
To review all of Alfred’s recordings:
1. On your Viewer, launch the Alfred application.
3. You’ll now be taken to Alfred’s “Events Book.” To play any clip from your “Events Book,” give it a tap. If you want to save a clip, then tap the dotted icon in the clip’s upper-right corner and select “Save to Moments.” Alternatively, you can delete a clip by tapping the “Trash” icon.Access your security camera from any Internet-enabled device
Don’t have your Viewer at hand? You can drop in on your security feed from any web browser.
1. Head over to the Alfred website and sign in to your account.
2. Select the “Camera” tab.
3. Select the camera that you want to view.
4. You can now view this feed on your laptop or computer.
If you have an old smartphone around, we have shown you a way to repurpose it and use it as a security camera. You can also use it as a dashcam or a smart speaker. If that is not enough, find out more ways to reuse your old Android phone.
Jessica Thornsby is a technical writer based in Derbyshire, UK. When she isn’t obsessing over all things tech, she enjoys researching her family tree, and spending far too much time with her house rabbits.
Subscribe to our newsletter!
Our latest tutorials delivered straight to your inbox
Sign up for all newsletters.
Update the detailed information about Proprietary Firmware Poses A Security Threat, Ubuntu Founder Says on the Moimoishop.com website. We hope the article's content will meet your needs, and we will regularly update the information to provide you with the fastest and most accurate information. Have a great day!