In the light of this new bluetooth issue 2 I’d say that using an updated firmware would improve my security and using the old ROM firmware would be risky.
There’s also a response by Nicole confirming partly that it might be a bad idea to use the old firmware from rom just to not have a closed source firmware on the harddrive:
But this clearly opens up the question of how to handle security updates.
So if i enable this there will be an old closed hardware on my notebook, means it could be possible that they spy on me with the bluetooth code?
Is okay to use a bluetooth dongle from Technoethical & think pinguin? Or could i also use a bluetooth dongle from other companies because they are smaller and ich can let them inside? or is it so risky?
Not ethically question, i’am not richard stallmann only want to know if they can really do shit on my pc with this
No. If you enable the hardware already build into your notebook by using the closed source firmware delivered by the manufacturer, you override the built in firmware at least partly. But the mentioned security problem with older bluetooth firmware is probably sometimes being taken care off by an updated closed source firmware.
The patch Nicole wrote about just uses the rom firmware which won’t be updated any time and probably will contain any bug existing at the manufactaring time.
Short: I prefer to use the closed source firmware from disk over using the closed source firmware from rom of any bluetooth chipset in the ligth of mentioned bug.
If you find a usb bluetooth not containing any firmware in a rom and being used with an open source libre software that would be an improvement and people probably would be glad if you’d mention the hardware here.
Psst: think penguin using the same bluetooth hardware like technoehtic and the router are the same like from GL.iNet. They only want more money and give the things other names haha
Short: If i used this patch script if got closed source bluetooth drivers in my system. Means this can be updated from outside and then maybe they can spy me?
And if i use a bluetooth dongle with stupid firmware they can send data over the bluetooth to a bad company?
the chip is basically a little soc containing a mmu, ram, mcu, some radio hardware, an usb interface and a rom containing the (as far as I could find out) closed source software stack
I didn’t find any information about updating that software stack
If these finding are correct you’ll end up at the same conclusion like before: You have the advantage that it seems unlikely (and maybe is impossible) to tamper with the state of firmware of your bluetooth device and your floss drivers don’t need to take care of all the complicated stuff the firmware loaded from rom does for you.
Once there is an attack vector known for the software version contained in the rom (or for the protocol version the software had been designed for) you can only throw the device away and try to find one with a software stack that in not prone to that attack.
The other option is to use a solution where you’re able to provide the closed source rom software (you have to accept in the above mentioned solution also) from disk.
If an attack vector is found and the producer of this solution offers a new firmware (that you’d have to trust the same way as any firmware mentioned here) you might be able to mitigate the risk of that attack vector.
Furthermore to disassemble and learn about the firmware you’d not have to invest energy in getting it out of that rom beforehand.
Well, you read it between the lines: I tend to the latter option. If you’d fear that someone would use a change of the firmware that is loaded from your (encrypted) disk to break your security you could
ask yourself why not change any other software on your encrypted disk
put the firmware on your boot disk and by doing so make it part of the tampering checks of heads
The solution we all would like to see is that there is an open hardware project that provides a hardware design alongside with the needed floss firmware/drivers combination.
Maybe there already exists somewhere work on this, maybe it is not that simple because of some kind of protection like patents for the bluetooth technology and maybe it is for the same reasons nearly impossible like for building an mobile radio device for the Librem5.
There are opensource BLE stacks (eg mynewt/nimble) for various RF SoCs (eg nRF5) but I don’t recall I’ve ever seen full BDR stack. So full bluetooth is locked thus should be implemented (or contained) in the hardware.