Similarly, they seem to have choosen the Wifi and Bluetooth chips as well because they have no downloadable firmware, and the isolation for the baseband probably ensures the same there: https://puri.sm/posts/librem5-2018-09-hardware-report/
If those would have meaningful updates is a good question, and clearly it only applies to some of the firmware, but I suspect that's what the exagerated original claim is based on.
Is there any way to mitigate this if one wants to keep Wifi and Bluetooth?
I guess if one really wanted to be pure then, they could just keep the second (of three, see below) hardware switches off, and even possibly de-solder a connection, to ensure they aren't accidently flipped on.
Hardware Switches:
- cameras and microphone
- WiFi and Bluetooth
- cellular baseband
(When all three switches are off, power is also killed to sensors a la "Lockdown Mode")
Purism can't guarantee someone won't try to flash that firmware. so the best solution they came up with was to create a parallel chip to store the firmware they have vetted to be safe and to overwrite the modem or wifi firmware with their version of the binaries anytime a change to the other firmware is pushed through
Similarly, they seem to have choosen the Wifi and Bluetooth chips as well because they have no downloadable firmware, and the isolation for the baseband probably ensures the same there: https://puri.sm/posts/librem5-2018-09-hardware-report/
If those would have meaningful updates is a good question, and clearly it only applies to some of the firmware, but I suspect that's what the exagerated original claim is based on.