[nubinetwork]

I looked into fwupd once... it sounds nice to be able to update through a central service, but then it devolved into a rabbit hole of turning on all the privacy bugs I had previously disabled on my laptop. Why any of that is part of a firmware updater, I don't know.

[hughsient]

> it devolved into a rabbit hole of turning on all the privacy bugs

What does that mean? We've got a very comprehensive privacy policy... https://lvfs.readthedocs.io/en/latest/privacy.html

[nubinetwork]

I mean all of this junk (not my screenshot - my laptop is much worse) https://blogs.gnome.org/hughsie/files/2020/10/Screenshot-fro...

[hughsient]

You're going to have to be more specific on why a failing HSI attribute contributes to the undoing of your privacy? You're aware the security attributes are each based on mitigating actual real-world attacks, right?

[nubinetwork]

You're aware that ME itself is considered a security hole, and that a lot of people disabled it, right? Not to mention, most of the hsi2 and 3 stuff need ME as a dependency?

Edit: again, why is this any part of a firmware updater?

Edit2: this doesn't even get into unsigned kernels, out of tree modules, and unencrypted swaps (or at least not encrypted in the special way fwupd wants them to be)

[nubinetwork]

I feel I must apologize, but my first experience with fwupd was switching from MATE to KDE, opening kinfocenter and seeing all of this... While some of this is a KDE problem, I don't even see a place to update said firmware without using the CLI.