Re: How secure is an installation with with no non-free packages?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
My understanding of the microcode binary blobs is that they provide
updates to your processor / BIOS that usually have no free
alternative. So basically, your BIOS is probably already non-free and
you might as well have the latest version... so yes, installing the
firmware-linux-nonfree package is probably wise.
This page has a little more information on what microcode is and why
these binary blobs are unfortunately often necessary:
https://wiki.archlinux.org/index.php/Microcode
Someone with more specific knowledge should feel free to chime in here
as I am not an expert on this subject.
Cheers,
On 09/12/2013 04:42 PM, adrelanos wrote:
> adrelanos:
>> How secure is a Debian installation packages installed only from
>> main, none from contrib or non-free?
>>
>> It will lack for example the firmware-linux-nonfree package and
>> the intel-microcode / amd-microcode package. At least the
>> microcode one is security relevant? Are there any other packages
>> which might be important to have installed for security reasons?
>>
>> I mean, how secure is it in comparison with those packages
>> installed vs not having them installed?
>>
>>
>
> I apologize, I didn't want to start a discussion of Open Source vs
> closed source. (Feel free to have it, I am delighted to read your
> thoughts on it, but I'd be also happy about an answer to the
> question I meant to ask but failed to properly state.) Sorry for
> not asking clear in the first place.
>
> To rephrase my original question:
>
> How vulnerable is Debian installation without intel-microcode /
> amd-microcode package?
>
> Are there other contrib and/or non-free packages, similar to the
> microcode package, which make the system vulnerable, if not
> installed?
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSMlooAAoJEGe6xJ1FYRpRi4kH/1FR0n9PB7Sg69Kzw17yDxgB
UiO1P8QzWkNq8oT+lnFf+nZjz/4AxelpiQK6qG5H2tPyUAu9/21F7z7p15KGSTxJ
Sn2fhtCSOfWp8XEqUdCr3/H7TYvhHy0NGUSSyO0yWUKsJeqq+PXmhhuGLG52OZJB
BK5lqnKugSiPQygz9J4fL5+U1aSAsbLZ/dhwU3TR29s9G+TQ7qSCqqu85GiAyVNS
0dH+/5FLSZkjGDwa1M430Z9SM6fJTzZKW7X9AvfeaKV4gdIHVkh1tZCmjH3aDABR
2DtZLEhRpC2cKsIbYC+VM5GJwuUpMQWX8aiYpZPn1KT96Gq8cQUJ3OYJMjHXB+o=
=xeKz
-----END PGP SIGNATURE-----
Reply to: