[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How secure is an installation with with no non-free packages?

Hash: SHA1

My understanding of the microcode binary blobs is that they provide
updates to your processor / BIOS that usually have no free
alternative. So basically, your BIOS is probably already non-free and
you might as well have the latest version... so yes, installing the
firmware-linux-nonfree package is probably wise.

This page has a little more information on what microcode is and why
these binary blobs are unfortunately often necessary:

Someone with more specific knowledge should feel free to chime in here
as I am not an expert on this subject.


On 09/12/2013 04:42 PM, adrelanos wrote:
> adrelanos:
>> How secure is a Debian installation packages installed only from
>> main, none from contrib or non-free?
>> It will lack for example the firmware-linux-nonfree package and
>> the intel-microcode / amd-microcode package. At least the
>> microcode one is security relevant? Are there any other packages
>> which might be important to have installed for security reasons?
>> I mean, how secure is it in comparison with those packages
>> installed vs not having them installed?
> I apologize, I didn't want to start a discussion of Open Source vs 
> closed source. (Feel free to have it, I am delighted to read your 
> thoughts on it, but I'd be also happy about an answer to the
> question I meant to ask but failed to properly state.) Sorry for
> not asking clear in the first place.
> To rephrase my original question:
> How vulnerable is Debian installation without intel-microcode / 
> amd-microcode package?
> Are there other contrib and/or non-free packages, similar to the 
> microcode package, which make the system vulnerable, if not
> installed?
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/


Reply to: