• 0 Posts
  • 71 Comments
Joined 1 year ago
cake
Cake day: September 12th, 2023

help-circle






  • Yes. Separate or single disks makes no difference, it writes changes to the efi partition that bios references to boot.

    I don’t know whether fedora is impacted, the article specifies the following as documented impacts

    " The reports indicate that multiple distributions, including Debian, Ubuntu, Linux Mint, Zorin OS, and Puppy Linux, are all affected."

    And I also note that at least 2 arch implementations are impacted in addition to that list (i first saw it on arch forums).

    I would suggest you definitely DON’T assume fedora is unaffected until you check your install, fedora participates in safeboot so given all the article listed distros also do (and arch has a method for it)

    Odds are they’re impacted, M$ has done a scattergun on this, the only ones you can be sure are unaffected are those still bios booting rather than uefi











  • Simless phones can make emergency calls because the towers are configured to accept a request for an emergency call to any device that handshakes sufficiently (in Europe and most of Asia anyway, I assume also true of USA because it does work).

    The phone is able to contact the nearest tower and initiate a call because it scans for the nearest towers in the boot process in order to go to the next step (check sim details and connect to configured provider). In the process of determining available towers it provides the IMEI to each of them.

    If you live in a country where you have to provide ID to buy a handset then this definitely isn’t anonymous, but even if you are in a country that doesnt, all the manufacturers track where every IMEI is shipped, and sku numbers on POS will easily allow determination of exactly when the device was sold. Even if you paid cash there will be CCTV footage of the purchase.

    TL;DR this will work mostly until you make a mistake against corporate tracking but will absolutely not protect you from three-letter-acronyms and law enforcement.

    Consider your threat model carefully before relying on it