this post was submitted on 18 Jan 2024
15 points (89.5% liked)

Linux

48323 readers
1194 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Thinking of buying a second hand Elite Desk small factor to throw Linux on. I'm worried about the HP firmware-bios thingy. Does it call home? Can I disable calling home somehow? Can it have access to my hard drive info ?

all 11 comments
sorted by: hot top controversial new old
[–] [email protected] 5 points 10 months ago

The UEFI firmware shouldn't connect to the internet at all. You can't rule it out entirely, but the threat is pretty small. Theoretically, it can access your hard drives, but again, it's very unlikely that your BIOS will exfiltrate your data and send it somewhere. If you want to be sure, use LUKS for full disk encryption.

[–] [email protected] 4 points 10 months ago

We use HP EliteBooks and EliteDesks extensively at work. I even used to set them up in my old job, and as far as I'm aware, it doesn't connect to the Internet or "phone home" by default (although that could've changed in recent models). In any case, one of the nice things about the HP BIOSes is that it's very configurable - you can disable the automatic BIOS update checks, network adapter etc. I forget if there was an option to just disable the network stack, but what you could do is configure the UEFI network settings so that they're invalid - ie, set it to a random static IP + random DNS etc (eg: 0.0.0.0) so that it can't connect even if it tried.

[–] [email protected] 2 points 10 months ago* (last edited 10 months ago)

Those machines are very, very good to run Linux. Stable, everything is supported out of the most, very reliable. About calling home, they don't, however some models, like most machines, have Intel ME baked into the CPU and that can be remotely accessed. The good thing is that you can disable the Intel ME features on the UEFI and there's a toggle to completely disable the network card before an OS is loaded.

[–] [email protected] 2 points 10 months ago

This sounds like a privacy concern. Maybe one of the privacy communities will have a better answer.

You're worried that the bios will ping hp and hand over info, is this something that you have info on?

[–] [email protected] 2 points 10 months ago

I’m worried about the HP firmware-bios thingy. Does it call home?

It's for these kinds of reasons we should be demanding open source firmware from major vendors or only buying hardware from vendors that already have open source firmware (System 76, Tuxedo, etc).

[–] [email protected] 1 points 10 months ago (1 children)

I've no idea what you're referring to aside from maybe the Intel ME, but there may be a way to flash coreboot on it.

[–] [email protected] 1 points 10 months ago* (last edited 10 months ago)

When any pc starts, isn't there the boot up menu etc? I'm referring to that. In that menus there are options of remote access or firmware updates etc apart of course the usual setup options like in what turn the boots take place eg HDD, network, dvdrom , USB and others like time, date etc.

Intel ME is one concern yes but I doubt I can flash corevoot on this machine as it is almost 2 years old.

[–] [email protected] 1 points 10 months ago

Depends on the model. While some offer bios updates over ip, not all do. That would really be the only thing talking out.