Hot take:

#Firmware should be considered part of the #OS.

I know that I've mentioned it a few times before (and undoubtedly will again), but @hughsie's Linux Vendor Firmware Service and accompanying firmware update tools is an absolutely brilliant project, bringing a really valuable tool to Linux: firmware updates from vendors, available easily within Linux:

https://fwupd.org/

IBM is building up a new #IBM development location in #Waterford #Ireland . The focus of the team will be industrial research related to the low level #Linux kernel and #firmware development for the #ibmz .
This will be a unique opportunity to shape for the Linux #opensource Ecosystem!
Are you interested in developing operating systems and contributing to Open-Source and eager to become part of an worldwide #development community?

https://ibmglobal.avature.net/en_US/careers/JobDetail?jobId=20521

fw_update(8) gains support for arbitrary dmesg files https://www.undeadly.org/cgi?action=article;sid=20250322101139 #openbsd #fw_update #firmware #fwupdate #sysadmin #development #devops #freesoftware #libresoftware #unix #bsd #ux #userfriendly #adminfriendly

Now I finally have a laptop model I can recommend when a customer wants to buy hardware that has to be supplied with an embedded firmware SBOM. Good job Framework!

https://fwupd.org/lvfs/devices/work.frame.Laptop.RyzenAI300.BIOS.firmware

"HP, along with other printer brands, is infamous for issuing firmware updates that brick already-purchased printers that have tried to use third-party ink. In a new form of frustration, HP is now being accused of issuing a firmware update that broke customers’ laser printers—even though the devices are loaded with HP-brand toner.

The firmware update in question is version 20250209, which HP issued on March 4 for its LaserJet MFP M232-M237 models. Per HP, the update includes “security updates,” a “regulatory requirement update,” “general improvements and bug fixes,” and fixes for IPP Everywhere. Looking back to older updates’ fixes and changes, which the new update includes, doesn’t reveal anything out of the ordinary. The older updates mention things like “fixed print quality to ensure borders are not cropped for certain document types,” and “improved firmware update and cartridge rejection experiences.” But there’s no mention of changes to how the printers use or read toner.

However, users have been reporting sudden problems using HP-brand toner in their M232–M237 series printers since their devices updated to 20250209. Users on HP’s support forum say they see Error Code 11 and the hardware’s toner light flashing when trying to print. Some said they’ve cleaned the contacts and reinstalled their toner but still can't print."

https://arstechnica.com/gadgets/2025/03/firmware-update-bricks-hp-printers-makes-them-unable-to-use-hp-cartridges/

We are very proud to show you the new “EMBA v1.5.2 - #SBOM - The next generation” release. So many highlights … check the release notes and give it a try. #Firmware security analysis goes SBOM https://github.com/e-m-b-a/emba/releases/tag/v1.5.2-SBOM-next-generation-EMBA

We are very proud to show you the new “EMBA v1.5.2 - #SBOM - The next generation” release. So many highlights … check the release notes and give it a try. #Firmware security analysis goes SBOM https://github.com/e-m-b-a/emba/releases/tag/v1.5.2-SBOM-next-generation-EMBA

I'm currently looking for people with low level #firmware, #hypervisor and/or #virtio experience. Flexible contract or full time possibility. My DMs are open for CVs, ideally with pointers to #upstream contributions. #getfedihired #fedihire #jobs

The development of @oreboot is very simple #software #engineering #101:
1. look at the vendor code, and rewrite it (in Rust)
2. refactor, simplify, add notes on what you understand

Overall, that yields higher quality #firmware. It gets more comprehensible and easier to read. That is the value we bring.

Upstream U-Boot work is very similar.
Our main advantage is having a clean slate.
The current disadvantage is less shared code and guidelines.

We just merged a bunch of helper utilities.

I think @oreboot is the best #platform initialization #firmware out there.

My latest blog post: VanSpoof - Prototype 2 - Echo Firmware

https://mikecoats.com/van-spoof-prototype-2-firmware-1/

In part 1 and part 2 of building my first VanSpoof prototype, I managed to flash the microcontroller on the PCB with a blinky demo. This time round, let's see about sending and receiving some serial data.

Last week, I managed to trigger a very annoying firmware bug in my Lenovo Carbon X1 5th-gen laptop, which caused it to stop charging or being powered by the line via USB-C.
This is the first time this has happened in the last seven years. I solved it by disabling the battery via the BIOS with the residual charge. Then all started to work again. This appears to be a common and so-bad issue of multiple generations of Thinkpads. Be warned.
#thinkpad #battery #firmware #lenovo

My latest blog post: VanSpoof - Prototype 1 - Firmware

https://mikecoats.com/van-spoof-prototype-1-part-2/

Last time, we built a prototype PCB. This time, let’s take it to blinky!

When buying your #network #connected #devices, make sure that vendors #support matches your #expectations. Devices might be #EoL even thought they are still being sold . #Maintenance is hard - our decade old Turris 1.0 still receives #updates (contrary to the industry standards) and it is not easy . Sometimes you can #reflash the device with your own #firmware to fix the #security issues, so prefer devices from vendor that pushes their #hardware support #upstream. https://vulncheck.com/blog/zyxel-telnet-vulns

#Commandline setup of a #reticulum #radio #rnode , and the required #rnsd #rns #daemon #software, as a #transportnode to forward #lora packets from other rnodes in the #loramesh . These commands can be used over #ssh to set up a #headless computer that powers and runs the rnode (as an "interface") via #usb connection from the computer e.g. #RaspberryPi #raspberrypizero2 . Includes command line #flashing of the rnode #firmware and setting the radio settings for #867mhz

https://www.youtube.com/watch?v=D2sfkqeyQyg

Today, for the first day of the Open Source #Firmware pre-#FOSDEM mini-#hackathon, I ported the DRAM init code for the Kendryte K230D SoC from the vendor's U-Boot to @oreboot.

Can someone please explain to me why requiring authentication and authorization to control Bambu Labs printers is a bad thing? We see SCADA and other industrial devices getting wrecked all of the time for trusting all input and commands.

Is it because the authorization is performed by the Bambu Labs cloud and not on the device?

Are they forbidding or blocking custom firmware that can maintain third-party software support?

Today, we will have TWO #workshops at the #OSFW #38C3 assembly!

16:00 Reversing #Firmware Blobs
(install Ghidra already so we can start right away)

18:00 Getting started with @oreboot
(please already set up rustup for this one)

https://events.ccc.de/congress/2024/hub/en/assembly/osfw/

Yesterday's firmware analysis workshop was well attended and about 15 people had a first look at what's in an image for AMD or Intel. So much more is there to discover!