undefined | Better HN

0 pointscge4y ago0 comments

Attack surface reduction? On a device with unencrypted storage, the root password displayed in the about screens, no verified boot, no password by default (with password protection that amounts to a lock screen), and unprotected USB access to all user files by default? Where there are four exposed pins on the exterior that allow mounting of the root filesystem as USB mass storage regardless of password protection (https://github.com/ddvk/remarkable2-recovery), and the root password is stored in plain text?

0 comments

2 comments · 1 top-level

josephcsible4y ago· 1 in thread

Doesn't everything you listed require physical possession of the device to do anything with, whereas Bluetooth can be exploited just by walking near a malicious device?

tata714y ago

RCEs in your kernel mean verified boot is a baseline desire.

j / k navigate · click thread line to collapse