the XZ exploit only triggered on x86_64, so it never had any impact on raspberry pi hardwarein light of the recent XZ backdoor this new update for the root firmware seems uncannily like it may be connected?
the pi5 firmware has to be signed by an unknown key, that raspberry pi trading/limited/foundation is likely keeping under strong lock&keyis there some concerted effort to socially engineer updates through news of a socially engineered update,
there is basically zero chance of malicious firmware existing in the SPI flash at the current time
Statistics: Posted by cleverca22 — Wed Apr 10, 2024 3:33 am