All Linux distros using fwupd package open web server on 0.0.0.0:27500 without any explicit user consent

From Meanwhile in Arch land (possibly other distros as well), the fwupd package (whic... | Hacker News

The package also have been silently configured to use passim which depends on GnuTLS that is known to have many security holes.

My brace removes this for over a month now.

It also does many other nice things, please try it: GitHub - divestedcg/Brace: Toolkit compatible with multiple Linux distros that allows for installation of handpicked applications, along with corresponding configs that have been tuned for reasonable privacy and security.

3 Likes