On 5/14/19 3:17 PM, Patrick Georgi via coreboot wrote:
On 5/14/19 Chris Laprise wrote:
There are also several (apparently out-of-tree) patches referenced on
the G505s howto:
http://dangerousprototypes.com/docs/Lenovo_G505S_hacking
I'll have to get signatures or similar type of verification for these as
well. Any help in this regard would be appreciated.
I can understand the value in having releases signed as they are
somewhat officially attached to a project.
But for random patches your best bet will be to analyze their content,
not their origin.
I might put firmware code analysis on my bucket list for the next life,
if I convert to Buddhism. :)
When I look at review.coreboot.org and the patches have logged commits
(ostensibly, these are at least hashed) and I see "Patrick Georgi" as
reviewer... there is no assurance of fidelity from those records?
--
Chris Laprise, [email protected]
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
_______________________________________________
coreboot mailing list -- [email protected]
To unsubscribe send an email to [email protected]
