-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 My understanding of the microcode binary blobs is that they provide updates to your processor / BIOS that usually have no free alternative. So basically, your BIOS is probably already non-free and you might as well have the latest version... so yes, installing the firmware-linux-nonfree package is probably wise.
This page has a little more information on what microcode is and why these binary blobs are unfortunately often necessary: https://wiki.archlinux.org/index.php/Microcode Someone with more specific knowledge should feel free to chime in here as I am not an expert on this subject. Cheers, On 09/12/2013 04:42 PM, adrelanos wrote: > adrelanos: >> How secure is a Debian installation packages installed only from >> main, none from contrib or non-free? >> >> It will lack for example the firmware-linux-nonfree package and >> the intel-microcode / amd-microcode package. At least the >> microcode one is security relevant? Are there any other packages >> which might be important to have installed for security reasons? >> >> I mean, how secure is it in comparison with those packages >> installed vs not having them installed? >> >> > > I apologize, I didn't want to start a discussion of Open Source vs > closed source. (Feel free to have it, I am delighted to read your > thoughts on it, but I'd be also happy about an answer to the > question I meant to ask but failed to properly state.) Sorry for > not asking clear in the first place. > > To rephrase my original question: > > How vulnerable is Debian installation without intel-microcode / > amd-microcode package? > > Are there other contrib and/or non-free packages, similar to the > microcode package, which make the system vulnerable, if not > installed? > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJSMlooAAoJEGe6xJ1FYRpRi4kH/1FR0n9PB7Sg69Kzw17yDxgB UiO1P8QzWkNq8oT+lnFf+nZjz/4AxelpiQK6qG5H2tPyUAu9/21F7z7p15KGSTxJ Sn2fhtCSOfWp8XEqUdCr3/H7TYvhHy0NGUSSyO0yWUKsJeqq+PXmhhuGLG52OZJB BK5lqnKugSiPQygz9J4fL5+U1aSAsbLZ/dhwU3TR29s9G+TQ7qSCqqu85GiAyVNS 0dH+/5FLSZkjGDwa1M430Z9SM6fJTzZKW7X9AvfeaKV4gdIHVkh1tZCmjH3aDABR 2DtZLEhRpC2cKsIbYC+VM5GJwuUpMQWX8aiYpZPn1KT96Gq8cQUJ3OYJMjHXB+o= =xeKz -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
