• Anivia@feddit.org
      link
      fedilink
      Deutsch
      arrow-up
      12
      arrow-down
      1
      ·
      2 months ago

      Just plug it into an air gapped machine with a Linux live environment

        • Robust Mirror
          link
          fedilink
          arrow-up
          8
          arrow-down
          4
          ·
          2 months ago

          Average person? Probably not many. But it’s also not some expensive, rare, hard to have thing. I have several raspberry pi’s that could easily serve the purpose by just not connecting a new image to a network.

          • brunchyvirus@fedia.io
            link
            fedilink
            arrow-up
            4
            ·
            2 months ago

            Yeah the cheapest way, too bad the rpi 4/5 and future versions make it possible to write to the eeprom. Atleast it sounds like the newer ones have a way to make it write protected via a jumper or something.

            • Robust Mirror
              link
              fedilink
              arrow-up
              9
              ·
              2 months ago

              Sure, but I mean the chances of someone creating a virus specifically to run when plugged into a pi running pi OS or other Linux os with the purpose of attacking the eeprom, delivered by dropping usb sticks in public is so ridiculously small it has to be functionally non existent.

                • Robust Mirror
                  link
                  fedilink
                  arrow-up
                  6
                  ·
                  2 months ago

                  True, you could probably solve that by breaking the casing off first if you’re insistent on trying it. They don’t look like a normal usb stick on the inside. Also I’d imagine it isn’t really feasible to just go dropping them around but maybe you can get them cheap enough somewhere.

              • sugar_in_your_tea@sh.itjust.works
                link
                fedilink
                arrow-up
                2
                ·
                2 months ago

                I’d honestly just run it on my Linux laptop with the network disabled. It’s old, so if it gets wrecked, I’m really not out much. And the risk of someone bothering to target Linux is incredibly small, so I’m comfortable with the risk.