I suspect that CVE inflation has poisoned the minds of many developers.
A db driver may have an issue with unsanitized user input when run against SQLite, but you only use it with oracle and sanitize input anyway, but that shows up as a 9.1 critical deployment blocker for corporate employees.
Unexploitable CVEs with inflated ratings make using any open source software a pain in the butt at BigCo.
Installing Valetudo stops any firmeware updates forever from the OEM. [1]
I wouldn't consider it a hack. It's an alternative way to run your vacuum, with yes potentially less features if the OEM makes a lot of future updates, but Valetudo also comes with their own set of updates.
Unless you happen to live in a jurisdiction that care more about users than companies, like the EU. The manufacturer would have to prove that the new custom firmware is actually the cause of the damage, otherwise they need to fulfill the warranty guarantee regardless of what firmware you run.
> Good luck proving that changing the firmware is not voiding a warranty.
You're thinking about it the wrong way around. The manufacturer has to prove that the custom firmware is the reason it broke, you don't have to prove anything. Username not accurate.
A music CD installing a stealthed persistent kernel-level rootkit on your Windows PC would also be ridiculous, yet that's exactly what Sony BMG's rootkit in 2005 did. And guess how it was found?
reply