I assume that this is the case, but I was seeking an explicit answer to make sure. Do thin clients verify the firmware package via checksum or hash before actually starting the firmware update?
Short answer: yes. A broken download will result in a error message!
What if the download is not exactly broken, but not identical to the firmware file specified in the U.M.S.? Does the thin client do anything to verify that the firmware file(s) is indeed valid? Does it use hashes or checksums to verify that they are valid and downloaded correctly?
We use own partitioning system, partitions are compressed, thus data is obfuscated.
In addition, Checksums of IGEL partitions avoid loading of modified code
Our Configuration is written to a dedicated and compressed partition
Laden …
FAIL-SAFE FIRMWARE UPDATE
Firmware updates always finish completely
The device always keeps running
The device always stays bootable
Update process without critical phases
Critical updates always processed by two phases
Thank you for the explanation. To clarify, firmware updates are downloaded to a separate partition that is compressed, and, by virtue of being a separate Igel partition, it is verified via checksum? We’re more concerned with malicious modification (such as a man-in-the-middle attack) than with the inherent stability of the update process.
I have a customer project where I have to grab a little bit deeper into this topic, as soon as I have what I need I will share it with you!
Continue reading and comment on the thread ‘Does IGEL OS verify the firmware package via checksum or hash before actually starting the firmware update?’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!