Skip to content

Instantly share code, notes, and snippets.

@hchasens
Last active October 8, 2024 22:12
Show Gist options
  • Save hchasens/d20dff418f6908dc96e65f4e43a058f1 to your computer and use it in GitHub Desktop.
Save hchasens/d20dff418f6908dc96e65f4e43a058f1 to your computer and use it in GitHub Desktop.
FydeOS showing CVE-2024-25825
https://fydeos.io/help/faq/
CVE-2024-25825
Section: Is FydeOS secure?
Absolutely.
FydeOS is engineered with security as a priority, making it a reliable choice for your daily computing needs. Unlike traditional Windows PCs, FydeOS eliminates the necessity for anti-virus software or frequent malware scans, offering a seamless and worry-free experience.
However, it’s important to understand the security landscape of FydeOS, particularly in relation to its versions.
Prior to FydeOS v18 (Prosperous Aftermath), FydeOS was distributed with “developer mode” enabled by default, a nod to its developmental heritage. This mode granted users immediate access to advanced developer features, including bash-shell with admin rights, root filesystem access upon request, and secure shell access post-configuration. Whilst beneficial for experienced users capable of leveraging these features, the default activation of developer mode posed potential security risks. For instance, inadvertent command inputs or the compromise of physical devices could inadvertently jeopardise data security.
To learn more about the “developer mode”, read this.
In response to these considerations and aiming to replicate the secure, enclosed environment that ChromiumOS was envisioned to provide, FydeOS v18 and subsequent releases have altered their distribution approach. Now, “developer mode” is not activated by default. This change significantly reduces the risk of unintended system modifications. However, users who understand and accept the associated risks still have the option to enable “developer mode” manually. This strategic adjustment enhances security for a broader user base, especially in environments where devices are managed or controlled, whilst still permitting flexibility for those who prefer a more open and customisable system.
In conclusion, FydeOS is inherently secure and has been further fortified in recent versions. Users are empowered with the flexibility to tailor their security settings according to their preferences and expertise level.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment