Open Source Firewalls Need Open Source Firmware: A Coreboot Upgrade Story
A computer security enthusiast and open-source advocate details their journey upgrading their firewall's firmware to Coreboot. Starting with a cheap Chinese firewall running pfSense, they realized the underlying proprietary BIOS presented a significant security vulnerability. Despite reinstalling the OS, the BIOS remained a potential attack vector. The author upgraded to a ProtectLI firewall with pre-installed Coreboot and even successfully flashed a more recent Coreboot version (A12) onto an older appliance originally running A02, significantly improving its security. The author strongly advocates for Coreboot on all firewall appliances for enhanced security, acknowledging the difficulty of installation for less technically proficient users.