Freedombox's Ethernet card resistant to soft-bricking?

It’s theoretical, I’m looking to istall/get Freedombox (on BeagleBone or some Olimex board, or maybe Freedombox Pioneer, IOW preferably fully free hardware).

The case is theoretical, because hard data would deanonymize me, but ethercards/routers get soft-bricked, I had a few cases myself.

What protection there is against soft-bricking? I wouldn’t mind going through very careful and lengthy preparation once I build/buy my Freedombox.

I can tell for one thing that good iptables/nftables is way safer than without (see e.g. ).

But there is also the hardware level… How safe will it be at that level?

But if the router is say only http://192.168.x.x (no https), and the provider is less than friendly, to put it very mildly, what protection there is for the ethernet card of the Freedombox --say in Freedombox Pioneer, i.e. Olimex Lime2 board-- against soft-bricking…

Bottom line: can I install/buy a Freedombox and not get soft-bricked pretty soon, in case of, as put (too) mildly above, adverse conditions?

Thanks in advance!

The Olimex’s Lime2 is powered by Allwinner A20 chipset. As far as I know, there is only small piece of software in the Chip known as BROM which is read-only. The Ethernet MAC address are write-once fuses. Rest of the software including the firmware (u-boot) resides on the SD card. If the software gets corrupted or turns malicious, all you need to do is get a new SD card. That way, the hardware is unbrickable.

Or perhaps you are referring to firmware within the Ethernet hardware of A20 chip that I know nothing of.

As for incoming traffic, we have firewalld installed and managed automatically by FreedomBox. It uses nftables as backend.

I do. It’s a complex issue where spears break… However, I hope it could be repairable, by refleshing the firmware, should it happen, and I do count on help on this forum, should it happen, because I very much like the whole concept and implementation of Freedombox, and I will get it…
Thanks for your reply!

It might be worth trying to ask this question to Olimex on their forum. They might known if Ethernet firmware on the A20 chip is modifiable and if bricked, who to reflash it.

1 Like