Living with a firmware virus by containing it.

[Hawkeye2300]

Having lived with an inside virus attack, first in Windows, then Linux Mint, I have had some thoughts that I would like to float to the community.

I would suggest that future Linux Mint releases

1. load NEMO with the device auto-play disabled, rather than enabled, as in 21.3. Stuxnet taught us this.

2. ensure that GUFW is enabled before internet access

3. include a secure virtual keyboard beginning as early in boot-up as possible to protect the encryption password,
   with the following design features:
   A) On-demand randomization
   B) turn off the microphone (keystrokes can now be captured and predicted via the mic)
   C) turn off the camera
   D) disable screen capture
   E) disable mouse/pointer movement capture
   F) include the existing slew of keyboard languages and styles available, within this secure version

4. include Wireshark in initial installations, with subroutines designed to detect, identify and optionally block potential outgoing
   traffic from a small firmware virus, seeking to reach its servers, and return to seriously compromise the machine.
   Many users, including myself do not have the technical background to do this. Automation would be greatly helpful,
   if possible.

5. monitor file changes for Hash changes on the fly, or monitor program files that are not signed properly if that is possible.

6. once developed, harden these design features against being hacked, as AI will be used to attack them within a very short
   period of time.

I have worked with Chatgpt4o to create Linux Mint routines that were designed to accomplish the above, and have uploaded
them to Github, for review. That said I do not have the credentials to test and modify them, and am writing to see if there is interest in the community in looking at these prototypes..

Unfortunately, war is in our future in the near term, and like it or not, Linux Mint will be tumbled as much as any OS. The above design considerations are intended to help a person continue to use their equipment, despite experiencing a high level firmware attack.

Be aware that any country or state actor that sets up deep firmware virus attacks, will consider infiltration of the community
as a viable possibility for increasing control/damage. This is serious, and there may be (but not necessarily so) some
evidence to support that it has already happened. In my professional career, I have always worked for the common good,
which is part of why Linux Mint has held such appeal for me; and it is this that motivates me to continue promoting these concepts, despite my decision to move to all new equipment. Cheers, am333