I have toyed around a while and eventually got a near perfect working Vanilla install on my Lenovo X1 Carbon gen 4. I have audio, WiFi, etc working. It has gone through multiple rounds of patches, and seems about as good as it gets without buying Apple hardware.
My issue is that I can’t seem to get over my trust issues with it. The system relies on Clover, which many will point out is open source. If you are using prebuilt binaries as I did and many do, you really don’t know that malicious code wasn’t slipped into it. I doubt everybody is reviewing the source code each time they update Clover. We also rely on unsigned Kexts, and I doubt many of us are reading the source code to them. I am basically looking for suggestions to ease my paranoia.
I have ran Malware Bytes on the system along with monitoring outbound network requests with Little Snitch. Nothing comes up that looks sketchy to me. I can’t seem to find anything that will scan the EFI partition though. Does anybody have any other suggestions for auditing the security of a Vanilla Hackintosh for somebody who isn’t a programmer, and isn’t going to read and understand 100’s of thousands of lines of code between Clover and all the kexts?
Post a Comment