It's Good But Maybe Bad: LVFS Skyrockets With More Than 100k Firmware Updates In One Day
The Linux Vendor Firmware Service (LVFS) with Fwupd has been serving on average around 40k~50k firmware updates per daay to Linux users relying on this cross-vendor, open-source firmware distribution service with FWUPD for applying firmware updates under Linux. But yesterday its usage just skyrocketed with more than 100,000 firmware updates in a single day... That's great for adoption but the motivation for the mass firmware updates may be something rough on the horizon.
Red Hat's Richard Hughes who is the lead developer of LVFS/FWUPD shared the exciting news of more than 100,000 firmware updates being served in a single day -- roughly double the number of updates as usual. The graph he shared on Twitter shows the huge growth:
But it's not as if vendors are so compassionate and releasing a bunch of firmware updates to deliver on shiny new features or improvements for their users... Often times, big firmware updates bring more bad than good in the way of security mitigations and other fixes.
Hughes wrote when tweeting the photo, "We supplied over 100,000 firmware updates on the LVFS *yesterday*. Sure it's an outlier, and one I don't really understand yet, but impressive none-the-less! It's almost like vendors are patching something important all at the same time... :)" But then he did later tweet, "I'm pretty sure I know why, but I'm waiting for an embargo to expire :)"
So now we are left waiting to see if the rush of firmware updates sent out is due to some industry-wide security mitigation or what is causing this massive surge in firmware updates all of a sudden.