Dell Wyse ThinOS – “Invalid Digital Signature” Message

Issue: When attempting to downgrade ThinOS firmware from version 8.4.x to earlier versions, i.e. 8.3.x, 8.2.x, etc.. you may get the following message, “Invalid Digital Signature”.

Resolution: In order to rollback the version of firmware you need to add the following parameter to your wnos.ini configuration file or WMS/CCM configuration.

VerifySignature=no

Note: This will need to be added on a line starting with, “autoload=x”

For example: autoload=1 VerifySignature=no

See v8.4 INI guide for further details here.

More details on VerifySignature= parameter from the 8.4 release notes:

“The option VerifySignature specifies to verify the signature or not when updating the firmware and/or packages. It is introduced in 8.4 and later to make sure the security and integrity of the firmware and packages. If set VerifySignature to no, it will not check the signature so that to downgrade the firmware and/or packages which did not support signature. The default is yes.”

@chris_messier ~~> Subscribe to blog to get latest updates <~~

Windows Embedded Security – Threat Defense | Dell Data Protection

When looking at Windows Embedded devices people often ask about options to further secure them. In many cases, the devices are only used to access virtual desktops and the thought is often, since it’s essentially a kiosk, i.e. not running email locally, browser, etc.., then I have a limited attack surface. Although the Windows foot print on the client is smaller than a full Windows build there is still value in looking to further secure the endpoint regardless how it is used.

One thing I always suggest to customers is to check directly with their existing A/V vendor for what they have for support on Windows Embedded as some have specific solutions for it and some do not.

Dell has recently integrated it’s Dell Data Protection products into the Dell virtual desktops portfolio, specifically 2 solutions;

The one I am highlighting here is Dell Data Protection | Threat Defense for Windows thin clients. You can see a great demo of the solution below. When looking at further securing your Windows embedded thin clients this solution may be worth a look.