@lunar_dust_463@mstdn.social
They want you to use an OS which doesn't provide firmware updates and therefore doesn't protect you from serious known vulnerabilities. The firmware is still present when using an OS not updating it. Pretending as if the hardware and firmware isn't closed source by not updating the firmware simply harms users. They're a group known for having nonsensical, inconsistent beliefs and spreading misinformation/spin to promote them. Stop getting info from charlatans.
They say that GNU is spreading misinformation and “stop getting info from charlatans”?
I’m not a fan of GrapheneOS, but the point they bring up here is valid. There is already proprietary firmware on your computer. There’s no reason why you shouldn’t be updating it to protect yourself from serious exploits. The FSF takes an ideological stance rather than a practical one, unfortunately.
I agree with you: the FSF can seem unwavering in their stance, even in the face of practicality. I’m really sorry for this incredibly nit-picky detail, but I think practicality is ideological too. For better or for worse, we can’t escape ideas or be free from them, so we have to choose which we value. For example, while I tend to choose software freedom over practicality, I also have, at times, chosen practicality over freedom.
I know. And that’s reasonable of course. I’m sure most of us would agree that proprietary blobs are bad. I’m optimistic that firmware will become more open in the future though.
Basically, if the firmware is not intended to be updated it’s fine. But distributing updates, like security fixes, for firmware as blobs is somehow bad.
However, there is one exception for secondary embedded processors. The exception applies to software delivered inside auxiliary and low-level processors and FPGAs, within which software installation is not intended after the user obtains the product. This can include, for instance, microcode inside a processor, firmware built into an I/O device, or the gate pattern of an FPGA. The software in such secondary processors does not count as product software.
Not really weired. For example, a keyboard has a firmware. 99% of keyboards have no way of it being updated or changed. It is part of its electronics. So not a big deal. But, if a keyboard has a way to update the firmware or install another one, then it should be FOSS.
I’m not a fan of GrapheneOS, but the point they bring up here is valid. There is already proprietary firmware on your computer. There’s no reason why you shouldn’t be updating it to protect yourself from serious exploits. The FSF takes an ideological stance rather than a practical one, unfortunately.
I agree with you: the FSF can seem unwavering in their stance, even in the face of practicality. I’m really sorry for this incredibly nit-picky detail, but I think practicality is ideological too. For better or for worse, we can’t escape ideas or be free from them, so we have to choose which we value. For example, while I tend to choose software freedom over practicality, I also have, at times, chosen practicality over freedom.
That’s true. I didn’t think about that. Thank you. :)
Except they also advocate using compute devices that only use blobless firmware
I know. And that’s reasonable of course. I’m sure most of us would agree that proprietary blobs are bad. I’m optimistic that firmware will become more open in the future though.
Yeah, the FSF stance on firmware is really weird.
Basically, if the firmware is not intended to be updated it’s fine. But distributing updates, like security fixes, for firmware as blobs is somehow bad.
https://ryf.fsf.org/about/criteria
Here’s an article from the previous time (?) this topic came up.
https://ariadne.space/2022/01/22/the-fsfs-relationship-with-firmware-is-harmful-to-free-software-users/
Not really weired. For example, a keyboard has a firmware. 99% of keyboards have no way of it being updated or changed. It is part of its electronics. So not a big deal. But, if a keyboard has a way to update the firmware or install another one, then it should be FOSS.