[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Leaving the guix project
|
From: |
David Craven |
|
Subject: |
Re: Leaving the guix project |
|
Date: |
Sat, 18 Feb 2017 01:25:53 +0100 |
> There are many pieces of hardware that are not RYF certified and
> that work without firmware blobs.
I thought I had already argued the fact that, the fact that it works without
firmware blobs, does not mean that it is a more secure device, and in many
cases it may be much worse from a privacy perspective than than a device
that requires firmware blobs. See other discussion for the details.
The information that the device does not contain firmware blobs is only useful
in conjunction with the information that the device does not contain firmware
blobs in ROM, something that is not trivially determinable - if it is
determinable
at all.
Therefore excluding devices that require firmware blobs is not an effective
solution to privacy issues and requires a larger understanding of the hardware
itself.
So simply disallowing firmware blobs is a pointless restriction. I
never said that
people who want to use linux-libre should not use it.
There are downsides to not using binary blobs even when not strictly
required for
operation. Those include increased energy consumption, possible
unfixed bugs that
lead to data corruption or security vulnerabilities and external
modification by a third
party. And unless you tell the user the risks of not using binary
blobs you are presuming
what that user will decide, just as I presumed that if someone asks me
if you can run
the rpi without proprietary firmware he did not mean without usb,
ethernet or video.
> vanilla Linux (which includes more than 150MB of binary blobs)
Can you provide a reference? I can build a kernel that is way smaller
than 150MB,
so this clearly depends on the kernel configuration. I'm pretty sure
the kernel developers
care about free software too.
My current vanilla Linux is 11MB (compressed, modules linked in except
wifi), so I doubt that
there are 150MB of binary blobs in that archive. I have a single blob
loaded from
linux-firmware for the wifi card, I can find out how big it really is if you are
interested, but it's not 150MB.
But I'm not going to justify my actions any more.
- Re: Leaving the guix project, (continued)
- Re: Leaving the guix project, Ricardo Wurmus, 2017/02/16
- Re: Leaving the guix project, Hartmut Goebel, 2017/02/16
- Re: Leaving the guix project, Alex Vong, 2017/02/16
- Re: Leaving the guix project, Andy Wingo, 2017/02/16
- Re: Leaving the guix project, Andy Wingo, 2017/02/16
- Re: Leaving the guix project, David Craven, 2017/02/17
- Re: Leaving the guix project, Adonay Felipe Nogueira, 2017/02/17
- Re: Leaving the guix project, John Darrington, 2017/02/17
- Re: Leaving the guix project, Ricardo Wurmus, 2017/02/17
- Re: Leaving the guix project, David Craven, 2017/02/17
- Re: Leaving the guix project,
David Craven <=
- Re: Leaving the guix project, Ricardo Wurmus, 2017/02/18
- Re: Leaving the guix project, David Craven, 2017/02/19
- Re: Leaving the guix project, Ricardo Wurmus, 2017/02/18
- Re: Leaving the guix project, Alex Kost, 2017/02/19
- Re: Leaving the guix project, Tomas Cech, 2017/02/20
- Re: Leaving the guix project, John Darrington, 2017/02/20
- Re: Leaving the guix project, ng0, 2017/02/20
- Re: Leaving the guix project, Mike Gerwitz, 2017/02/20
- Re: Leaving the guix project, David Craven, 2017/02/21
- Re: Leaving the guix project, Mike Gerwitz, 2017/02/21