Originally posted by chocolate
View Post
Something I didn't get to, but don't entertain, is arguments like "well, if we just striped the user of their ability to load microcode (or other firmware) it would eliminate their dependence on the firmware/hardware vendor!" No. That's dumb. And it gets even dumber when projects like linux libre remove kernel warnings about Spectre security bugs because fixing them would require microcode patches. In the words of Matthew Garret, that is not in the best interests of the user.
Skip the arbitrary lines of hardware vs software and this obsession with the *software* being pure or the *software* being "free."
What the user can trust, rely on, and do is the ultimate acid test. Everything else is BS.
This is why I'm a HUGE fan of Minecraft Mods. The modding community there has reverse engineered the entire game and produced a set of stable 3rd-party modding APIs that have enabled ENORMOUS, *actual* user freedom. You can do basically anything you want to it.
There are arguments I've linked to in the past that have advocated for a similar stance with all software blobs. They argue for investment in tools like frida, to allow even a novice to trace and understand and modify and replace and bend blobs to one's will. Not strip them out and be left with a broken device and no additional freedoms.
After all, it was by having someone decompile, understand, and document the blob in their ethernet that raptor was able to develop an open-source replacement. A replacement that wouldn't have been possible to provide had the firmware blob not been user-replaceable.
Comment