GNU Linux-libre 4.12 Kernel Released, More Driver Deblobbing

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • aht0
    replied
    I'm still not getting just WHY shit belonging to "General Linux & Open-Source" keeps appearing in "BSD, MacOSX & Others" sub-forum.. It's 4th of 5th straight-Linux topic in this sub-forum here over the past 1,5 months.

    Leave a comment:


  • chithanh
    replied
    The firmware controlling the HDD is actually of minor concern. You do not need to trust it, but just treat the HDD as black box that you write bytes to and read bytes from. As long as you neither expect to read the same bytes that you wrote, nor expect the HDD to keep your bytes secret, then you can in practice ignore the firmware.

    Also the ethical concerns (user subjugation through proprietary software) are less severe as HDD firmware typically sees no updates. For SSDs however, updates to controller firmware are released more frequently.

    Security concerns with malware in SATA or USB HDD firmware are minor too. With Thunderbolt/M.2/U.2 this is more grave.
    Last edited by chithanh; 19 July 2017, 09:07 AM.

    Leave a comment:


  • aht0
    replied
    Originally posted by Zucca View Post
    Exactly!

    It's VERY hard to run completely blobless (modern) system nowdays.
    It's not only the software on your hard drive, it's also the software (or so called firmware) on every microchip.
    And large enough to run malware in it. Guy experimenting with it.

    Leave a comment:


  • Zucca
    replied
    Originally posted by eduperez View Post
    removing some of it is a step in the right direction. When asked why an embedded firmware is acceptable for them, they responded that by removing the blob from their distribution they are not contributing to the use of blobs; and that makes sense to me.
    True. I agree on these points. Open firmaware could maybe even increase the rate of bugfixex and added features.
    But closed firmware isn't something that's evil and should be avoided at all costs. Some firmwares contain IP of many companies so "it's not that simple".

    Originally posted by eduperez View Post
    However, my complaint is on the (false, in my humble opinion) image of safety that they are trying to spread.
    Yeah. Open source (or libre) isn't the magic keyword or synonym for security.
    Last edited by Zucca; 11 July 2017, 07:40 AM. Reason: Typos - begone!

    Leave a comment:


  • eduperez
    replied
    Originally posted by Zucca View Post
    Exactly!

    It's VERY hard to run completely blobless (modern) system nowdays.
    It's not only the software on your hard drive, it's also the software (or so called firmware) on every microchip.

    This is why I can't understand why is closed firmware loading from hard drive a "bad thing", while loading it from on board EEPROM or flash is "ok thing" for some. And what about when you need to update the firmware on said EEPROM/flash? Is that something you (blobless-libre-people that is) cannot accept?

    Yeah, sure I wish I had some RISC-V machine with all the peripherals that only contain discrete logic and no programmable chips, but it either costs a lot or is impossible.

    This is starting to sound like a rant now. I'll stop before it goes bad.
    Well, I can understand (and encourage) the motives behind this project: even if you can not remove all closed firmware, removing some of it is a step in the right direction. When asked why an embedded firmware is acceptable for them, they responded that by removing the blob from their distribution they are not contributing to the use of blobs; and that makes sense to me.

    However, my complaint is on the (false, in my humble opinion) image of safety that they are trying to spread.

    Leave a comment:


  • Zucca
    replied
    Originally posted by eduperez View Post
    Yes, blobs can contain backdoors, but devices without blobs can also contain backdoors. Most (if not all) devices need a firmware to run; some devices get that firmware from the OS in the form of a blob, and some devices get that firmware from an EEPROM loaded at the factory. For example, you will not see any device driver uploading a blob to your keyboard, yet your keyboard does have a firmware, and that firmware could hide a keylogger, that you will never find out about. Your (blob-less) network card could be spying on your communications. Your hard disk contains contains a processor, too.
    Exactly!

    It's VERY hard to run completely blobless (modern) system nowdays.
    It's not only the software on your hard drive, it's also the software (or so called firmware) on every microchip.

    This is why I can't understand why is closed firmware loading from hard drive a "bad thing", while loading it from on board EEPROM or flash is "ok thing" for some. And what about when you need to update the firmware on said EEPROM/flash? Is that something you (blobless-libre-people that is) cannot accept?

    Yeah, sure I wish I had some RISC-V machine with all the peripherals that only contain discrete logic and no programmable chips, but it either costs a lot or is impossible.

    This is starting to sound like a rant now. I'll stop before it goes bad.

    Leave a comment:


  • RealNC
    replied
    Originally posted by blackiwid View Post
    [/SIZE][/COLOR]

    Nobody forces you to defend/protect your freedom. So walk away as much as you want, be my guest!
    Spoken like a true cult member.

    Leave a comment:


  • arakan94
    replied
    Originally posted by onicsis View Post
    A good alternative to proprietary hardware and also blob free
    could be https://www.raptorengineering.com/TA...ease_specs.php
    Talos™ Secure Workstation

    Is complete open source, but unfortunately is way to expensive for average user, costing thousands of dollars.
    Sadly, it does not exist since crowdfunding campaign failed.

    Leave a comment:


  • blackiwid
    replied
    And I used linux-libre kernel in fedora, its in official fedora as far as I remember on my Thinkpad X220 it worked just fine, too.

    Leave a comment:


  • andyprough
    replied
    I've used Linux-libre for two years on a Dell laptop, with Parabola - a free-software Arch derivative. Works great, very quick. Only hardware that didn't work was WiFi, so I bought a $10 usb WiFi dongle on amazon that works with the free drivers.

    It's very cool to run a fast, modern system with no non-free software. You can run Debian this way also, or Slackware. And there's an Ubuntu derivative that uses it called Trisquel. Popular for systems that don't need fancy graphics, as you get complete control over the software.

    Leave a comment:

Working...
X