If there is a security feature that they see as reducing 'freedom' (with a very odd way of defining freedom) it will be deliberately left either not set up or permanently disabled via fuses. They see it as failure if there is any signed or closed firmware that can be updated.
Conversation
And the 'solution' which is applied is preventing it from being updated. This is the MAIN CRITERIA for their choice of components: whether they can block firmware from being updated. So for example, if there are separate data lines for firmware updates, that's perfect to them.
1
Doesn't matter if it's horribly outdated and/or insecure. The decision making is based on whether they can technically have an OS without proprietary components and no way of updating proprietary components from the OS. That is the goal - and not just a transitional one, really.
1
They'll pay lip service to actually open hardware and firmware but it's not really part of what they want to achieve. End goal is RYF certification and they want to obtain that through making the firmware count as 'hardware' by preventing updates to it to make it out of scope.
2
2
So you keep repeating this over and over but Purism has very explicitly rejected this characterization and clarified they will continue to allow full user control over their firmware.
1
"RYF is clear that any software that can be updated using the CPU must be free software. Our (Purism’s) interpretation is that it does not force a requirement that firmware cannot be upgraded out-of-band from the CPU, or external to regular software updates."
2
Right. So users are free to update it if they like, just not via the OS CPU. That seems reasonable. I prefer this even, as it means if my day to day OS is compromised and later patched I don't need to wonder if my firmware was backdoored.
2
For something as dangerous and seldom as firmware updates I would rather do this out of band of my normal internet connected OS.
1
Not sure what's dangerous about firmware updates or why it would be seldom when these kinds of components have updates on a very regular basis. Of course, that's assuming usage of components that are actually maintained and receiving updates, again see above.
1
A vendor could be coerced by a government, like the CCP, into pushing out a firmware update with a backdoor.
I only want proprietary modules updates when it is clearly just patching a flaw or some clear advantage to me.
2
You don't have no security updates. No one cares about backdoors when there are unpatched and even publicly known vulnerabilities. This has already been discussed in this mess of a thread. The things you're saying really don't make sense and you're grasping for straws.
Even if the baseband is unpatched, when it is totally quarantined to a separate daughter board and not built into my CPU SoC there is more damage control than a most phones that package it all together.
1
It's not "quarantined". It's connected to the CPU and talks to the driver / device support code, which trusts it, unless you pick the rare hardware with drivers written to treat hardware as an attacker. Also, again, twitter.com/DanielMicay/st. It's misinformation/misrepresentation.
Quote Tweet
Replying to @DanielMicay @lrvick and 3 others
Components with DMA can be untrusted, and often are, due to usage of IOMMUs. Components without DMA can be trusted, and often are, due to their role in the design of the device along with the design / implementation of typical drivers trusting the hardware that they support.
1
Show replies