Conversation

Replying to

Thread here. There is no such thing as a 100% Free platform. There are freer and less free platforms, and then there are those who deceive in order to claim they're 100% free by some arbitrary meaningless definition.

Quote Tweet

Hector Martin

@marcan42

Sep 14, 2018

Reading up on the @Puri_sm Librem 5. Nice idea, but it's a damn shame they're using the @FSF RYF certification as a goal and to guide the development process. RYF is total nonsense that encourages *decreasing* user freedom.

Show this thread

Hector Martin

@marcan42

Dec 22, 2020

If you care about software and hardware freedom for practical reasons (as opposed to some arbitrary religious dogma promulgated by the FSF with no objective backing), then focus on those who deliver results, instead of vying for some meaningless (or worse) certification.

Hector Martin

@marcan42

Dec 22, 2020

The push for software and hardware freedom is real, and more and more platforms are becoming freer and freer. But if someone claims to be selling you True Freedom today, they're probably lying. Honest developers will carefully explain the limits to the freedom of their product.

Hector Martin

@marcan42

Dec 22, 2020

Dishonest developers will try to hide the ugly bits, so they can claim to be selling a Truly Free product while hoping you never see nor notice the nonfree bits.

Replying to

I already know two non-free bits without even having to search: DDR controller training FW on i.MX8M is a binary, LTE modem runs Android-like Linux blobs...

Replying to

and

SoC, baseband, Wi-Fi, Bluetooth, touchscreen and other components have proprietary firmware. Is there any component that's more open? They've defined free as the user not having the option to update firmware. By choosing "open" components they mean ones with persistent firmware.

Replying to

and

i.e. their choice of components is based on it having the firmware installed in persistent state on the component rather than uploaded by the OS. Somehow, that's supposed to meet the definition of being more free / open. Doesn't make sense. Just playing games with definitions.

Replying to

and

It's better for components to have a little persistent state as possible. Shipping devices without the ability to patch serious issues like persistent remote code execution in the radios via software updates is quite problematic, especially when choosing poorly secured radios.

Replying to

and

Can't understand how turning things into more of a black box makes them more open. Also, removing even the option to set things up securely for the SoC and elsewhere is hardly freedom. Bonus for pretending to have security features that they've actually gone of the way to break.

Replying to

and

On the topic of free w/hw is there any description somewhere showing the overall benefits of grapheneos on proprietary hw like google pixel vs idealistic goals like replicant on samsung siii (which has blobs but understood to be not the worst)?

Replying to

and

That hardware is just as proprietary. There's no such thing as an arm64 device without an entirely proprietary CPU. The rest of the SoC and the other components on those devices is also proprietary. Ignoring that there's proprietary hardware and firmware just makes you insecure.

11:32 PM · Dec 22, 2020Twitter Web App

Replying to

Not shipping firmware updates is a serious security issue. Targeting hardware without proper ongoing support is a serious security issue. There's very little comparison to make between a hardened OS vs. an insecure one with very serious known remote and local vulnerabilities.

Replying to

The whole point of GrapheneOS is providing substantial privacy and security improvements over a modern OS. It's hard to understand comparing what it offers (grapheneos.org/features) to a device with essentially no security or privacy at all due to such serious problems.

grapheneos.org

GrapheneOS features overview

Overview of GrapheneOS features differentiating it from the Android Open Source Project (AOSP).

Show replies