Dishonest developers will try to hide the ugly bits, so they can claim to be selling a Truly Free product while hoping you never see nor notice the nonfree bits.
Conversation
Replying to
I already know two non-free bits without even having to search: DDR controller training FW on i.MX8M is a binary, LTE modem runs Android-like Linux blobs...
2
1
SoC, baseband, Wi-Fi, Bluetooth, touchscreen and other components have proprietary firmware. Is there any component that's more open?
They've defined free as the user not having the option to update firmware. By choosing "open" components they mean ones with persistent firmware.
1
1
2
i.e. their choice of components is based on it having the firmware installed in persistent state on the component rather than uploaded by the OS. Somehow, that's supposed to meet the definition of being more free / open. Doesn't make sense. Just playing games with definitions.
1
3
3
It's better for components to have a little persistent state as possible. Shipping devices without the ability to patch serious issues like persistent remote code execution in the radios via software updates is quite problematic, especially when choosing poorly secured radios.
1
1
1
Can't understand how turning things into more of a black box makes them more open. Also, removing even the option to set things up securely for the SoC and elsewhere is hardly freedom. Bonus for pretending to have security features that they've actually gone of the way to break.
1
3
3
On the topic of free w/hw is there any description somewhere showing the overall benefits of grapheneos on proprietary hw like google pixel vs idealistic goals like replicant on samsung siii (which has blobs but understood to be not the worst)?
1
That hardware is just as proprietary. There's no such thing as an arm64 device without an entirely proprietary CPU. The rest of the SoC and the other components on those devices is also proprietary. Ignoring that there's proprietary hardware and firmware just makes you insecure.
1
Not shipping firmware updates is a serious security issue. Targeting hardware without proper ongoing support is a serious security issue. There's very little comparison to make between a hardened OS vs. an insecure one with very serious known remote and local vulnerabilities.
2
Ok yeah agreed on the hw, im still learning on the firmware,software side and the "free" concept. Its a very old os so thats an obvious concern. Would be interested to test if they do release a 10 or 11 based update. Sorry for going off topic
1
Being behind on software security updates, not having proper security updates for lots of the device-specific software and not having secure firmware and hardware is a serious problem. It isn't something that can be resolved by moving to Android 11. Still inherently insecure.