Conversation

Apr 1, 2021

Lol, that's an interesting take on security. We'll run on closed source microcode that is buggy because any updates are considered closed source. I mean, I'm kinda surprised they they haven't limited their supported arches to risc-v.

Quote Tweet

Matthew Garrett

@mjg59

Mar 31, 2021

Again reminded of lists.gnu.org/archive/html/i, in which a GNU project removes a warning message informing users that their CPU microcode leaves them vulnerable to CPU microarchitectural attacks

Show this thread

Replying to

FSF is fine with closed source hardware and firmware. It's the ability to update closed source firmware that they're against. They're particularly opposed to it if there's signature verification of the firmware updates. They regularly endorse closed source hardware/firmware.

Replying to

and

It's not the closed source firmware and hardware they have a problem with but rather the fact that the company is able to release updates for it but others cannot create them. If you block updating firmware, such as by breaking it in the efuse configuration, they'll endorse it.

1:10 AM · Apr 1, 2021Twitter Web App

Replying to

and

So, for example, the Librem 5 is all about choosing hardware which has persistent firmware so that they don't need to load it from the OS. They go out of the way to prevent it from being updated too. That's the path they're taking to seeking FSF endorsement for their products.

Replying to

So, as long as the bios does the microcode update it's fine, got it.

Show replies