The creator of Audacious criticized the FSF

Ariadne Conill recently criticized the policy of the Free Software Foundation on proprietary firmware and microcode, as well as the rules of the “Respect Your Freedom” initiative that aims to certify devices that meet the requirements of user privacy and freedom.

According to Ariadne, foundation policy restricts users to outdated hardware, encourages manufacturers seeking certification to overdesign hardware architecture, discourages the development of free alternatives to proprietary firmware, and makes it difficult to use good security practices.

The problem is due to the fact that the “Respect Your Freedom” certificate can only be obtained by a device where all supplied software must be free, including firmware loaded by the main CPU.

At the same time, firmware used in additional embedded processors may remain closed, if they do not involve updates after the device falls into the hands of the consumer. For example, a device must ship with a free BIOS, but the microcode loaded from the chipset to the CPU, firmware to I/O devices, and internal FPGA communications settings can remain private.

A situation is created in which if the proprietary firmware is loaded during the initialization of the operating system, the equipment cannot receive a certificate from the Free Software Foundation, but if the firmware for the same purpose is loaded with a separate chip, the device can be certified.

This approach is considered flawed, since in the first case the firmware is in plain sight, the user controls its download, knows about it, can conduct an independent security audit, and if a free analogue appears, it is easy to replace. In the second case, the firmware is a black box, which is problematic to verify and whose presence the user may not be aware of, falsely believing that all software is under his control.

As an example of hidden manipulations with firmware, the Librem 5 smartphone is given:

In the SoC of which a separate processor is used to initialize the computer (DDR4) and load the necessary blobs. After the initialization stage was complete, control was transferred to the main CPU and the auxiliary processor was powered off. Formally, such a scheme did not violate the conditions for obtaining a certificate from the Free Software Foundation, since the kernel and BIOS did not load binary blobs (in the end, despite these complications, Purism could not obtain a certificate).

Security and stability concerns they also create the FSF's recommendation to use the Linux Libre kernel and Libreboot firmware, stripped from the blobs uploaded to the hardware. Following these recommendations can lead to various types of failures and hide warnings about the need to install a firmware update for unfixed bugs and potential security issues (for example, without a firmware update, the system will remain vulnerable to Meltdown attacks and Spectre).

Disabling microcode updates is perceived as absurd, on the condition that the embedded version of the same microcode, in which vulnerabilities and unfixed bugs remain, is loaded during the chip initialization process.

Another complaint refers to the impossibility of obtaining the certification respect your freedom for modern hardware (the newest model of certified laptops dates from 2009). Certification of newer devices is hampered by the presence of technologies like Intel ME.

For example, the Framework laptop comes with open firmware and focuses on full user control, but is unlikely to be recommended by the Free Software Foundation due to the use of Intel processors with Intel ME technology (to disable the Intel Management Engine mechanism). ), which can remove all Intel ME modules from the firmware, unrelated to the initial CPU initialization, and disable the main Intel ME driver using an undocumented option that e.g. System76 and Purism companies do on their laptops) .

Finally, if you are interested in being able to know more about it, you can consult the details in the following link


Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.