From mboxrd@z Thu Jan  1 00:00:00 1970
From: Katherine Cox-Buday <cox.katherine.e@gmail.com>
Subject: Re: Meltdown / Spectre
Date: Tue, 09 Jan 2018 14:13:30 -0600
Message-ID: <87d12i7pud.fsf@gmail.com>
References: <874lnzcedp.fsf@gmail.com> <20180106174358.GA28436@jasmine.lan>
	<87lghapeu5.fsf@gmail.com> <87incc6z9o.fsf@gmail.com>
	<87fu7g436e.fsf@fastmail.com>
	<807794bd-5262-8b36-1f9f-dd3a316928ff@tobias.gr>
Mime-Version: 1.0
Content-Type: text/plain
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:34085)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <cox.katherine.e@gmail.com>) id 1eZ0HA-0004NA-IV
	for guix-devel@gnu.org; Tue, 09 Jan 2018 15:13:37 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <cox.katherine.e@gmail.com>) id 1eZ0H7-0008Iz-Rb
	for guix-devel@gnu.org; Tue, 09 Jan 2018 15:13:36 -0500
Received: from mail-io0-x22f.google.com ([2607:f8b0:4001:c06::22f]:33273)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <cox.katherine.e@gmail.com>)
	id 1eZ0H7-0008IN-M7
	for guix-devel@gnu.org; Tue, 09 Jan 2018 15:13:33 -0500
Received: by mail-io0-x22f.google.com with SMTP id t63so19912397iod.0
	for <guix-devel@gnu.org>; Tue, 09 Jan 2018 12:13:33 -0800 (PST)
In-Reply-To: <807794bd-5262-8b36-1f9f-dd3a316928ff@tobias.gr> (Tobias
	Geerinckx-Rice's message of "Mon, 8 Jan 2018 22:51:00 +0100")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Tobias Geerinckx-Rice <me@tobias.gr>
Cc: development@libreboot.org, guix-devel@gnu.org

Tobias Geerinckx-Rice <me@tobias.gr> writes:


> I think the real and thornier question for GuixSD
> is: if the recent CPU vulnerabilities require a
> microcode update to fully mitigate, then how do we
> square not recommending proprietary globs like
> this in official channels with giving users all
> knowledge required to decide for themselves?

Yes, this exactly.

It's a unique (hm, is it?) situation pitting the ideals of copyleft
against the welfare of users. If an opaque microcode is required to
successfully mitigate these bugs, what is the moral stance to take?

I don't have an answer and that's why I'm asking here :)

-- 
Katherine