From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Craven Subject: Re: Leaving the guix project Date: Sat, 18 Feb 2017 01:25:53 +0100 Message-ID: References: <87o9y29svy.fsf@igalia.com> <87ino893j3.fsf@elephly.net> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:55718) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cesqb-00066p-Ku for guix-devel@gnu.org; Fri, 17 Feb 2017 19:25:58 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cesqY-00007c-F6 for guix-devel@gnu.org; Fri, 17 Feb 2017 19:25:57 -0500 Received: from mail-qt0-x236.google.com ([2607:f8b0:400d:c0d::236]:36685) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cesqY-00006n-8i for guix-devel@gnu.org; Fri, 17 Feb 2017 19:25:54 -0500 Received: by mail-qt0-x236.google.com with SMTP id k15so53453948qtg.3 for ; Fri, 17 Feb 2017 16:25:54 -0800 (PST) In-Reply-To: List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Ricardo Wurmus Cc: guix-devel > There are many pieces of hardware that are not RYF certified and > that work without firmware blobs. I thought I had already argued the fact that, the fact that it works without firmware blobs, does not mean that it is a more secure device, and in many cases it may be much worse from a privacy perspective than than a device that requires firmware blobs. See other discussion for the details. The information that the device does not contain firmware blobs is only useful in conjunction with the information that the device does not contain firmware blobs in ROM, something that is not trivially determinable - if it is determinable at all. Therefore excluding devices that require firmware blobs is not an effective solution to privacy issues and requires a larger understanding of the hardware itself. So simply disallowing firmware blobs is a pointless restriction. I never said that people who want to use linux-libre should not use it. There are downsides to not using binary blobs even when not strictly required for operation. Those include increased energy consumption, possible unfixed bugs that lead to data corruption or security vulnerabilities and external modification by a third party. And unless you tell the user the risks of not using binary blobs you are presuming what that user will decide, just as I presumed that if someone asks me if you can run the rpi without proprietary firmware he did not mean without usb, ethernet or video. > vanilla Linux (which includes more than 150MB of binary blobs) Can you provide a reference? I can build a kernel that is way smaller than 150MB, so this clearly depends on the kernel configuration. I'm pretty sure the kernel developers care about free software too. My current vanilla Linux is 11MB (compressed, modules linked in except wifi), so I doubt that there are 150MB of binary blobs in that archive. I have a single blob loaded from linux-firmware for the wifi card, I can find out how big it really is if you are interested, but it's not 150MB. But I'm not going to justify my actions any more.