this post was submitted on 20 Aug 2024
45 points (80.8% liked)

Open Source

30314 readers
2236 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
45
Why is GrapheneOS against GNU? (grapheneos.social)
submitted 1 month ago by [email protected] to c/[email protected]
53 comments fedilink hide all child comments
 

They say that GNU is spreading misinformation and "stop getting info from charlatans"?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 4 weeks ago* (last edited 4 weeks ago) (6 children)

Graphene is against GNU ideals getting in the way of security, because as it turns out, they do. FSF's definition of "ok" and "not ok" firmware blobs is bogus anyway.

Edit: for all the people who don't get this: THE FSF IS FUCKING OKAY WITH PROPRIETARY FIRMWARE BLOBS, but only if they are in a separate (usually user-inaccessible) storage chip and if you don't update it; they only deem that morally ok, yet it'd be the same as loading the blobs from the disk (which makes devices MUCH SAFER to update, you don't risk a brick). They get in the way of security by abusing the trust y'all give them, cuz thank god nobody who does embedded dev takes their opinions seriously anyway. Also, you're not giving up "A bit of security", you're giving up fucking microcode updates, the ones that patch well-known vulnerabilities that allow webpages to gain root access. FFS.

[–] [email protected] 3 points 4 weeks ago (1 children)

FSF does not get in the way of security. FSF believes source code should be publicly available in order to even assume the software is secure or private. In a perfect world that would be nice. But in the real world, proprietary blobs are required to make the hardware functional. As long as OEMs are removed about open sourcing the firmwares, both GrapheneOS and GNU are right in their own way.

[–] [email protected] 0 points 4 weeks ago* (last edited 4 weeks ago)

Oh, the FSF doesn't get in the way directly (they have neither the funding nor the personnel), they just misinform you to do so, so they're guilty in my book. Go read the edit in my prior comment.

load more comments (4 replies)