Conversation

Notices

1. Embed this notice
   puffaboo :puffhyper: (emilis@puff.place)'s status on Sunday, 11-Jun-2023 18:30:44 JST puffaboo :puffhyper:

   • SuperDicq

   @SuperDicq@minidisc.tokyo blob, uploaded by kernel: woa, evil!
   blob, stored on flash alongside the hardware that's harder to inspect or disable: this is fine actually

   • Embed this notice
     翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Sunday, 11-Jun-2023 18:30:43 JST 翠星石

     in reply to
     @emilis >blob, uploaded by kernel: woa, evil!
     Yes, evil, as that blob is under a proprietary software license that you must accept.
     
     It's all well and good to claim that such proprietary malware can be replaced, but that happens extremely rarely.
     
     It's also now common to implement digital handcuffs in such hardware, making it cryptographically impossible to replace the malware.
     
     >stored on flash alongside the hardware that's harder to inspect or disable: this is fine actually
     Assuming you meant EEPROM, sure it's not ideal, but you don't need to accept any proprietary software license to use that hardware.
     
     It really isn't hard to overwrite an EEPROM with all 0's with flashrom either.
     
     Also, dumping and flashing an EEPROM is trivial compared to writing a free software replacement - if you can do the latter, you can do the former.
     
     It seems to be less common for digital handcuffs to be implemented for software in EEPROM for peripheral devices as well.
   • Embed this notice
     翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Monday, 12-Jun-2023 12:04:58 JST 翠星石

     in reply to
     @emilis You need to look into a mirror and think who's the stupid one.
     
     Yes, it's preferable that replacing something is slightly harder just as long as nobody needs to accept a proprietary software license that forbids reverse engineering until the day such is replaced.
     
     Most of the licenses of runtime load-required proprietary software forbid reverse engineering and it being potentially *illegal* to replace such software is a much higher hurdle than maybe needing to attach a hardware flasher during development.
     
     I'd much rather prefer it if hardware didn't come with or require proprietary software at all, so for the moment a compromise is needed, but I refuse to compromise ruinously: https://www.gnu.org/philosophy/compromise.en.html
     
     
     Firmware stored in ROM is a different topic entirely, as that's hardware, not software.
     
     All hardware is proprietary and not much can be done about that until the software problem is solved.
     
     A ROM that happens to store processor instructions can therefore be treated as equivalent to a circuit and the question is then if the circuit is malicious.
     
     ROM chips used to be quite large external chips, thus replacement of such was possible with a bit of difficult - thus the name firmware.
     
     ROM is now typically buried deep inside a SoC and therefore modification or replacement isn't feasible - so such ROM isn't firmware.
     
     
     It's still the case that when you buy something, without signing a *fair* agreement that says otherwise, you own it and anything that comes on that device and therefore any "licenses" that try to restrict how you use the physical components of that hardware are null and void.
     
     Of course the manufacturer will try to claim otherwise, but you can still tell them to take such claims and shove it (but maybe not for much longer).
   • Embed this notice
     puffaboo :puffhyper: (emilis@puff.place)'s status on Monday, 12-Jun-2023 12:05:01 JST puffaboo :puffhyper:

     in reply to

     • 翠星石

     @Suiseiseki@freesoftwareextremist.com are you fucking stupid? like fr
     you want more hurdles to replacing it? that's preferable to you? because somehow you think you dont agree to any license for firmware that's on any ROM.
     
     how the fuck are you so fucking stupid what the actual fuck