Perfection is the enemy of good
Perfection is the enemy of good
Posted Oct 15, 2025 16:11 UTC (Wed) by farnz (subscriber, #17727)In reply to: Perfection is the enemy of good by Trelane
Parent article: The FSF's Librephone project
E.g. this certified RYF device has upgradeable proprietary firmware, as long as you're the OEM and not the user. Similar for this certified RYF device - again, the firmware is upgradeable, just not by the user (you need special tooling that the user won't necessarily have in both cases).
And that's just the ones I'm able to personally confirm that have upgradeable firmware given the tooling I have in my home lab. I'm pretty certain, based on the track record, that I'd see the same if I grabbed other RYF devices that do RF - devices with upgradeable proprietary firmware, where the in-field upgrade circuitry has been cut, but the firmware can still be upgraded by someone with the tools to clip onto the flashing lines.
Posted Oct 15, 2025 17:24 UTC (Wed)
by Trelane (subscriber, #56877)
[Link] (5 responses)
Posted Oct 15, 2025 17:30 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (4 responses)
Posted Oct 15, 2025 17:46 UTC (Wed)
by ballombe (subscriber, #9523)
[Link] (3 responses)
If hardware vendors were willing to distribute firmware with the same right and accept the same liability as for hardware, the FSF position would be different.
As it stands, there is a considerable advantage for a vendor to use the firmware terms, since they can disclaim all warranties and limit users rights.
Posted Oct 15, 2025 17:57 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (2 responses)
The FSF says it's fine for a firmware to be vendor-replaceable proprietary firmware, as long as you need to open the case of the device to change the firmware.
I don't see how the difference between "rights and liabilities" for hardware and firmware matters here - in both cases, we're talking about changing the firmware. It's just that the FSF tells me that it's a device is fine, per RYF rules, if replacing the firmware needs a conductive screwdriver, but not if replacing the firmware would need me to toggle a switch on the case.
And I don't see how the need for a conductive screwdriver (or a non-conductive one and a piece of wire) makes a material difference here.
Posted Oct 15, 2025 18:24 UTC (Wed)
by ballombe (subscriber, #9523)
[Link] (1 responses)
Because in this case, the firmware count as hardware as far the law and regulation are concerned.
Posted Oct 15, 2025 18:26 UTC (Wed)
by farnz (subscriber, #17727)
[Link]
There is no case where firmware gets treated specially just because you need a common household tool to change the firmware - that's the same, as far as the lawyers I've spoken to, as firmware that's soft-loaded by a software tool.
Posted Oct 15, 2025 17:38 UTC (Wed)
by pizza (subscriber, #46)
[Link] (1 responses)
Speaking from experience, the long-obsolete Prism2/3 802.11b wifi adapters also fell into this trap; at initial introduction they would have qualified as RYF as there was no non-OEM way to update the firmware. (The hardware always supported it, but the tools were not publicly available). Once OEMs started releasing firmware update packages out of sheer necessity (due to severe showstopper firmware bugs) the devices no longer would have qualified as RYF.
However, the update procedure carried a nontrivial chance of bricking the device, so OEM drivers switched to a so-called "Ram Load" procedure where the latest firmware was downloaded into the device at runtime. [1] This technique proved so successful that the final hardware iterations eliminated the "large" parallel flash in favor of a small serial eeprom as a cost-cutting measure.
To recap: Firmware in flash with no non-OEM way to update: "RYF". Firmware tools provided to end-users (providing a mechanism to address potentially severe bugs that the OEM has already fixed): No good. Download said firmware at runtime: Get thee behind me Satan! (Despite the firmware -- and hardware -- being *completely identical* in all three cases.
With vanishingly rare exceptions, *all* non-trivial hardware produced over the past couple of decades has some sort of embedded processor running some sort of field-updateable firmware. Because it's the smart engineering (and increasingly, legal/regulatory) choice.
[1] This was only possible because the firmware was already designed to run from RAM; the contents of flash were copied over to RAM with various parameters (eg mac address, operational region, and production trim) "plugged" into the appropriate places.
Posted Oct 15, 2025 22:52 UTC (Wed)
by marcH (subscriber, #57642)
[Link]
Not just one but dozens of processors if you look at SoCs of smartphone- or PC-size. That's why they are called "SoCs".
Perfection is the enemy of good
I've raised it with the FSF; they've said that it's OK, because I had to open the cases to change the firmware, and anything where you need to open the case does not count.
Perfection is the enemy of good
Perfection is the enemy of good
I don't see how what you're saying follows from what I'm saying.
Perfection is the enemy of good
Perfection is the enemy of good
Not according to lawyers I've spoken to - either the firmware is not replaceable at all, in which case it's hardware, or it's replaceable by a service team, in which case it's firmware.
Perfection is the enemy of good
Perfection is the enemy of good
Perfection is the enemy of good