They say that GNU is spreading misinformation and “stop getting info from charlatans”?
You must log in or register to comment.
You deleted your last post on a similar topic, which had some excellent discussion and comments, and now all of that good content for lemmy is gone.
Deleting posts is not great for the community.
As bad as reddit is, it does suck that a lot of people who left decided to wipe all their comments/posts too. Huge amount of useful data just gone.
Yes but millions were also providing that data for free until Reddit decided it was all theirs to control and monetize. Don’t blame the users.
Saying it sucks = blaming the users? Okay.
Saying “it sucks that they decided” sounds like blaming these users.
I really hope someday folks in the internet learn how to properly use quotation marks and why paraphrasing but adding quotation isn’t okay. Someday…
The thing is, I didn’t agree to sell my content for a 0% cut.
Reddit has always had ads. That’s a stupid Argument.
Yes, when you publicly posted things online.
Disney murder case type of legal bullshit vibes here
Reddit is trying to sell that data. I would like to sabotage that. Also, some of my activity on Reddit especially early on was quite toxic so I’d rather it be lost anyway.
When somebody deletes a post it also goes away from the other instances where it federated? (I hope I’m clear loll.
Yes
Way to distract from otherwise good argument about firmware. Really dumb take. In case you think I’m being flippant, let me present an alternative blob:
GNU are striving for the ideal goal of fully open source hardware and software. Their statement correctly highlights the compromises of the reality of using proprietary hardware which requires proprietary firmware; compounded by the reality of oligopolies maintaining their market positions via proprietary software. Our take is that providing an otherwise open source OS within this reality is significantly better for people than letting full corporate control reign until open mobile hardware becomes practical and common, if it ever does.
I’m not a fan of GrapheneOS, but the point they bring up here is valid. There is already proprietary firmware on your computer. There’s no reason why you shouldn’t be updating it to protect yourself from serious exploits. The FSF takes an ideological stance rather than a practical one, unfortunately.
I agree with you: the FSF can seem unwavering in their stance, even in the face of practicality. I’m really sorry for this incredibly nit-picky detail, but I think practicality is ideological too. For better or for worse, we can’t escape ideas or be free from them, so we have to choose which we value. For example, while I tend to choose software freedom over practicality, I also have, at times, chosen practicality over freedom.
That’s true. I didn’t think about that. Thank you. :)
Except they also advocate using compute devices that only use blobless firmware
Yeah, the FSF stance on firmware is really weird.
Basically, if the firmware is not intended to be updated it’s fine. But distributing updates, like security fixes, for firmware as blobs is somehow bad.
However, there is one exception for secondary embedded processors. The exception applies to software delivered inside auxiliary and low-level processors and FPGAs, within which software installation is not intended after the user obtains the product. This can include, for instance, microcode inside a processor, firmware built into an I/O device, or the gate pattern of an FPGA. The software in such secondary processors does not count as product software.
https://ryf.fsf.org/about/criteria
Here’s an article from the previous time (?) this topic came up.
Not really weired. For example, a keyboard has a firmware. 99% of keyboards have no way of it being updated or changed. It is part of its electronics. So not a big deal. But, if a keyboard has a way to update the firmware or install another one, then it should be FOSS.
I know. And that’s reasonable of course. I’m sure most of us would agree that proprietary blobs are bad. I’m optimistic that firmware will become more open in the future though.
I think we need uncompromising people in this world. Doesn’t mean we have to listen or follow everything they say though. Those are my thoughts on GNU.
I think your question is answered by the thread you linked. Is there something in particular you don’t understand?
GNU/the FSF says that GrapheneOS does not qualify as free software (which is true, it’s not completely FLOSS as per the FSF’s definition—the linked GNU article classifies plenty of popular Linux distros we consider to be FOSS as non-free, btw, they’re not singling out Graphene), and GrapheneOS is saying they don’t want to fit the FSF’s definition of free software because it would mean a lack of security (which is also true; they need proprietary firmware updates from Google). The FSF has a strict definition of free software which a lot of software does not meet, and usually an entire operating system would only meet the FSF’s definition out of a deliberate, conscious, ideological decision to exclude all non-free software. In their article they even list Debian as a distro which no longer meets their standards, despite Debian being known for their strict policy around only including FOSS in their repos.
This is an instance of two different entities (GNU and GrapheneOS) having fundamentally different goals (one values a strict definition of free software at all costs, one values security at all costs). You are more than welcome to do things GNU’s way if you don’t like GrapheneOS’s way, or vice versa.
Best description.
Graphene is against GNU ideals getting in the way of security, because as it turns out, they do. FSF’s definition of “ok” and “not ok” firmware blobs is bogus anyway.
Edit: for all the people who don’t get this: THE FSF IS FUCKING OKAY WITH PROPRIETARY FIRMWARE BLOBS, but only if they are in a separate (usually user-inaccessible) storage chip and if you don’t update it; they only deem that morally ok, yet it’d be the same as loading the blobs from the disk (which makes devices MUCH SAFER to update, you don’t risk a brick). They get in the way of security by abusing the trust y’all give them, cuz thank god nobody who does embedded dev takes their opinions seriously anyway. Also, you’re not giving up “A bit of security”, you’re giving up fucking microcode updates, the ones that patch well-known vulnerabilities that allow webpages to gain root access. FFS.
FSF does not get in the way of security. FSF believes source code should be publicly available in order to even assume the software is secure or private. In a perfect world that would be nice. But in the real world, proprietary blobs are required to make the hardware functional. As long as OEMs are removed about open sourcing the firmwares, both GrapheneOS and GNU are right in their own way.
Oh, the FSF doesn’t get in the way directly (they have neither the funding nor the personnel), they just misinform you to do so, so they’re guilty in my book. Go read the edit in my prior comment.
Graphene is against GNU ideals getting in the way of security,
Funny, Graphene’s obsession with security is getting in the way of my ideals.
Fuck Google and their proprietary security updates. I want no Google in my life and if that means a bit less security, I’m okay with that. In fact, I’d argue that running Google code that does who-knows-what for your security is itself not a very safe thing to do.
First, as nobody forces you to use graphene, they’re not getting in the way of your ideals, I’m saying some of the FSF’s ideals may compromise the security of their followers. When it comes to Google’s blobs, It’s not like they can release the source even if they wanted to, samsung wouldn’t even let them cuz google leases their IP and trade secrets for the tensor chips. I don’t like IP either, but I keep my feet on the ground, the blobs aren’t there for firmware-level who-knows-what, due to the hardware and software model themselves, most of what they’d do would be super detectable. Go read the edit of my prior comment, educate yourself on embedded devices, the pixel hardware model and graphene’s security model, then we might have a productive conversation and not uneducated conspiracy speculation.
So you really trust Google to release code that doesn’t do something it shouldn’t behind your back do you? How cute…
I am an embedded developer so please don’t patronize me. And I know enough about security to know that Google’s security model on the Pixel phones is the best yet. That’s not the issue. The issues are:
-
Google’s code is untrustworthy unless reviewed, and proprietary blobs can’t be reviewed. If Google codes anything, they have an ulterior motive and it’s rarely in your best interest. If that’s not a security shortcoming, I don’t know what is. Or said another way, there’s something deeply ironic in claiming to have the most secured deGoogled OS and the lynchpin of that security is Google itself.
-
Yes, using a phone other than a Pixel phone with a deGoogled OS other than GrapheneOS as I do (I use a FP4 with CalyxOS) is less secure than GrapheneOS on a Pixel phone - assuming you trust Google’s drivers aren’t doing other things unrelated to their driver function.
But as I said, my most important goal in anything technical I use is to not use Google. That’s my ideal. Some people have ideals and aren’t willing to compromise.
With that in mind, and considering that I’m a low-value target, I deem the security provided by CalyxOS on my FP4 more than adequate for my use case. Or said another way, GrapheneOS’ - short-sighted, in my opinion - obsession with security gets in the way of my main goal, which is to avoid Google.
You already bought the phone with Google code in it, that ship has sailed when you purchased the device
-
Because strcat is fucking nuts
However I’m still using GOS as theres no other better options
Because there is nothing that exists today that is completely, from head-to-tail, open source. Being allowed and able to install closed source software does not make an open ecosystem suddenly closed.
Plenty of Linux systems today rely on binary blobs to make hardware work. Plenty of software can run on an open source ecosystem while itself being closed source.
Richard Stallman is a toe-booger eating weirdo looking for attention.
What was it I saw recently… There was a FOSS podcast player that is completely open and available, but it was demonized because you could (optionally) add the apples/itunes feed. Like reading an RSS feed from apple made it not “FOSS”
That’s where I eyeroll hard. Ffs, having the option to use something proprietary does not closed source make. It was one part of one area of the app, that was like, a dropdown selection.
Lemmy world go home
