www-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

www/philosophy tivoization.html

From: Therese Godefroy
Subject: www/philosophy tivoization.html
Date: Thu, 22 Jun 2023 06:23:25 -0400 (EDT) 
CVSROOT:        /webcvs/www
Module name:    www
Changes by:     Therese Godefroy <th_g> 23/06/22 06:23:25

Modified files:
        philosophy     : tivoization.html 

Log message:
        Changes by rms and bill-auger (www-discuss 2023-06-22).

CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/tivoization.html?cvsroot=www&r1=1.6&r2=1.7

Patches:
Index: tivoization.html
===================================================================
RCS file: /webcvs/www/www/philosophy/tivoization.html,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -b -r1.6 -r1.7
--- tivoization.html    8 May 2023 12:41:10 -0000       1.6
+++ tivoization.html    22 Jun 2023 10:23:23 -0000      1.7
@@ -15,11 +15,11 @@
   <div class="thin"></div>
 
   <p>There is a paradoxical class of firmware, for which the source code
-    is <a href="/philosophy/free-sw.html">free software</a>
+    is <a href="/philosophy/free-sw.html">free software</a>,
     because it carries
     a <a href="/licenses/license-list.html">free
-    software license</a>, but specific hardware for which these programs
-    are designed renders any binaries produced from that source code
+    software license</a>, but specific hardware, for which these programs
+    are designed, renders any binaries produced from that source code
     nonfree in practice. That is because that hardware requires the binary
     to be signed by the hardware manufacturer, either in order to run at
     all, or in order to make use of crucial hardware facilities,
@@ -34,14 +34,16 @@
     essential freedoms</a>) is missing, and that binary is not free, even
     though the source code may carry a free software license. Indirectly,
     tivoization affects the other freedoms (to use and to distribute
-    modified versions) because any modification of the firmware by
+    modified versions), because any modification of the firmware by
     yourself will result in broken hardware. The binary may qualify as
     <a href="/philosophy/free-open-overlap.html">open source</a>,
     because the term &ldquo;open source&rdquo;
     <a href="/philosophy/open-source-misses-the-point.html">is defined
     in terms of how the source is treated</a>. The publisher or
     the manufacturer may also advertise this forced signature check as a
-    &ldquo;feature.&rdquo;</p>
+    &ldquo;feature.&rdquo; However, if it is not possible for the owner
+    to replace the manufacturer's signature with one's own, we call that
+    an &ldquo;anti-feature.&rdquo;</p>
   
   <p>Their argument is: your computer won't boot (or will lack important
     features) if the hardware detects corrupted firmware, so tivoization
@@ -55,24 +57,24 @@
     freedoms. It prevents users from upgrading their own hardware or
     firmware, and it suggests a false sense of security by giving the
     control of their computer only to some &ldquo;trusted&rdquo; firmware
-    provider, compelling them to take its word for their safety.</p>
+    provider, compelling users to take the provider's word for their
+    safety.</p>
   
   <p>The firmware that drives the hardware at the lowest level also has
     the most control over it. It often contains
-    <a href="https://libreboot.at/faq.html#intelme";>backdoors</a> and
+    <a href="https://libreboot.at/faq.html#intelme";>back doors</a> and
     <a 
href="/proprietary/proprietary-insecurity.html#uefi-rootkit">vulnerabilities</a>
-    nobody is allowed to fix but the provider trusted by
-    the hardware.</p>
+    which only the &ldquo;trusted&rdquo; provider (trusted by the hardware)
+    is allowed to fix.</p>
   
   <p>Preventing unsigned or self-signed versions of the firmware to be
     run is a way for the manufacturer and publisher to keep the control
     over your computing, even more than if the source code itself were
     proprietary!  It only serves the purpose of the publisher or
     manufacturer, and has no benefit to the software user or the hardware
-    owner. Even if not all hardware refuses to run modified binaries, using
-    the version signed by the manufacturer (instead of unsigned or
-    self-signed versions) would not bring any benefit to the user
-    either.</p>
+    owner. On the other hand, supposing some models of hardware will run
+    modified versions, there is no advantage for you in using the
+    manufacturer's signed version instead of a self-signed variant.</p>
   
   <p>Among the most important additions in the GNU General Public License
     version 3, in 2007, was to prohibit taking a GPLv3-covered program and
@@ -144,7 +146,7 @@
 
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2023/05/08 12:41:10 $
+$Date: 2023/06/22 10:23:23 $
 <!-- timestamp end -->
 </p>
 </div>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]