[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/philosophy tivoization.html
From: |
Therese Godefroy |
Subject: |
www/philosophy tivoization.html |
Date: |
Thu, 22 Jun 2023 06:23:25 -0400 (EDT) |
CVSROOT: /webcvs/www
Module name: www
Changes by: Therese Godefroy <th_g> 23/06/22 06:23:25
Modified files:
philosophy : tivoization.html
Log message:
Changes by rms and bill-auger (www-discuss 2023-06-22).
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/tivoization.html?cvsroot=www&r1=1.6&r2=1.7
Patches:
Index: tivoization.html
===================================================================
RCS file: /webcvs/www/www/philosophy/tivoization.html,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -b -r1.6 -r1.7
--- tivoization.html 8 May 2023 12:41:10 -0000 1.6
+++ tivoization.html 22 Jun 2023 10:23:23 -0000 1.7
@@ -15,11 +15,11 @@
<div class="thin"></div>
<p>There is a paradoxical class of firmware, for which the source code
- is <a href="/philosophy/free-sw.html">free software</a>
+ is <a href="/philosophy/free-sw.html">free software</a>,
because it carries
a <a href="/licenses/license-list.html">free
- software license</a>, but specific hardware for which these programs
- are designed renders any binaries produced from that source code
+ software license</a>, but specific hardware, for which these programs
+ are designed, renders any binaries produced from that source code
nonfree in practice. That is because that hardware requires the binary
to be signed by the hardware manufacturer, either in order to run at
all, or in order to make use of crucial hardware facilities,
@@ -34,14 +34,16 @@
essential freedoms</a>) is missing, and that binary is not free, even
though the source code may carry a free software license. Indirectly,
tivoization affects the other freedoms (to use and to distribute
- modified versions) because any modification of the firmware by
+ modified versions), because any modification of the firmware by
yourself will result in broken hardware. The binary may qualify as
<a href="/philosophy/free-open-overlap.html">open source</a>,
because the term “open source”
<a href="/philosophy/open-source-misses-the-point.html">is defined
in terms of how the source is treated</a>. The publisher or
the manufacturer may also advertise this forced signature check as a
- “feature.”</p>
+ “feature.” However, if it is not possible for the owner
+ to replace the manufacturer's signature with one's own, we call that
+ an “anti-feature.”</p>
<p>Their argument is: your computer won't boot (or will lack important
features) if the hardware detects corrupted firmware, so tivoization
@@ -55,24 +57,24 @@
freedoms. It prevents users from upgrading their own hardware or
firmware, and it suggests a false sense of security by giving the
control of their computer only to some “trusted” firmware
- provider, compelling them to take its word for their safety.</p>
+ provider, compelling users to take the provider's word for their
+ safety.</p>
<p>The firmware that drives the hardware at the lowest level also has
the most control over it. It often contains
- <a href="https://libreboot.at/faq.html#intelme">backdoors</a> and
+ <a href="https://libreboot.at/faq.html#intelme">back doors</a> and
<a
href="/proprietary/proprietary-insecurity.html#uefi-rootkit">vulnerabilities</a>
- nobody is allowed to fix but the provider trusted by
- the hardware.</p>
+ which only the “trusted” provider (trusted by the hardware)
+ is allowed to fix.</p>
<p>Preventing unsigned or self-signed versions of the firmware to be
run is a way for the manufacturer and publisher to keep the control
over your computing, even more than if the source code itself were
proprietary! It only serves the purpose of the publisher or
manufacturer, and has no benefit to the software user or the hardware
- owner. Even if not all hardware refuses to run modified binaries, using
- the version signed by the manufacturer (instead of unsigned or
- self-signed versions) would not bring any benefit to the user
- either.</p>
+ owner. On the other hand, supposing some models of hardware will run
+ modified versions, there is no advantage for you in using the
+ manufacturer's signed version instead of a self-signed variant.</p>
<p>Among the most important additions in the GNU General Public License
version 3, in 2007, was to prohibit taking a GPLv3-covered program and
@@ -144,7 +146,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2023/05/08 12:41:10 $
+$Date: 2023/06/22 10:23:23 $
<!-- timestamp end -->
</p>
</div>
- www/philosophy tivoization.html,
Therese Godefroy <=