A lot of drivers for hardware are actually not open source, just unreadable binaries that do …something. No one knows exactly how they work, so some people consider them a security risk.
While I do understand the security aspect of this here at the same time those people seem to be delusional. At some point there’s proprietary stuff in our computers, be it a driver, a BIOS or the code that runs on the various microcontrollers that run low level functions from the USB ports to simple power management.
The most “security paranoid” organizations in the world usually run a lot of stuff on Windows and HP hardware full of opaque and proprietary code and they consider it “safe enough”.
I may get that not free / license based stuff might raise concerns if you aren’t a mega corp. that can pay the fee either way, but… if a trackpad requires a free but closed-source binary driver why would a random guy on the internet consider that to be a risk?
At some point there’s proprietary stuff in our bodies, be it a driver, a BIOS or the code that runs on the various microcontrollers that run low level functions from the USB ports to simple power management.
The most “security paranoid” organizations in the world usually run a lot of stuff on children and babies are full of opaque and proprietary code and they consider it “safe enough”.
People are replacing lost/damaged organs and limbs with computer-controlled hardware. The same problems that occur in computers that exist outside of humans will occur in computers inside of humans. Do you trust non-open drivers from Corporation X or Government Y in your eyes telling your brain what you do or don’t see?
That’s the extreme, of course, but it isn’t any less scary than computers you trust with your credit card, bank account, etc information.
Open source drivers means when corporation X goes under, your hardware still can work and isn’t automatically abandoned. It keeps more hardware out of landfills longer, with the ability to drastically reduce e-waste.
Do you trust non-open drivers from Corporation X or Government Y in your eyes telling your brain what you do or don’t see?
I agree with your point, but I find it very unlikely to have cutting edge medical technology using open-source software - after all those pacemaker / brain implant companies want to protect their research (and profits) - and I’m not even sure if a FOSS solution for that would ever get approved by any legal body.
That’s the extreme, of course, but it isn’t any less scary than computers you trust with your credit card, bank account, etc information.
All those systems that process your financial transitions run on tons of proprietary software and the banks and credit card companies believe that software is secure enough.
Open source drivers means when corporation X goes under, your hardware still can work and isn’t automatically abandoned. It keeps more hardware out of landfills longer, with the ability to drastically reduce e-waste.
This is probably the most reasonable thing about having open-source drivers… however hardware is diverse and complex and so are drivers. The community might not be able to maintain such the driver for specific-version-x-hardware I have because it might not have access to all the design documentation of the hardware nor the time to reverse engineer it. It might not be worth keeping a driver around if it only serves a few people because everyone is mostly on a different revision of the hardware or some other detail like that.
To be fair Linux removed support for 386, 486, floppy drives, “Carillo Ranch”, and a bunch of other older hardware recently… at some point the few users that still have a piece of tech won’t care about it because they can just replace it by a new and better alternative for cheap.
You make wonderful points, but I think we can both agree that I’ve demonstrated that there is value open source drivers, however insignificant they may be in comparison to non open drivers isn’t really relevant. It shouldn’t be such a shock an individual may want an open source only version of Linux which is the topic of discussion here.
Depending on the vendor providing that trackpad driver it may not be a substantial security risk. But it is a loss of software freedom, which some people care about.
Yeah, sure, but if the largest companies in the world trust the vendor that proprietary firmware why would I not trust it?
I agree with your POV, in theory yes, having stuff you can’t inspect it’s a risk, in practice there are a few more nuances to that. It’s not reasonable to want to have a 100% open-source computer from the software to use down to the AVRs/PICs that run low level functions.
You explanation sums it all up thanks.
While I do understand the security aspect of this here at the same time those people seem to be delusional. At some point there’s proprietary stuff in our computers, be it a driver, a BIOS or the code that runs on the various microcontrollers that run low level functions from the USB ports to simple power management.
The most “security paranoid” organizations in the world usually run a lot of stuff on Windows and HP hardware full of opaque and proprietary code and they consider it “safe enough”.
I may get that not free / license based stuff might raise concerns if you aren’t a mega corp. that can pay the fee either way, but… if a trackpad requires a free but closed-source binary driver why would a random guy on the internet consider that to be a risk?
People are replacing lost/damaged organs and limbs with computer-controlled hardware. The same problems that occur in computers that exist outside of humans will occur in computers inside of humans. Do you trust non-open drivers from Corporation X or Government Y in your eyes telling your brain what you do or don’t see?
That’s the extreme, of course, but it isn’t any less scary than computers you trust with your credit card, bank account, etc information.
Open source drivers means when corporation X goes under, your hardware still can work and isn’t automatically abandoned. It keeps more hardware out of landfills longer, with the ability to drastically reduce e-waste.
I agree with your point, but I find it very unlikely to have cutting edge medical technology using open-source software - after all those pacemaker / brain implant companies want to protect their research (and profits) - and I’m not even sure if a FOSS solution for that would ever get approved by any legal body.
All those systems that process your financial transitions run on tons of proprietary software and the banks and credit card companies believe that software is secure enough.
This is probably the most reasonable thing about having open-source drivers… however hardware is diverse and complex and so are drivers. The community might not be able to maintain such the driver for specific-version-x-hardware I have because it might not have access to all the design documentation of the hardware nor the time to reverse engineer it. It might not be worth keeping a driver around if it only serves a few people because everyone is mostly on a different revision of the hardware or some other detail like that.
To be fair Linux removed support for 386, 486, floppy drives, “Carillo Ranch”, and a bunch of other older hardware recently… at some point the few users that still have a piece of tech won’t care about it because they can just replace it by a new and better alternative for cheap.
You make wonderful points, but I think we can both agree that I’ve demonstrated that there is value open source drivers, however insignificant they may be in comparison to non open drivers isn’t really relevant. It shouldn’t be such a shock an individual may want an open source only version of Linux which is the topic of discussion here.
Fair enough :)
Depending on the vendor providing that trackpad driver it may not be a substantial security risk. But it is a loss of software freedom, which some people care about.
Yeah, sure, but if the largest companies in the world trust the vendor that proprietary firmware why would I not trust it?
I agree with your POV, in theory yes, having stuff you can’t inspect it’s a risk, in practice there are a few more nuances to that. It’s not reasonable to want to have a 100% open-source computer from the software to use down to the AVRs/PICs that run low level functions.