Content deleted Content added
Andritolion (talk | contribs) Removing useless "Blob!" hover message added in revision 889907236, as it adds no useful info to the article. |
m Task 16: replaced (5×) / removed (0×) deprecated |dead-url= and |deadurl= with |url-status=; |
||
Line 51:
== Open source operating systems ==
Some [[Free Software Foundation|FSF]]-approved projects strive to provide a [[Free software movement|free]] operating system and will remove all binary blobs when no documentation for hardware or [[source code]] for device drivers and all applicable firmware is available; such projects include [[Linux-libre]] kernel packaging from [[FSFLA]], [[Parabola (software)|Parabola]], [[Devuan]], [[Trisquel]], and [[LibreCMC]].{{r|gnu/free-distros}} However, the vast majority of open-source projects make a distinction between binary-only device drivers (blobs) and binary-only firmware (not considered blobs{{r|kerneltrap/6497|p=…|q=Firmwares are not considered blobs}}), allowing for certain proprietary firmware to be freely distributed as part of their kernels, and, to the disagreement of some core contributors, also support the use of proprietary device drivers that are distributed externally, providing internal compatibility interfaces for such proprietary drivers and userspace components to work with their system.{{r|f-aac|f-aacraid}} Projects following this policy include the [[Linux kernel]] itself, [[NetBSD]], [[FreeBSD]], [[DragonFly BSD]], and most [[Linux distribution]]s.<ref name="bsdinterview">{{cite web | url = http://os.newsforge.com/os/05/06/09/2132233.shtml?tid=8&tid=2 | title = BSD cognoscenti on Linux | accessdate = 2006-07-07 | last = Matzan | first = Jem | date = 15 June 2005 | publisher = NewsForge |
The [[OpenBSD]] project has a notable policy of not only not accepting any binary device drivers into its source tree, but also officially not supporting any third-party proprietary device driver components on its platform, either;{{r|lyrics-38|p=38…|q=we refuse to accept our users being forced into depending on vendor binaries}} citing not only the potential for undetectable or irreparable security flaws, but also the encroachment onto the openness and freedom of its software.<ref name="deraadt_interview_200605">{{citation
Line 63:
|archiveurl=https://web.archive.org/web/20060603230017/http://kerneltrap.org/node/6550
|archivedate=2006-06-03
|
}}</ref> The [[Free Software Foundation]] (FSF) is actively campaigning against binary blobs.<ref>{{cite web|url=https://www.fsf.org/blogs/community/rms-ati-protest.html|title=Protest against ATI nearly led to the arrest of RMS|date=27 April 2006|accessdate=2006-10-10|publisher=Free Software Foundation}}</ref> FSF also considers OpenBSD's policy confusingly worded, as "blobs" in the BSD community refer only to what it considers non-free drivers, and does not apply to proprietary firmware and sourceless microcode.{{r|gnu/common-d|p=BSD}} The [[Debian]] project included both free and non-free binary firmware from the [[Linux kernel]], clearly marking and separating the non-free packages<ref>{{cite web | url = https://packages.debian.org/firmware-linux | title = Debian firmware-linux packages | year = 2010 | accessdate = 2010-03-25}}</ref> according to the [[Debian Social Contract]]. As of Debian 6.0 those blobs were removed.{{r|gnu/common-d|p=Debian}}
Line 77 ⟶ 76:
== Problems ==
There are a number of reasons why binary blobs can be problematic.<ref name=kerneltrap/6497>{{cite web |url=http://kerneltrap.org/node/6497 |first=Jeremy |last=Andrews |title=Interview with Jonathan Gray and Damien Bergamini |accessdate=2008-01-06 |date=2006-04-19 |publisher=kerneltrap.org |
Firstly, their precise operation cannot be known and bugs cannot be detected by auditing source code; bugs are frequently only diagnosed by painstaking investigation when a system begins to behave unexpectedly. Such undetected bugs may also silently expose users and systems to security hazards. The fitness for purpose of the driver thus cannot be checked, and even if a bug is found there is no easy way to fix it.
Line 129 ⟶ 128:
== Device firmware ==
{{main|Firmware|Microcode}}
[[Firmware]] is the software required by the onboard [[microcontroller]]s that accompany some hardware, is generally not considered to be a binary blob.{{r|kerneltrap/4118|gnu/common-d|p2=BSD|kerneltrap/6497|p3=…|q3=Firmwares are not considered blobs}} In many devices, firmware is stored in [[non-volatile]] onboard [[flash memory]], but to decrease costs and ease upgrades, some devices contain only [[static RAM]] and require the host operating system to upload firmware each time they are connected (especially [[USB]] devices). Although the firmware is thus present in the operating system driver, it is merely copied to the device and not executed by the CPU, removing concerns about extra security flaws compared to what's already possible with a [[DMA attack]] even if the firmware was already stored within the device at all times. The OpenBSD project accepts binary firmware/[[microcode]] images and will redistribute these images if the license permits;<ref name=kerneltrap/4118>{{cite web |title=OpenBSD Works To Open Wireless Chipsets |date=November 2, 2004 |publisher=KernelTrap |url=http://kerneltrap.org/node/4118 |accessdate=2006-06-23 |
== BIOS and UEFI==
Line 179 ⟶ 178:
{{Wiktionary|blob}}
* {{cite web|last = McMillan|first = Robert|date = June 21, 2006|url = http://www.infoworld.com/article/06/06/21/79536_HNwifibreach_1.html|title = Researchers hack Wi-Fi driver to breach laptop|publisher = InfoWorld|accessdate = 2006-06-23|
* [https://web.archive.org/web/20060603230511/http://kerneltrap.org/node/6650 KernelTrap article] on Damien Bergamini's wpi(4) driver, a blobless ipw3945 alternative for OpenBSD
* [https://web.archive.org/web/20071211025952/http://kerneltrap.org/node/6497 KernelTrap interview] with Jonathan Gray and Damien Bergamini regarding binary blobs
| |||