Fedora not "free" enough for GNU?

Bruno Wolff III bruno at wolff.to
Mon Sep 8 04:12:33 UTC 2008


On Sun, Sep 07, 2008 at 20:54:35 +0100,
  Andrew Haley <aph at redhat.com> wrote:
> 
> This makes me think of a really interesting question: security-
> critical organizations presumably have to make use of commercially
> available computers just like the rest of us.  Someone somewhere
> must have thought about the issues of binary firmware blobs for
> video and network hardware and their potential to leak data,
> either deliberately or accidentally.  One of the many nice things
> about free software is the fact that it's reasonably easy to inspect
> it for security analysis; binary blobs weaken that.

There is a reason the U.S. government is concerned about computers being
made in China.

There was a relatively recent article that I can't find now, that mentions
that easy to miss flaws can be added to chips that would allow people to
find keys used by devices.

As hardware gets more powerful and companies get more bold about putting
anti-consumer features into the bios or device firmware it is going to get
much more risky to just trust your hardware.




More information about the devel mailing list