Hacker News new | ask | show | jobs
by RandomBacon 2493 days ago
Not exactly on this topic as it appears to be a hit-piece about the company making the phone. There's been a few hit-piece comments here on HN made by new accounts on other Librem 5 posts too.

Anyway, I'm not an expert about most of that stuff, but they wrote:

> They aren't shipping firmware updates.

Uh... the phone hasn't even been released yet!
1 comments
detaro 2493 days ago
They have ensured by design that what remains of proprietary firmware on the phone can't be updated, because they want a FSF Free hardware certification, and that's the only way to get that and have non-free firmware components. Not updateable non-free firmware is tolerated as being "part of the hardware" in a way, updateable firmware is software and required to be open.
link
RandomBacon 2493 days ago
Which proprietary firmware?
link
detaro 2493 days ago
Parts of the memory interface have been mentioned previously: https://puri.sm/posts/librem5-solving-the-first-fsf-ryf-hurd...

Similarly, they seem to have choosen the Wifi and Bluetooth chips as well because they have no downloadable firmware, and the isolation for the baseband probably ensures the same there: https://puri.sm/posts/librem5-2018-09-hardware-report/

If those would have meaningful updates is a good question, and clearly it only applies to some of the firmware, but I suspect that's what the exagerated original claim is based on.

link
RandomBacon 2493 days ago
Okay, thank you.

Is there any way to mitigate this if one wants to keep Wifi and Bluetooth?

I guess if one really wanted to be pure then, they could just keep the second (of three, see below) hardware switches off, and even possibly de-solder a connection, to ensure they aren't accidently flipped on.

Hardware Switches:

- cameras and microphone

- WiFi and Bluetooth

- cellular baseband

(When all three switches are off, power is also killed to sensors a la "Lockdown Mode")

link
jmkb 2493 days ago
> When all three switches are off, power is also killed to sensors a la "Lockdown Mode"

Personally, with all these switches off, I'd still want GPS for offline navigation.

link
RandomBacon 2492 days ago
Maybe there are two contacts you could bridge. Are you good with a soldering iron?
link
batoure 2492 days ago
this article is probably worth reading.

https://puri.sm/posts/librem5-solving-the-first-fsf-ryf-hurd...

Purism can't guarantee someone won't try to flash that firmware. so the best solution they came up with was to create a parallel chip to store the firmware they have vetted to be safe and to overwrite the modem or wifi firmware with their version of the binaries anytime a change to the other firmware is pushed through

link
kd3 2493 days ago
People: So how much security and privacy will we have on the Librem 5?

Purism: Yes.

link