Hacker News new | ask | show | jobs
by progval 1108 days ago
For devices which have firmware, does it matter whether the firmware is loaded by the OS rather than hardcoded inside the device? The former at least gives an opportunity to fix bugs.

And if I'm not mistaken, this isn't about kernel blobs (which run on the CPU as kernel code), only code that gets loaded on devices (including CPU microcode).
2 comments
roenxi 1108 days ago
There is a little ritual we do here from time to time where someone writes a comment that starts something like "Well, I didn't expect Stallman would be right about [issue now being reported on] but he predicted this years ago".

If it can go wrong it will, and if software isn't free then its owners will do things that the users really do not like. In this case, if they can fix bugs they can reduce functionality post-hoc. That is consequential. It is better to have freedom or certainty as to what a device does.

link
dezgeg 1108 days ago
How can you ever really be sure that there is no way to change the code running on the hardware, either unintentionally via some exploit, or intentionally via a deliberate backdoor or a debugging interface enabled in production?

As a practical example, I have never heard anyone considering the freedomness of firmware in eMMC flash memory chips. But the talk "eMMC hacking, or: how I fixed long-dead Galaxy S3 phones" from CCC reveals that actually, Samsung eMMC chips have an undocumented debug interface to read/write the RAM of the firmware running on the ARM core inside the eMMC chip.

link
zajio1am 1108 days ago
There is a difference from legal point. If the firmware is hardcoded in device, you do not need to accept any license contract with IP holder. You do not need to copy it, and your right to run it is implied from ownership of the device. If the firmware is independent part bundled with OS, then anyone who wants to run it or even just distribute the OS must accept the license.
link
iudqnolq 1108 days ago
Are you guessing what sounds logical to you or do you actually know the answer here?

The legal system sometimes has definitions of copying that aren't that straightforward. I've seen in a copyright context judges talk about a computer loading software into RAM being copying.

Intel microcode comes with a license: https://bugs.gentoo.org/664134

link
zajio1am 1108 days ago
> Are you guessing what sounds logical to you or do you actually know the answer here?

IANAL, but this is a general concept of exhaustion of IP rights when the IP is sold as a part of physical medium, see (28) and article 4 of EU copyright directive 2001/29.

> The legal system sometimes has definitions of copying that aren't that straightforward. I've seen in a copyright context judges talk about a computer loading software into RAM being copying

This is handled in (33) of the directive:

"The exclusive right of reproduction should be subject to an exception to allow certain acts of temporary reproduction, which are transient or incidental reproductions, forming an integral and essential part of a technological process and carried out for the sole purpose of enabling either efficient transmission in a network between third parties by an intermediary, or a lawful use of a work or other subject-matter to be made."

link
ThePowerOfFuet 1108 days ago
The term you're looking for regarding the numbers you have in parentheses is _recital_.
link