[bayindirh]

I was involved in the discussion, and I'm also torn on that issue, but at least you can disable installation of non-free firmware and install Debian without any non-free software.

On the other hand, firmware is a convoluted issue. It was always present, but became increasingly visible over the years. While I'm a strong Free Software supporter, firmware is one of the hardest parts to convert, because of the IP it entails and trade secrets it embodies.

[jacquesm]

That and the simple fact that without it the hardware you've invested in won't work. So this is very much an individual choice, if you don't have such hardware you are fine but shouldn't be voting on whether or not someone who does have hardware that won't work without proprietary blobs has to go out to buy new gear. There are all kinds of considerations that go in to this decision (for instance: environmental impact) and I'm all for compromise when it helps out others.

At the same time, you have a good point, these decisions are difficult and need to be very carefully weighted. Debian and RedHat are the two distributions that everybody else always ends up following so a major departure from established policy there has potentially huge impact downstream.

[enriquto]

> the simple fact that without it the hardware you've invested in won't work

How is that different from the "if you want to run linux don't buy a winmodem" that we said convincingly twenty years ago ? Would you have approved that linux 2.0 added binary blobs to the kernel in order to correctly work with the hardware that you had invested in (some random winmodem) ?

[jacquesm]

Winmodems had plenty of alternatives, for PCs the choice is usually limited to 'what you were given' or 'what you recycled from a dumpster'. Linux is typically not the first OS to be installed on any given piece of hardware (even if brand new plenty of people pay either the MS or the Apple tax). And because those are exactly the people that benefit from having a working PC I'm all for maximizing their chances. Choice is a luxury.

[Karellen]

> Linux is typically not the first OS to be installed on any given piece of hardware. And because those are exactly the people that benefit from having a working PC I'm all for maximizing their chances. Choice is a luxury.

But they don't have to choose Debian.

If Debian had maintained a strict "Free" stance, people could still use their troublesome hardware out-of-the-box simply by picking another distro that did include non-Free firmware in the installer. There are plenty of them. Like, 99% of all other distros.

Not all distros have to be everything to everyone. It's OK to have a niche.

[realitythreek]

> If Debian had maintained a strict "Free" stance, people could still use their troublesome hardware out-of-the-box simply by picking another distro that did include non-Free firmware in the installer.

This isn’t Debian’s niche though. Like many distros, Debian came with the free repos configured by default, but its had non-free packages available forever and they already had a non-free installation iso hidden away. The line had been crossed forever ago. Now it’s just a friendlier experience.

This is a good thing.

[Karellen]

> This isn’t Debian’s niche though.

Point 1 of the Social Contract[0] is literally "Debian will remain 100% Free"

Please explain how championing Software Freedom would not be Debian's niche.

[0] https://www.debian.org/social_contract

[jacquesm]

Fortunately Debian recognized that being a 'niche' would sooner or later spell the end of Debian and that would be a loss.

[bayindirh]

When you are one of the biggest “root” distributions, and the template of countless big and small time derivatives, you don’t have the luxury to have niche.

When thought with a clear and unbiased mind, Debian did the absolute best they can do.

Add firmware, be open about it, install only when necessary, allow people to opt out when they know what they are doing.

[nunesvn]

We’re on the laptop age, most people can’t pick and choose the components of their computers.

[boricj]

Usually, people first buy a computer and then hear about Linux later, not the other way around.

[5e92cb50239222b]

It's also close to impossible to choose fully Linux-compatible hardware for some of us. Whatever decent Thinkpads there are left are practically unavailable in my country, unless you're willing to buy from foreign sellers without any warranty and pay hundreds of dollars for shipping. Things like Framework are completely unavailable and probably will be for the foreseeable future. I use desktops exclusively so I can pick and choose, but I am in the minority of a minority.

[arp242]

As I understand it "firmware" is essentially just the same as an EEPROM, except that using volatile memory is cheaper and easier to upgrade. No one seems to have great issues with EEPROMs (FSF doesn't anyway), but uploading that same code to the device when it starts is a huge problem? I never understood this, and especially given the huge practical trade-offs the entire thing seems fighting windmills.

The Linux-libre people even removed the warning that the CPU is vulnerable to spectre/meltdown if you don't update the microcode. But ... your CPU already comes with that microcode out of the factory, just a different version of it. How is running an older known to be buggy microcode better?

[jasomill]

Debian distributes firmware stored in volatile RAM because it is either required to use the hardware, or, as is the case for CPU microcode updates, highly recommended for most users.

As far as I know, Debian does not distribute proprietary EEPROM firmware updates at all, as these are generally not required to use the hardware (and, depending on the device and update in question, may or may not be recommended for most users).

In other words, the difference is practical, not ideological.

[pabs3]

Debian distributes fwupd, which accesses the Linux Vendor Firmware Service, which distributes updates for proprietary firmware stored on devices:

https://fwupd.org/ https://wiki.debian.org/Firmware/Updates

[arp242]

Organisations like the FSF recommend that you don't use devices that require "non-free firmware" at all. They don't recommend anything like this for devices with "non-free EEPROMs at all". Stallman himself has stated he has no problem with such devices (I can't find a direct quote on this right now, but I'm 100% sure I've seen Stallman write or say this at time point).

My point was that the entire position just doesn't make any sense: either you reject all non-free software no matter how it's loaded (which means there are very few computers you can actually use), or you just use your hardware with "non-free firmware" that would be baked in anyway and stop worrying about the entire thing.

[blihp]

While I'm glad to see proprietary firmware both included and segregated in its own repo, I'm wondering why RISC-V wasn't added as a supported architecture in Debian 12? It seems like that supporting at least an open ISA would move closer to the possibility of what Debian wants to see happen... so why isn't it as a distro helping to make it happen?

[seba_dos1]

It's simple - because the port is not ready yet.

The plan is to have it ready for Debian 13: https://lists.debian.org/debian-devel-announce/2023/06/msg00...

[pabs3]

At the end of the day, this was because the hardware ecosystem (and the hardware support in Linux/bootloaders/etc) isn't really "ready" yet, and also there was slow and unclear communications between the porting team, the core Debian teams and one of the hosting providers. Eventually the teams provisionally approved the port, but after that the needed actions weren't done in time for the archive-wide rebuild that happens during the process of an unofficial port becoming official. I'm not on the porting team, but am on the Debian sysadmin team, and tried to speed up the process and make it more transparent. Debian contributors are mostly volunteers, so things take time.

[blihp]

Sorry for the lag in my reply (I just noticed your response)... I very much appreciate the info as I found the lack of official RISC-V support in 12 surprising. I hadn't read about the blockers to being ready for the release which makes perfect sense. Looking forward to seeing in in 13!

[teddyh]

https://wiki.debian.org/RISC-V

[blihp]

That doesn't answer the question. It's still 'unofficial' per https://wiki.debian.org/SupportedArchitectures

If you want the maintain the status quo you support the hardware that has the most users, if you want to change it you also support the hardware you want them to use.

[bayindirh]

In Debian, there's no single entity which decides on things. There are rules, and processes.

The relevant documentation is here: https://wiki.debian.org/PortsDocs/New

Also, the rules for becoming an official port is here: https://ftp-master.debian.org/archive-criteria.html

When RISC-V satisfies the relevant criteria, they can become official.

Also, maintaining a port is tremendous amount of work. Debian users only see the tip of the iceberg. There's so much beneath that.

[teddyh]

Who is the actor in this scenario who wants to change the status quo and therefore support the RISC-V platform in Debian? I.e. who are the people with the motivation to do that?

[blihp]

The Debian project has been historically a vocal proponent for open hardware/firmware/drivers etc. and here we are in 2023 having Debian somewhat controversially acknowledging that proprietary firmware may be required at least by some users, to some degree. So I am suggesting that if they really want to get there that they might need to help facilitate the change they would like to see.

Is RISC-V the be-all, end-all? No, but it could help them get a lot closer than they're likely to get with any of the proprietary ISAs.

[teddyh]

Debian is not a general advocacy organization. Debian produces the Debian GNU/Linux distribution, and that’s mostly it. The incentive to do the work necessary to add a new architecture to Debian must, in general, come from outside Debian itself. Debian will probably not, as a project, go around looking for new architectures to add. Debian depends on other people doing the work and presenting it to Debian, which will then distribute it if it is good enough. Debian will only have the motivation to work on including a new architecture if it is an obvious lacking feature of Debian – say, if every other Linux distributions supported an architecture, and it was widely used, but Debian did not support it, then the Debian project would have an incentive to work on it. But not before.

This is just like Debian generally does not write new useful software to put into Debian, and instead depend on outside, “upstream” authors to write software. Some other organizations, like FSF and its GNU project, will have advocacy roles, and do have the incentives to write new software and to help porting to new architectures. It is there that the motivations for this work must be found. Of course, individual people can be involved in more than one organization, and many Debian people happen to be enthusiastic advocates, and will in fact often do this work. But the reason for them doing this work is not, mostly, rooted in them being a part of Debian.

Therefore, and this is my point, if you want this work to be done, you can’t exhort Debian to do it. It will not work. Ask instead why someone else, whom you think should be motivated to do the work, does not do it.

[pabs3]

Even the open firmware that does exist has some major issues (like needing a proprietary compiler) or the hardware that it can run on it checks for Intel signatures, or only exists on archive.org, or is packaged in Debian but not properly built from source code, or exists but is only useful for obscure/ancient hardware that only people who want libre firmware buys, requires a forked compiler/toolchain to build, etc. Basically, open firmware is a hard problem and there aren't a lot of people with the skills and interest in doing it. I'm trying to at least document what exists on the wiki, anyone know of more projects?

https://wiki.debian.org/Firmware/Open

[pjmlp]

RISC-V doesn't close the door on proprietary extensions.

[mikae1]

> you can disable installation of non-free firmware and install Debian without any non-free software.

Including but making it optional was an excellent decision. Those who need will get what they want, those who don't will have the same result as with Bullseye.