[pjc50]

Incidentally, this is one reason why there's not so much open source hardware out there: people get pedantic about it and apply gradually more unreasonable levels of requirement, rather than accepting partially or substantially open source solutions.

[0xEF]

I can be pedantically forgiving myself, admittedly, but this is one thing I'm staunchly behind. If I cannot read every character of every line of code, including packages/dependencies, that makes the hardware function and allows me to alter it as I see fit, then it is not truly open-sourced.

For me, the open-source movement is about keeping my software and hardware in alignment with my values and security concerns. If there is a part of that "open-sourced" software that is closed to me, I have no way to evaluate that and determine if I want to use it. Yes, this imposes some extremely strict limitations about what I end up with in my projects, but I'm okay with this since it forces me to think differently about certain problems.

I also don't mind that other people use product with closed-source portions or whatever, and in fact, find some of them quite good. I'm a wearer of an original Pebble to this day, and I'm fine with knowing some proprietary libraries are needed to make it go. I didn't build it, I'm not hacking on it, it's just serving my meager smartwatch needs in this instance.

What I do mind is misappropriation of what I consider a clearly defined term. I am not sure why we haven't come up with another term to mean "partially open-sourced" yet (or have we, and I am just not aware of it?) but I think it's time we did so more discerning users can delineate between the two when making a decision about products to purchase or build.

[pimterry]

From the article:

> These non-free software components are not required - you can compile and run Pebble watch software without them. This will always be the case.

This seems like a reasonable balance. They're shipping default distributions with these blobs included, but you can remove them and run the literally completely purely open source version directly instead if you prefer (although it sounds like you'd notably lose heart rate tracking, along with speech recognition & similar).

[123pie123]

The reason why people get "pedantic" about this stuff, is due the ability in the future to get screwed over when the priority blob owner start to charge money or other pull other license crap

[aallaall]

Enshittification. Open source is a valuable guarantee against that.

[npteljes]

1. It's the other way around: because people don't care that much, that's why there is almost exclusively proprietary hardware around.

2. The people who require the "higher grades" of being open source are simply not a large enough market

3. Being open source is not a natural advantage of a product, in fact, it's more of a risk, liability, responsibility, and effort than being proprietary.

Hence, proprietary is the default.

[user3939382]

Read Reflections on Trusting Trust to understand why having little bits of binary blobs sprinkled all over your compute arch is actually a major problem. Just because it’s a hard problem doesn’t mean we’re gonna pretend it’s fine.

[0xEF]

PDF link for those that are curious: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref...

The general sentiment is that you cannot trust code you did not write yourself and that we need to be able to trust the person who did, but you can form your own conclusions about how that fits into the modern tech landscape.

[kchr]

One of the points made in that paper is that you can't even trust the compiler, even if you write the code yourself. I think this is one of the stronger points as it shows you it is unfeasible to require everybody to audit all source code before running it. Be pragmatic, know your threat model, decide who you trust and move on with more important things in your life.

Full disclosure: am free software advocate.

[user3939382]

There’s a way to fix Ken’s problem with zero trust. I’ll release it soon.

[saagarjha]

Reflections on Trusting Trust has never been a real problem, though.

[carlosjobim]

FOSS enthusiasts are the worst customers imaginable. Not only are they pedantic to the absurd levels you mention, they are also political extremists and will start a witch hunt unless you and your entire company does exactly as they say in every matter imaginable.

And worst of all: They are incredibly cheap and don't want to spend any of their money on high quality products or services. Scream at every dollar they have to spend. "I'm better off with this hand-me-down computer that my sister gave me when her office job upgraded machines".

Trying to please FOSS people is like opening a five star budget restaurant for people with complicated allergies. You're going to deal with the worst of humanity and go broke in the process.