[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firmware - what are we going to do about it?

Russ Allbery wrote:
>Jonas Smedegaard <jonas@jones.dk> writes:
>
>In other words, rather than having to do what one does now and choose
>between the free installer and the non-free installer, my understanding of
>option #5 is that there would be one install image, but there could then
>be a prompt asking you whether you want to install non-free firmware.  We
>could even offer a few different options (with the caveat that options
>tend to confuse users, so we may not want to add too many or gate them
>behind an advanced mode):
>
>1. Purely free installation.
>2. Enable non-free firmware in the installer but don't put it on the
>   installed system.  (Not sure how useful this is, but I could see
>   needing non-free firmware to bootstrap from wifi but the running system
>   may eventually not use the non-free firmware.)
>3. Enable non-free firmware and install it on the system but pin it so
>   that it's never upgraded by default.
>4. Enable non-free firmware and enable normal upgrades, similar to adding
>   the non-free archive area today but only adding the firmware archive
>   area.
>
>I think 1 and 4 are the most useful options, and I'm not sure how many
>people really want 2 or 3, but if there are enough people who want them, I
>don't see any technical barriers to adding them.

Nod, exactly. We can add those options via boot flags and menu
options, with later d-i screens too to allow the choice (maybe in
advanced mode). That's probably the easiest way to manage it.

Now, the *default* is going to be the hard choice for us to make. With
the example of blind people using d-i, we'll want to make an easy
option for those people to boot the installer with all firmware
enabled and installed - see the firmware-sof-signed package that
they'll need to get audio prompts during installation.

>I feel professionally obligated to argue that Debian should, *by default*,
>upgrade anything that it installs, since from a security standpoint that
>is the least risky default configuration (with, as always, the caveat that
>there are special cases with different security models for which this
>default isn't appropriate).  But that doesn't rule out a prompt or
>allowing a user to turn this off if they want to.

Yup.

>> I agree that we should make it easier for our users to choose to trust 
>> black magic "stuff" that they need to enable their devices.
>
>> I do not think that we should impose on our users to trust black magic
>> by default, though.
>
>I think this is a somewhat different question than whether we put the
>firmware on the default installation media so that it's *available* if
>users want it.

Nod.

-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
"We're the technical experts.  We were hired so that management could
 ignore our recommendations and tell us how to do our jobs."  -- Mike Andrews
Reply to: