Andrey Rakhmatullin <wrar@debian.org> writes: > On Wed, Nov 26, 2025 at 05:53:10PM +0000, Jeremy Stanley wrote: >> You seem to have gotten focused on the "can it boot without >> supplying firmware blobs" question, and I agree that thankfully >> there's a lot of hardware out there that's just fine booting Debian >> on its own. The bigger issue is that major processor manufacturers >> are seeing multiple significant security vulnerabilities annually in >> their microcode. Just in the time that laptop sits on the shelf in a >> warehouse before it gets shipped to you, new security >> vulnerabilities have been announced that it's susceptible to. These >> days it's almost a sort of security malpractice to be "the >> distribution that doesn't patch vulnerabilities in your firmware." > > I'm afraid, repeating the arguments won't convince people subscribing > to the FSF philosophy if it didn't convince them the previous time(s). Agreed. I think a way forward here may be to realize that neither side will convince each other here, as this isn't a simple case of right or wrong, regardless of how much either camp wants to believe they are the only ones who are right on this topic. So I am hoping this repeating of arguments will lead to that conclusion, and that we can grow some acceptance for that situation. I acknowledge the above situation is a serious problem. I also believe using non-free software is a serious problem. For me, the trade-off is to avoid non-free software and accept the risks associated with the hardware. For me, the choice is simple, because risks associated with hardware is pretty much unavoidable these days, and I place my trust in other ways to mitigate consequences of buggy/malware hardware/firmware. For others, the choice is presumably equally simple, and it is to work with non-free software. /Simon
Attachment:
signature.asc
Description: PGP signature