From f5e21d0c445585aaa282b2a4f8019c452118cacf Mon Sep 17 00:00:00 2001 From: Xe Iaso Date: Thu, 10 Feb 2022 04:37:18 +0000 Subject: [PATCH] GNU Doesn't Care ABout Your Agency Signed-off-by: Xe Iaso --- blog/gnu-your-parent-2022-02-10.markdown | 159 +++++++++++++++++++++++ 1 file changed, 159 insertions(+) create mode 100644 blog/gnu-your-parent-2022-02-10.markdown diff --git a/blog/gnu-your-parent-2022-02-10.markdown b/blog/gnu-your-parent-2022-02-10.markdown new file mode 100644 index 0000000..06dbb9d --- /dev/null +++ b/blog/gnu-your-parent-2022-02-10.markdown @@ -0,0 +1,159 @@ +--- +title: "GNU Doesn't Care About Your Agency" +date: 2022-02-10 +tags: + - gnu + - libre + - rant +--- + +Or: Ubuntu gives the user more agency about how they want to use their computer +than fully libre GNU/Linux distros ever can. + +There are many different kinds of Linux distributions, but today we're going to +think about a certain kind of distribution: ones where the distribution is +totally comprised of free software as much as possible. + +These distributions aim to let users benefit by making it possible to study, +hack at and modify every byte of software on the machine's hard drive. This is a +fairly noble goal, however in the process of doing this they break core parts of +hardware compatibility by "de-blobbing" the kernel. Most of these distributions +have a very paternalistic implementation where the "de-blobbed" linux-libre +kernel is the _only_ option, thus limiting users' agency. + +For example, let's think about the CPU that I'm using right now. The CPU I'm +using is designed to be able to load CPU microcode updates that are distributed +by the manufacturer in order to mitigate bugs in the microcode that released +with the CPU that can cause real-world impact on what I do. Due to Facts and +Circumstances that are immutable for the sake of argument, this microcode is not +open source and cannot be compiled from source code. The linux-libre kernel +removes the ability to load such firmware updates at runtime. + +This means that if something like the FDIV bug or Spectre shows up again but it +can be patched trivially with a microcode update, by nature of using the +linux-libre kernel I am doomed until the base microcode gets updated from the +motherboard manufacturer. If they release a closed-source update that you cannot +inspect or modify. + +This paternalistic view of "you shouldn't be able to load microcode updates +because they aren't open source" means that my CPU will be vulnerable to +potentially critical security flaws and I have no way to work around it. This +ends up creating a _limitation_ in how I use my computer. This is worse than the +limitations of proprietary hardware because there is the illusion of free choice +that the community will spout off about as the next coming of sliced bread. That +still doesn't change the fact that my wifi card won't work without the normal +kernel and firmware blobs. + +Combine this with other things like wifi card firmware (some wifi cards don't +have the firmware stored on the device, they require the OS to send it firmware +at runtime to make it work at all), and you have actually limited the agency and +capability of users far, far more than if you just let them load the firmware in +the first place. + +[Yes, Yes the companies made the hardware this way in the first place and are +responsible for the problem, but telling users they are wrong for wanting it to +work because of an implementation detail about how the hardware updates itself +feels a lot like victim blaming. I am aware of the Talos II being a magical +puppy and rainbow situation where all of this isn't an issue, but sadly the +world just didn't turn out that way and we have to deal with the results of +it.](conversation://Cadey/coffee) + +Consider a situation like wanting to play an online game together with friends, +but through Facts and Circumstances you have an Nvidia GPU and the game is on +Steam with no open source option. If you are using a fully open source operating +system with no capacity to install Steam or the Nvidia drivers, you are screwed +and thus your freedom to use your computer how you want is severely limited. + +This also extends to how those Linux distributions handle things like AWS. AWS +is largely the poster child of a proprietary cloud hosting platform that you are +made to work with as part of your job. Consider if something like Parabola +GNU/Linux created AWS images and gave users a best-in-class user experience for +using them. This would make the net cost of using a highly auditable environment +a lot lower than the current "don't use AWS lol" (which is again really close to +victim blaming), and would also create institutional knowledge that would let +other people benefit from this as a second or third order effect. + +Parabola making AWS images means they can create more generic images, which +means that other people can use those images to do whatever they want with their +own hardware. This lets you have a net benefit to everyone in the project by +decreasing the friction of using it, so it will in turn make users more likely +to adopt it. + +Remember the law of halves. Every additional step in adoption costs you half +your audience. Spinning up an AWS instance to mess around with it is a very +low-friction operation. + +[But you can just not be a scrub and compile your own traitor kernel that lets +you load freedom-violating binary blobs!](conversation://Numa/delet) + +[Then you have to hope your CPU is good enough to build a kernel, hope you can +pay attention to the kernel security mailing list enough to upgrade it when you +need to and finally hope you can upgrade the firmware blobset that the kernel +publishes separately! Hope is not a scalable strategy.](conversation://Cadey/angy) + +If their goal is _really_ to liberate users and make it easy for them to have +control over what their computer is doing, they should make it trivial to escape +hatch into a less "pure" setup without having to install third party +repositories that you just have to know about or sidestepping the upstream +update process to install your own system software. This is more victim blaming. + +The GNU project could be more than a circlejerk around things that the toe +cheese god said in the 80's and 90's. They could have been a source of reverse +engineering tools, institutions and overall inspire the kind of culture that +would make it _easy_ to understand arbitrary hardware, platforms and software +that you either come across or are made to use as a part of your job. + +But they aren't. Instead, Guix, one of their if not their main flagship project +for making a fully GNU system, is addled by the use of the linux-libre kernel. +This makes the kernel fundamentally _incompatible_ with a shocking number of +computers, thus limiting users' freedom to use Guix at all. + +[But wait, isn't there that one nonguix project that allows you to install a +normal kernel and Steam?](conversation://Mara/hmm) + +[Yeah, but talk about that in the main #guix channel and you risk getting +banned. GG. You just have to know that it exists and you can't learn that it +exists without knowing someone that tells you that it exists under the table. +This means that knowledge of the nonguix project (which may contain tools that +make it possible to use Guix at all) is hidden from users that may need it +because it allows users to install proprietary software. This limits user +freedom from being able to use their computer how they want by making it a +potentially untrustable underground software den instead of something that can +be properly handled upstream without having to place trust in too many +places.](conversation://Cadey/angy) + +[That hardware is defective by design and you shouldn't use +it.](conversation://Numa/delet) + +[Wow, thanks, I'm cured. My wifi card magically stopped existing and now +everything is happy unicorns farting put rainbows that spawn free puppies and +everything is saved forever.

Again, that doesn't help me with the +situation that my wifi card doesn't work and I as a user want it to even though +making it work will require proprietary firmware. This shit is how you get +things like the "GPL condom" in the Purism Librem phone, where all the +proprietary firmware is rigged to be loaded automagically in hardware instead of +sofware. This limits your ability to tinker with or modify the firmware _even if +there are legitimate reasons such as critical updates_. So by making the +hardware work with fully free software you have limited the ability to actually +improve the state of the world even with the proprietary firmware the +manufacturer gives you.](conversation://Cadey/angy) + + +[That hardware is defective by design and you shouldn't use +it.](conversation://Numa/delet) + +[Wow, thanks, I'm cured. My wifi card magically stopped existing and now +everything is happy unicorns farting put rainbows that spawn free puppies and +everything is saved forever.

Again, that doesn't help me with the +situation that my wifi card doesn't work and I as a user want it to even though +making it work will require proprietary firmware. This shit is how you get +things like the "GPL condom" in the Purism Librem phone, where all the +proprietary firmware is rigged to be loaded automagically in hardware instead of +sofware. This limits your ability to tinker with or modify the firmware _even if +there are legitimate reasons such as critical updates_. So by making the +hardware work with fully free software you have limited the ability to actually +improve the state of the world even with the proprietary firmware the +manufacturer gives you.](conversation://Cadey/angy) + +Ubuntu gives the user more agency about how they want to use their computer than +fully libre GNU/Linux distros ever can.