XPost: linux.debian.project

[email protected] writes:

I urge Debian to rethink its decision to officially include non-free
firmware and correct the social contract. Instead of making non-free
firmware the default, Debian should ensure that users consciously
choose to install it while being made aware of the implications.

I agree and would personally come back to use Debian on some of my
laptops if there was a supported way to install Debian from official
installer images that did not promote non-free software by including
firmware on them.

The recent AMD Microcode vulnerability is a good case-study on the
dangers of permitting non-free code to run on your CPU:

https://bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking

There is no way for me as a user to audit that the Debian installer
images is not including vulnerable microcode, since source code for the firmware is not available.

My perception is that the Debian developer community rejected this, and
I'm not sure people are ready to reconsider just yet (the trend seems to
be the opposite way). Fortunately there are good libre alternatives in Trisquel and Guix available for recommendation meanwhile.

/Simon

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfLPBEUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFoiPWAQD4UdLIa71a aa+kPUzv+D6htMN2SokJAJKDQf9Gc90wTAEA4C/36xBNJl25dCaen5CMObTQBnTH eJQ16dwSUSsSFQA=
=/FOq
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: linux.debian.project

Bill Allombert <[email protected]> writes:

Le Fri, Mar 07, 2025 at 07:33:53PM +0100, Simon Josefsson a �crit :

[email protected] writes:

I urge Debian to rethink its decision to officially include non-free
firmware and correct the social contract. Instead of making non-free
firmware the default, Debian should ensure that users consciously
choose to install it while being made aware of the implications.

I agree and would personally come back to use Debian on some of my
laptops if there was a supported way to install Debian from official
installer images that did not promote non-free software by including
firmware on them.

The recent AMD Microcode vulnerability is a good case-study on the
dangers of permitting non-free code to run on your CPU:

https://bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking

Do not fall for the marketing. What was broken was the DRM which
forbid you to fix the firmware on your own CPU. This is no more a vulnerability than letting you boot your own OS.

My point was that there is no reasonable way to gain confidence about
security properties of any piece of non-free microcode. Everyone can
now produce AMD microcode that corrupts your machine in advanced ways
that evade detection, but we don't know if such malicious corruption is included in the official microcode. Having source code for the
microcode would help gain confidence in it, and is the reasonable
request. If the request is denied, I would consider the vendor not
trustworthy and look into options.

This is a similar vulnerability as installing a non-free operating
system like Windows. You essentially have to trust the vendor to
provide you with software, which you have no good way of auditing and ultimately end up in their control. It wouldn't be a big problem if
software were free of vulnerabilities and never needed updates, but just
like Windows has had bugs, microcode have bugs.

https://www.gnu.org/philosophy/free-software-even-more-important.html

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfMO24UHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFonwVAP0Zf4nPCFSN 4fkSt/sPnLrqBPtjthzGAcz5Eye1o0umYAD/X79kQ70LqnG+N2Dl+xkNpAUWOsXs FI3+N0jL/YMsPgY=BS98
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: linux.debian.project

Le 8 mars 2025 13:43:26 GMT+01:00, Simon Josefsson <[email protected]> a écrit :

Having source code for the
microcode would help gain confidence in it, and is the reasonable
request. If the request is denied, I would consider the vendor not >trustworthy and look into options.

How about you try asking the vendors for that instead of speculating ?

Unless you come back with very unexpected good news you definitely need to look for alternatives.

As for Debian as a project we've voted on the topic not so long ago and decided we want to ship available firmware with the default installer. I don't see which new bits of information would make us vote differently now.


Happy hacking,
--
Aurélien

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: linux.debian.project

Hi,

Quoting Simon Josefsson (2025-03-08 13:43:26)

My point was that there is no reasonable way to gain confidence about security properties of any piece of non-free microcode. Everyone can now produce AMD microcode that corrupts your machine in advanced ways that evade detection, but we don't know if such malicious corruption is included in the official microcode. Having source code for the microcode would help gain confidence in it, and is the reasonable request. If the request is denied, I would consider the vendor not trustworthy and look into options.

I do not understand something about this argument.

If you don't trust the vendor, then it makes no difference whether or not new official firmware/microcode can be uploaded/flashed or not. If you don't trust the vendor, then the initial microcode that came with your device might already be doing things that go against your interests.

Of course we cannot have much confidence in a piece of microcode of which we do not have the source code. But we also cannot have much confidence in a piece of hardware with non-flashable firmware of which we don't have the vhdl/verilog sources. So what is the difference?

If I don't trust vendor X, then I cannot buy hardware from them independent of whether or not the vendor allows me to flash proprietary binary blobs from them. If I do trust vendor X, then why would I not trust their proprietary binary blobs?

I do not think you will find many on this list who will disagree with the sentiment that it would be great if we had sources, schematics etc for many more things. On the other hand, I don't think you can currently buy a device that is capable to run, for example, a modern web browser and is fully open. This is why I voted in the last GR as I did. I'm typing this on an MNT Reform which is probably among the most open computers you can buy today but the chips in it are *not* open silicon. Yes, it would be great if they were and it would be great if the firmware blobs I need would not be proprietary. But I already chose to trust the manufacturers of the chips in my laptop or otherwise I would not be typing these lines. Why would I trust the silicone from vendor X and distrust the firmware/microcode from vendor X? Having non-free-firmware enabled by default in the Debian installer just continues pursuing a trust relationship you already decided on entering when you bought the hardware, no?

Thanks!

cheers, josch
--==============!80789827527662687=MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Description: signature
Content-Type: application/pgp-signature; name="signature.asc"; charset="us-ascii"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEElFhU6KL81LF4wVq58sulx4+9g+EFAmfMS10ACgkQ8sulx4+9 g+GowQ//VqllrUsml4ebAKdWCwrW/tuo5lAY4SdfPuQnsev4oyoGU6xOcWOlQA49 jEzDbFhmQ/T5f+FR6/vX5idtl/syQCoSs+lmRKZrpHxyFpAK9TkH79RTN4/YkIs3 cqBN+hrHlUB6kIXAmVoK07MwfXvRVhMlh4jMng2PC8+rHq7KYTL2aSIlDELv+Kbi mjBIG6QiEtMHS+oGB3f+bYXeSMobLCkM/OxyMPS/08CDAfd8LjiYQev0q4LlZ+9o 09gz1LoR+i+lrhaRus74kv01KdvY8rG2uuEMxlt9zW16n0cGraXJ8Ld562IeEm31 BMeNqLz2rBnFSK5qtBIDYMbGwGmARwVl5GNFa/pIUyd/TL6qe4cuXPKSHzRr73n4 uSQwAaefqpjrOTY4kNbwNB5RGMocUC9aanwfa3di3SrPB5DLIBvgrusuBhMbaFEA AmwOKv2I4RhZDswKk8F7flvAy9v1FwSAUmmoeAwum+T9A+5tIyU+nHebH3PwqIiU lAfEuhgcyxn0VVNZMujex7rOUCjCUyvfnjx1+fIpYhQmnKOSvr0rcFwOhAuME3lh pmsOLvpVFCSobZzfb7gd2lzWSsaPXhlnyCovxb45GJrDcTmxRJ5spZXkiEcJgWlE 8RpEPGWYvW3ENoOpH4T89a0vfIhVf6LCoEjrt0M78TfxWpmDAh8=
=X/J3
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: linux.debian.project

Johannes Schauer Marin Rodrigues <[email protected]> writes:

Hi,

Quoting Simon Josefsson (2025-03-08 13:43:26)

My point was that there is no reasonable way to gain confidence about
security properties of any piece of non-free microcode. Everyone can now
produce AMD microcode that corrupts your machine in advanced ways that evade >> detection, but we don't know if such malicious corruption is included in the >> official microcode. Having source code for the microcode would help gain
confidence in it, and is the reasonable request. If the request is denied, I
would consider the vendor not trustworthy and look into options.

I do not understand something about this argument.

If you don't trust the vendor, then it makes no difference whether or not new official firmware/microcode can be uploaded/flashed or not. If you don't trust
the vendor, then the initial microcode that came with your device might already
be doing things that go against your interests.

Of course we cannot have much confidence in a piece of microcode of which we do
not have the source code. But we also cannot have much confidence in a piece of
hardware with non-flashable firmware of which we don't have the vhdl/verilog sources. So what is the difference?

These are good questions and I believe that if you can see that there is
a difference between the two positions, it is easier to appreciate the
need for fully free operating systems, and that not offering fully free
Debian installer images (even as an option) is problematic.

Many years ago I also reacted the same way you and many others do --
"there is no difference between the act of loading non-free firmware
into my hardware and then using it compared to the act of using my
hardware that contains non-free software in it".

However I have come to realize that, yes, there is a significant and fundamental difference between these two cases.

I'm not good at explaining this difference, and I believe the reason so
many still believe there is no differeence between these positions
suggests that we need better ways to articulate the difference. I'm
sure most people here are familiar with RMS' argument on this:

https://www.gnu.org/distros/free-system-distribution-guidelines.html

The way that I came to understand and appreciate the difference between
the act of loading non-free firmware into hardware, and the act of using non-free firmware in hardware, is to first acknowledge that hardware is different from software. Software people often think that their ideals
on how to design things should apply equally to hardware. Hardware
people often think the reverse. I've seen these patterns collide many
times, notably when I was involved with Yubico. The escape mechanism is
to acknowledge that there has to be different ideals. You don't have to
design hardware the way you design software, and vice versa. If you are
stuck applying the same ideals for both concepts, it is harder to work
out what is right for software and what is right for hardware
separately. And harder for experts to work efficiently within their own
area.

So what are good ideals for software? There are many patterns to
subscribe to, but I believe https://www.gnu.org/philosophy/free-sw.html
and https://www.gnu.org/distros/free-system-distribution-guidelines.html
are worthy to aspire to. Non-free firmware doesn't belong here.

I'm not a hardware person, so I'm less confident what good designs for
hardware should be, and it seems there is less consensus what the
desirable properties really are. One fundamental property that I would
like is that I want to be able to examine and modify all steps that
ultimately lead to production of the hardware. I'm sure there are more properties that are desirable. It is easy to see that this is a
required but not sufficient condition: otherwise you can end up
producing a closed device ecosystem like an iPhone.

If I don't trust vendor X, then I cannot buy hardware from them independent of
whether or not the vendor allows me to flash proprietary binary blobs from them. If I do trust vendor X, then why would I not trust their proprietary binary blobs?

One difference is that you could chose to trust their hardware (CPUs)
but don't trust their software (non-free firmware).

Consumer level protection in society is generally different when I buy a hardware product compared to if I'm granted a license to use some
software. If I buy a bike or helmet it has to meet certain criteria for
it to be allowed to be sold (at least where I live) but different laws
apply if I use a piece of software under some legal terms of services.

Just because I place trust in entity X for the purpose of A doesn't mean
that I necessarily must trust entity X for the purpose of B. That is
the slippery slope that vendors want you to walk into so they can
excercise more control.

I do not think you will find many on this list who will disagree with the sentiment that it would be great if we had sources, schematics etc for many more things. On the other hand, I don't think you can currently buy a device that is capable to run, for example, a modern web browser and is fully open. This is why I voted in the last GR as I did. I'm typing this on an MNT Reform which is probably among the most open computers you can buy today but the chips
in it are *not* open silicon. Yes, it would be great if they were and it would
be great if the firmware blobs I need would not be proprietary. But I already chose to trust the manufacturers of the chips in my laptop or otherwise I would
not be typing these lines. Why would I trust the silicone from vendor X and distrust the firmware/microcode from vendor X? Having non-free-firmware enabled
by default in the Debian installer just continues pursuing a trust relationship
you already decided on entering when you bought the hardware, no?

Right, I see that if you don't appreciate the difference between these
two cases, it is reasonable and logical to regard non-free firmware as unproblematic.

/Simon

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfMVgsUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdForSwAQDs5xlV70t3 linIztZW9VjbifMd/bsN7u7DCOSb6qTvDAEA4jUQR+AWjo7OfdPZfN2oytsfwO/s 48MhVJ4HAq+k7gM=
=lPMH
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Bill Allombert <[email protected]> writes:

True, but the GR does not prevent Debian of providing a second set of installer images. What is required is someone to do the work, as usual.

We already had those images before. The winning choice said:

We will publish these images as official Debian media, replacing the
current media sets that do not include non-free firmware packages.

There was another almost identical choice on the vote that instead said:

We will publish these images as official Debian media, alongside the
current media sets that do not include non-free firmware packages.

I read this outcome as fairly clear message that, no, Debian does not
want to provide a second set of installer images, and is not interested
in contributions to make them. This triggered me to reduce Debian usage
and contribute more to the Guix and Trisquel projects (the latter build
udebs from Ubuntu packages and maintain a debian-installer fork).

/Simon

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfMo9wUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFoguGAP408thwaMY9 HQx6IH2s8B+spZC+2qOxVSImhoesfly1FQEArR/nIHSuy25/xiGRr7kpT9mS6jrk R5OuAla9fgc3igs=
=OSBZ
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Le 8 mars 2025 21:09:00 GMT+01:00, Simon Josefsson <[email protected]> a écrit :

I read this outcome as fairly clear message that, no, Debian does not
want to provide a second set of installer images, and is not interested
in contributions to make them.

Your positions in this thread try to make it sound much more black and white than it needs to be, than the GR text is written and than my reading of the current consensus in Debian.

Like others have said you can start working on alternate fully free images. We've seen in the thread that there's interest in it. (I would use them. I did like the fully free images although I would knowingly install firmware on top of them.)

What the GR says is that you cannot dump that work on the shoulders of the people currently maintaining the installer, coordinating the releases…

That you're trying to impose so many preconditions before even starting the work is OTOH an indication to me that you're not really interested in doing it in the context of Debian.


--
Aurélien

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Aurélien COUDERC <[email protected]> writes:

Le 8 mars 2025 21:09:00 GMT+01:00, Simon Josefsson <[email protected]> a écrit :

I read this outcome as fairly clear message that, no, Debian does not
want to provide a second set of installer images, and is not interested
in contributions to make them.

Your positions in this thread try to make it sound much more black and
white than it needs to be, than the GR text is written and than my
reading of the current consensus in Debian.

Like others have said you can start working on alternate fully free
images. We've seen in the thread that there's interest in it. (I would
use them. I did like the fully free images although I would knowingly
install firmware on top of them.)

What the GR says is that you cannot dump that work on the shoulders of
the people currently maintaining the installer, coordinating the
releases…

That you're trying to impose so many preconditions before even
starting the work is OTOH an indication to me that you're not really interested in doing it in the context of Debian.

I would be happy if my perception of the situation is wrong, and that
fully free official debian installer images was a welcome contribution.
Is that really the case?

My reading of the vote outcome is that Debian Project made a "statement
on an issue of the day" that there would be no more fully free images:

The Debian Project also makes the following statement on an issue of the day:
...
We will publish these images as official Debian media, replacing the
current media sets that do not include non-free firmware packages.

This won over the alternative that permit both as official media:

We will publish these images as official Debian media, alongside the
current media sets that do not include non-free firmware packages.

What is the mechanism to issue a new statement on an issue of the day?
Does it require a new vote? What I'm looking for is to confirm a shift
of sentiments towards a position like this:

We will publish images with non-free firmware as official Debian
media, and encourage contributors who are interested in fully free
installer images to offer them separately and that these are also
considered official Debian media.

Andy Cater's post is hard to parse for me. Andy, did you intend it as a sarcastic comment about something that has been beating to death too
many times already and has no chance of becoming reality? Or was it a
real invitation for discussion and accept contributions? My earlier interactions about this issue were stuck on a deal-breaker:

Andy Cater:

Please feel free to pick up the code and generate the second set of installer images, maintaining the code to exclude non-free-firmware.

If I understand what you imply here correctly, this is still a problem.
Proper fully free images cannot be generated by going through an
intermediate step that involve non-free software.

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfMwcgUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFoq/TAQCMVoH1H0d5 366W4QwIP1tQpHQzXdWARjPRB6CP63oZOwEA3MPe/r6H+afO8Fzj3tsMSov0RY0B KzKKrO9lKR1Mzw0=U9n7
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Matthias Urlichs <[email protected]> writes:

On 08.03.25 21:09, Simon Josefsson wrote:

I read this outcome as fairly clear message that, no, Debian does not
want to provide a second set of installer images, and is not interested
in contributions to make them.

Another way to look at this outcome, and the one I personally prefer
by a wide margin, is that it'd be very cool to have them, but at this
time their utility is … questionable, given that I personally own zero
(out of umpteen) computers that would work with such an image.

Not my NAS, not my router, not my laptop, not the Raspberry Pi that's controlling my home's heating system. Or the other Pi behind the TV;
said TV is a far worse problem from a free software PoV than a few
blobs of firmware, but I digress.

So why should a GR compel us to build a second set of images which
most people cannot use anyway?

On the other hand, if you want to spend some time building those
images, fine, go ahead; if and when those images are actually usable
for a relevant subset of machines out there, *then* we can might want
to revise our decision.

It will always be possible to find machines where fully free installer
images cannot run on. This was the case 30 years ago and most likely it
will be the case in 30 years. It seems the disagreement is if that fact
should influence Debian's decisions on what to provide to its users. It
used to be "no", but now it is "yes" which is a bit ironic since I find
it easier to find suitable hardware today than it was 30 years ago.

Our experience seems to differ, I now run Trisquel and Guix on many of
my home and machines and servers. For my uses they all work without
non-free firmware. You have to be careful about what hardware you buy,
and chose your use-cases. And, yes, I use modern hardware -- i9-14900K
on desktop, i7 1260P and Ultra 155H in my two most used laptops,
ARS-111M-NR and Talos II on the server side, as well as a bunch of aging
Dell R630's.

I fully understand if people who work on debian-installer and installer
images don't want to spend time on supporting fully free images. I
don't envy that task, and many thanks for what has been achieved! My
request is not so much about asking them to break their shoulders with
more heavy lifting, but for the project as a whole to not drive away
folks with statements of the effect that a fully free Debian is no
longer a project goal. My perception is that people are not ready to reconsider their positions, and that the vote gave a clear message, but
I may be wrong.

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfNlXMUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFoun7AQDq8puZkQj+ XxZTU84q8Pul/foFsJlfoCBO3BCN7xVO6gEA9tZ8CyIgYkIj47cDBMCcnx2G1oHG MM/sO1TpywPzvg8=2OVn
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Ansgar 🙀 <[email protected]> writes:

Hi,

On Sun, 2025-03-09 at 14:19 +0100, Simon Josefsson wrote:

Our experience seems to differ, I now run Trisquel and Guix on many of
my home and machines and servers.  For my uses they all work without
non-free firmware.  You have to be careful about what hardware you buy,
and chose your use-cases.  And, yes, I use modern hardware -- i9-14900K
on desktop, i7 1260P and Ultra 155H in my two most used laptops,
ARS-111M-NR and Talos II on the server side, as well as a bunch of aging
Dell R630's.

This class of hardware *requires* non-free firmware. Lots of it, at
every system layer.

Agreed. However none of that hardware require me to load non-free
firmware from my operating system, which is my point. That situation is sufficient for me to accept to use the hardware and install an operating
system built without non-free software on it.

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfNrLMUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFovGaAP9WKYhgsFMY bP0Gn+gdtxpREOJJaP8TGDGbl5QrqV2ZogD/cDfdB6/CiGe1AwJ3Zm6Op9ew/GvW +WbPVrjYnNN82ww=YIK6
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

"Andrew M.A. Cater" <[email protected]> writes:

On Sun, Mar 09, 2025 at 03:58:59PM +0100, Simon Josefsson wrote:

Agreed. However none of that hardware require me to load non-free
firmware from my operating system, which is my point. That situation is
sufficient for me to accept to use the hardware and install an operating
system built without non-free software on it.

Simon,

Installing using the Debian installer doesn't *require* you to carry on
with the firmware. You can readily remove it - especially if you use the expert install - you are not required to enable the repository in your /etc/apt/sources.list and so on. The installer does list the firmware suggested for install to enable all devices - you don't have to take
that suggestion.

So - if you don't *see* the need for firmware expressed and firmware is already in the machine you install on, that's fine?

While this may be fine to you it is not fine to me, and it is fine to
disagree on that. We've had this argument before, and I don't think
either us will change opinion. The situation you describe is one
motivation for efforts like linux-libre, Trisquel and Guix, and the
other FSDG-compliant distributions. My hope is that the sentiments
towards fully free installer images will change in the Debian project
and that they eventually may be official again. I believe the
supply-chain concerns with non-free firmware will trigger this happen,
but it seems we are not there yet.

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfNwkcUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFoot5AQDTEZ4YRxQI LkGglSjORMGHHX8EhlLJUOnLhSsdVOPxTgD+KcqpYHKb6JwCyx4HGsuM6LpGlSHq 2nWzKjLxB3c89gE=xl2o
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Ansgar 🙀 <[email protected]> writes:

Hi,

On Sun, 2025-03-09 at 15:58 +0100, Simon Josefsson wrote:

Ansgar 🙀 <[email protected]> writes:

Hi,

On Sun, 2025-03-09 at 14:19 +0100, Simon Josefsson wrote:

Our experience seems to differ, I now run Trisquel and Guix on many of >> > > my home and machines and servers.  For my uses they all work without
non-free firmware.  You have to be careful about what hardware you buy, >> > > and chose your use-cases.  And, yes, I use modern hardware -- i9-14900K >> > > on desktop, i7 1260P and Ultra 155H in my two most used laptops,
ARS-111M-NR and Talos II on the server side, as well as a bunch of aging >> > > Dell R630's.

This class of hardware *requires* non-free firmware. Lots of it, at
every system layer.

Agreed.

So we agree that pretty much all hardware requires non-free firmware
these days.

Right, in the sense that they embed non-free software in the hardware.

None of those machines require them to be loaded by me as a user for
them to be useful to me.

This distinction is important to me.

However none of that hardware require me to load non-free
firmware from my operating system, which is my point.  That situation is
sufficient for me to accept to use the hardware and install an operating
system built without non-free software on it.

What is the point of this then?

For me there are several reasons for wanting this, which ought to be understandable for anyone reading this thread. The supply-chain
security trust concern of non-free firmware is a hot topic right now.

It is fine to disagree that these are concerns worthy spending time on
within the Debian project, which is my perception of the vote outcome.

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfNvzAUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFog2hAP0fQHIlwbQH ZI73v1aRFZywMCTQyzFxArDScxeQ9MxoggEAzRerhjRqfqGDMdvBuJV6BUr0MyCL CkgCd6Gn1O+ZDg4=s2Ks
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi Simon,

Simon Josefsson <[email protected]> writes:

While this may be fine to you it is not fine to me, and it is fine to disagree on that.

If there were a method of building images that did not touch the
non-free components, I presume that would satisfy you.

Let's say that we could make that image bit-for-bit reproducible with an
image that was produced by taking the normal with-nonfree-firmware
image, and filtering it somehow (e.g. overwriting the non-free bits with
zeros, say).

Would you object if the normal way of generating the image was to apply
the filter, rather than build it in parallel?

If that would be OK, then one could have something that applied the
filter to our normal images to provide people with the images you want,
while not require duplication of building and storage.

People could always confirm that they were getting the same result as
building without the nonfree firmware by doing it themselves, and
checking things matched.

Is that something that would work for you?

Cheers, Phil.
--
Philip Hands -- https://hands.com/~phil

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3/FBWs4yJ/zyBwfW0EujoAEl1cAFAmfOEHQACgkQ0EujoAEl 1cDqoBAAslpu7zdt4LW4kxuO0g6O7E9bvMKfW20aIQ86sMmfuSz2Tawv/VePfPjq eDsAxfuwNJg8YVvJyxX6wgSQYA1dFRAmcFuunAbuwmBLeDIspGtEebOddfITbPDn 5jBT7bSVYuO25cB95Ge2fBwftYkjIoXV5Gyikky07DNwNyFXELzlyT83OIWtROol b0H4HrQ6zEFhAEBKggv0OM0g6Qmx3wGnJhR6RMfMqntU0Sf718z8za9BdBtt2vR5 MhgZKCp/wuJV0DCZmWF3vgfO46ppMMxhWqwiz7kh99co1dscXsMcU+JJLyJj+vv/ q5B9g3gXhkzWsrQ1FjSRCYA7DLvSCWN5L62h2miVPeElQ8EYLmV5jDu6PCfTDAe3 2mlELjc8CLoei+ydHkX83SnjhhShbIzaCqNGGDfK20OPXlEnBcRmECEZYOv0ugvv 3v45yCrDtRwW4Y/uiocRbjpREXfu6FxktXMFbCvRtHiA5IIH8rvO5RboAWHKBf16 I5UZ+LSwRjt6S07lWNzrSyQwYo444klARe5RkvENGzy6XUOWc8P21fCOT4wozyGl xqewZxbVl2R6lAIfoLtM4Q9FqoXIcTYVw3PaDtt/c+4KXgy7sYmohgSnOGc/tnrF stXzFmQWoFGT9+32EzEFS5wltDBED+mx0EfMkMmZPA2rzB5kXDA=kFwV
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gatewa

Philip Hands <[email protected]> writes:

Hi Simon,

Simon Josefsson <[email protected]> writes:

While this may be fine to you it is not fine to me, and it is fine to
disagree on that.

If there were a method of building images that did not touch the
non-free components, I presume that would satisfy you.

That sounds good!

Let's say that we could make that image bit-for-bit reproducible with an image that was produced by taking the normal with-nonfree-firmware
image, and filtering it somehow (e.g. overwriting the non-free bits with zeros, say).

Would you object if the normal way of generating the image was to apply
the filter, rather than build it in parallel?

If that would be OK, then one could have something that applied the
filter to our normal images to provide people with the images you want,
while not require duplication of building and storage.

People could always confirm that they were getting the same result as building without the nonfree firmware by doing it themselves, and
checking things matched.

Is that something that would work for you?

This is better, assuming the "doing it themselves" property is actually confirmed.

Your idea is really clever!

My assumption all along has been that the presence of the non-free
firmware in the build process "taint" the resulting image in a way that
makes it impossible be able to 1) zero out the non-free firmware bits
from the resulting image, and at the same time 2) be able to separately
build a bit-by-bit identical image using only free software and that
this image would become identical to the zeroed out image.

But you made me realize this is not impossible at all, it is just a
Small Matter Of Programming.

You could turn this around: how about building the images without
non-free software, and replace the zerod out bits with the non-free
firmware on final preparation of the non-free images? Then your normal
build process is not tainted by the presence of non-free software.

I don't think the above fully resolve my concerns though. The mere
presence of official documented hooks to load non-free software is
problematic from a freedom perspective. They are the enabler of the
slippery slope that leads to including non-free software by default.

Meanwhile I looked into the debian-cd project to experiment with
building images myself. Why aren't the images built in a Salsa
pipeline? Yes I understand that 20 years ago the resources required to
build the images were large. But today people build large projects in
GitHub Actions. What artifact size are we talking about? Looking at
the summary of official images at https://www.debian.org/CD/http-ftp/ it
seems like around 50GB? What is the build time on a powerful machine?
I would start to worry about the design feasability of running this in a pipeline when the total size of artifacts from a single build is larger
than 4TB or if a single serialized job would have to run for more than a
couple of days. I'm probably missing some combinatorical explosion of
varaints that increase the total size, but there is also no requirement
that all images are built like this. I would be satisfied if the
"netinst" variant for all architectures could be reproduced from purely
free software, in a Salsa pipeline, and that seems to be a 5-10GB
artifact unless my math is off.

I worry that the builds require other non-reproducible/free steps
though. A signed boot shim where the private key is not replaceable by
a user-controlled key is equally problematic as non-free firmware.
Trisquel and Guix avoids these, and I recall seeing stuff like that in
Debian -- https://tracker.debian.org/pkg/shim-signed -- but it is good
to know that we have more things to work.

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQNnBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfOt28UHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFokqjAQDBgZFr9cZg mdDmXu7FTCdQwH4/1ye3yVcSonUMQwgivgD4tRCsHzv+pBoI6ADZA/S3hS4CnQ7c 9d3ZDwVU0AVBBQ==ILc1
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Marc Haber <[email protected]> writes:

I still haven't heard arguments why people refuse to use an installer
that comes with non-free firmware, asks whether this firmware should
be used, and if answered "no", none of this non-free firmware ends up
in the installed system. The resulting system is free regardless
whether there was non-free firmware on the installation images.

https://www.gnu.org/distros/optionally-free-not-enough.html

https://www.gnu.org/philosophy/install-fest-devil.html

The arguments are available but not everyone is convinced by them.
Similar to that the arguments for free software exists but not everyone
is convinced by those arguments and instead prefer proprietary software.

/Simon

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfOxVwUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFoo+0AP9Z450o3dWH +/impKiXnZ8iQtSBlSGj9cRTQ8NC9mnZpAD+MOK+WZcj3huWaMqqQanEqed/v6gr VrTG+tr3HKVDdAo=
=9ReZ
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Quoting Marc Haber (2025-03-10 13:38:05)

On Mon, Mar 10, 2025 at 09:33:55PM +0900, Simon Richter wrote:

We've reached the point where people are shitting on nV for the
quality of their drivers, and a kernel that has closed-source drivers >loaded is "tainted", and the last release in which we shipped
ndiswrapper was buster.

That happened because those solutions were all incredibly painful,
depending on the kernel version in use, losing compatibly during every second kernel upgrade, and didn't work cross-architecture. Users hated
that.

non-free firmware is silent and painless. Users don't care.

tl;dr: The situation is totally different, we should not compare apples
and peaches here.

Back then some users didn't care to fix things and some found it worthy
of pouring hard work into.

Similar today.

- Jonas

--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
* Sponsorship: https://ko-fi.com/drjones

[x] quote me freely [ ] ask before reusing [ ] keep private --==============u78136458529597187=MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Description: signature
Content-Type: application/pgp-signature; name="signature.asc"; charset="us-ascii"

-----BEGIN PGP SIGNATURE-----

wsG7BAABCgBvBYJnzuteCRAsfDFGwaABIUcUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmd52No8WzOKPcfQPFhoui7XYKgCh8xdqsX12BqPqE37 0hYhBJ/j6cNmkaaf9TzGhCx8MUbBoAEhAADi1Q/+NHnCtw5U0D/YKe3C5Savh0jn klCQG16VblgQpE/dnkHxrw7t3f4B9Vc+VLjX46UCbXNLiCeN4vhHboIgDjh4WA20 /yidlN/quuydcKb09kD/c7R1UAs1g8nho/eE6o2mfkHFjZ7OSmgBCZbbmKpZXmv/ HLkQuYeRWf4f0VlzQLP9l6eYVhv2cXrUtM2Sn0etJby+2ayv2Cp2nAF4+ilXZtd2 AJh2tIrJWJeMRq3NffkslcjFsT/Rr8w42Fm5ATc69M6zgVNW/GMNNeJoaFmoF4RI 9lCx4o8EsOkxkLAmcv7mmMRjy4sPtiETmTM86fZw9i05XYxhcSUhqYI4ydQVzMeR m4iea0yrNs11y1JCu+z9ZjLku2lWySdl6a2k+P4D

Simon Josefsson wrote:

Philip Hands <[email protected]> writes:

Let's say that we could make that image bit-for-bit reproducible with an
image that was produced by taking the normal with-nonfree-firmware
image, and filtering it somehow (e.g. overwriting the non-free bits with
zeros, say).

Would you object if the normal way of generating the image was to apply
the filter, rather than build it in parallel?

If that would be OK, then one could have something that applied the
filter to our normal images to provide people with the images you want,
while not require duplication of building and storage.

People could always confirm that they were getting the same result as
building without the nonfree firmware by doing it themselves, and
checking things matched.

Is that something that would work for you?

Yeesh. That gets messy - live images include firmware in the squashfs,
for example. Simply replacing things with zeroes is not *quite* enough
here.

...

I don't think the above fully resolve my concerns though. The mere
presence of official documented hooks to load non-free software is >problematic from a freedom perspective. They are the enabler of the
slippery slope that leads to including non-free software by default.

Sigh. That's the same argument for removing the option to even load
firmware. We must be *so* sure of purity that we can't even
acknowledge that users might need to use/run anythinh that we don't
consider pure enough. Let's stop them!

Meanwhile I looked into the debian-cd project to experiment with
building images myself. Why aren't the images built in a Salsa
pipeline? Yes I understand that 20 years ago the resources required to
build the images were large. But today people build large projects in
GitHub Actions. What artifact size are we talking about? Looking at
the summary of official images at https://www.debian.org/CD/http-ftp/ it >seems like around 50GB?

Haha, no. Using the last bookworm release as a guide, we created a
grand total of 284 images (mix of d-i and live) totalling ~1.7T.

What is the build time on a powerful machine?

That build took ~4h end-to-end on casulana,d.o, which I believe is the project's biggest server box. The build process needs a complete local
mirror and a *lot* of I/O and CPU.

I would start to worry about the design feasability of running this in a >pipeline when the total size of artifacts from a single build is larger
than 4TB or if a single serialized job would have to run for more than a >couple of days. I'm probably missing some combinatorical explosion of >varaints that increase the total size, but there is also no requirement
that all images are built like this. I would be satisfied if the
"netinst" variant for all architectures could be reproduced from purely
free software, in a Salsa pipeline, and that seems to be a 5-10GB
artifact unless my math is off.

I worry that the builds require other non-reproducible/free steps
though. A signed boot shim where the private key is not replaceable by
a user-controlled key is equally problematic as non-free firmware.
Trisquel and Guix avoids these, and I recall seeing stuff like that in
Debian -- https://tracker.debian.org/pkg/shim-signed -- but it is good
to know that we have more things to work.

Sigh.

--
Steve McIntyre, Cambridge, UK. [email protected] Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Simon Richter <[email protected]> writes:

their questionable choices in buying hardware that ships with non-free firmware

Is there hardware that ships with free firmware? Seriously.


Bjørn

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Le 10 mars 2025 11:56:28 GMT+01:00, Simon Josefsson <[email protected]> a écrit :

https://www.gnu.org/distros/optionally-free-not-enough.html

https://www.gnu.org/philosophy/install-fest-devil.html

… of course … that's where the core of the disagreement lies !

We're not a religion, we're just building a distro.

I think you're looking for something else than Debian.


--
Aurélien

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Geert Stappers <[email protected]> writes:

We're not obligated to validate their questionable choices in buying
hardware that ships with non-free firmware

There are a lot of competing priorities here, and it's the height of
arrogance to be so certain that one's own opinion is best as to try to
prevent other people from making their own decisions by hiding even the
existence of a mechanism to install debian on their machine.

Simon,

Do know that is OK that there are differences in view, opinion,
standpoint, approaches, ideas and whatever.

FWIW, I didn't write what you quoted above, so please check your
attributions.

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfP744UHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFokP6AQDKbs4mqPAB NyDRTCvPX28cgXP9XrTEB+UyWJwVVLYccwD+LtqmWoxGPuPMkmggBraZG8RVoM65 OyEaoORmLHBbXAs=WCmD
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Aurélien COUDERC <[email protected]> writes:

Le 10 mars 2025 11:56:28 GMT+01:00, Simon Josefsson <[email protected]> a écrit :

https://www.gnu.org/distros/optionally-free-not-enough.html

https://www.gnu.org/philosophy/install-fest-devil.html

… of course … that's where the core of the disagreement lies !

Right, I think agreement (or disagreement) with those essays explains a
lot of what practical choices you make.

We're not a religion, we're just building a distro.

I'm not sure what to make of that. Are you saying that Guix, Trisquel
etc who strive towards these concepts are not distro's?

One person's religion is another person's reasonable beliefs. I'm not
sure who has the authority to judge. I'm sure some would dismiss the
DFSG as religion, even if we happen to like it here.

It is fine for the Debian community to dismiss the arguments described
in the links above. This appears to be the case, although I hear some
voices that are open to change.

However if Debian dismiss those ideas, the argument that the fully free installer doesn't exist because "nobody is working on this, go create
them and it will happen" does not seem valid to me. My reading is that
these images doesn't exist because Debian had a vote saying they should
not exist. I hope this will change in the future. Creating them won't
change the decision, but it may be input to renewed discussion.

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQNoBAEWCAMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmfQVtQUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA +wUa06RD5e5VTCxvSWtPS75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fs FCDIGaEM2Yn6Vb2huzzT1Fw/BLgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZf2IKwUJC3oQqgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+GcYA/26YQY05bLtnXiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9s HSoU8OfTwmTiEnGwLlsV7QJclZg3YNz/Ypcp9TqQBrg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJl/YgwBQkLehDGAAoJENc89jjF PAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2iCTEnyFmbUcP9+gh6APoDsXalVd2c OGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40AgAKCRBRcisI/kdFovxVAQCNVSO3PT+o iDUaXSv5Ibr2huuJ3Cbb7rPHn5Jxz+U1BwEA46cBj0OZAjxzauGGagB7boACw9pt tSs62AN9tExWTQk�5D
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)