Is it acceptable to use proprietary software (platforms) to promote software freedom?

J.B. Nicholson jbn at
Sun Jul 23 20:00:21 UTC 2017

dguthrie at wrote:
> Tails concerns itself with offensive attacks against Tor browser and making
> programs use Tor safely; its threat model does not concern (what would have
> to be quite advanced) attacks from the firmware.

Software can be conveyed through Tor which would leverage an insecurity in 
the firmware or insecurity in the non-free software that comes with Tails. 
This is not Tor's fault; Tor's job is not to filter out what data one gets 
via a network. One such means of acquiring and running malware is 
Javascript, another are add-ons many people use when browsing the web.

Thus non-free software in Tails (be it firmware, drivers, or anything else) 
is asking the user to blindly accept that Tails is safe. If Tails is a 
GNU/Linux system, Tails hackers should look into using the GNU Linux-libre 
kernel which is purposefully deblobbed of non-free software. Tails won't 
run on as many computers as it does now, but for those it does run users 
will be able to say they are using a kernel they may completely run, 
inspect, share, and modify. This strikes me as a big step toward increasing 
the security of Tails, which I'd imagine is something that ought to 
interest them because (as I understand it) one of Tails' goals is to supply 
an OS users can use to preserve their privacy.

> (Furthermore, free software firmware can be buggy too, it should be noted,
> which is crucial in the case of wireless cards. Even the cards with free
> loadable wireless firmware still handle 802.11n frames with proprietary
> embedded firmware, on a DSP most likely. Handling those frames doesn't come
> out of thin air.).

The issue here has nothing to do with what software is buggy and not; all 
complex software has bugs. The issue has to do with what freedom the user 
has to run, inspect, share, and modify the software they use. Non-free 
software can't be fixed by the user regardless of how technically minded 
the user is or if the user hires out the code hacking work to someone they 

More information about the Discussion mailing list