When should we require that firmware be free?

&gt; When should we require that firmware be free?<p>Same as with any other requirement: <i>when you can afford it</i>.<p>Slack&#x27;s desktop client shouldn&#x27;t require Electron (making it unusable on low-end devices), but it does. They can get away with that requirement, because there&#x27;s hardly any alternative client worth your effort&#x2F;attention.<p>I was sceptical about BitWarden (versus 1Password), because their UX was quite far behind - but they&#x27;re slowly catching up, and I might have to reconsider my choice there.<p>If I wasn&#x27;t &quot;required&quot; to run a dozen different proprietary&#x2F;non-portable apps, I&#x27;d be using OpenBSD instead of macOS.<p>I do not &quot;require&quot; X to be free, but given all other things being equal, it&#x27;s my preferred choice. Unfortunately, a lot of the time, we do not have the luxury of being picky.

I think it&#x27;s a very interesting question!<p>Sometimes it feels like it makes sense to keep <i>some</i> software proprietary (e.g. the algorithms running in a Garmin watch have a lot of value, customers don&#x27;t just buy the hardware).<p>Other times it feels like it really doesn&#x27;t. I often give the example of Marshall smart speakers: the software seems to be very bad, it&#x27;s never updated but it&#x27;s connected to the internet, and the UX is not pleasing me. But initially I bought it for the hardware: it looks nice, and the sound is nice.<p>In my opinion, when I buy hardware as a customer, I should have the right (and be given the tools) to interface with that hardware. So there should be <i>some</i> open source firmware that gives me <i>reasonable</i> access to the hardware I bought. In other words I should be able, legally and without impossible reverse engineering, to write my own system for hardware I buy.<p>If I managed to write software that competed with Garmin on their own watches, so be it. That&#x27;s fair competition (and that&#x27;s probably super hard to do). The fact that Marshall can push me towards throwing away my perfectly fine hardware because they abandoned the bad software they once pushed on it is not fine. And it encourages companies to invent subscription models where my perfectly fine hardware becomes unusable if I stop paying them even though I don&#x27;t want or need their updates.<p>So somehow I think there is a middle ground that would help making products better and hardware more sustainable, and we are not there yet.

I think software and firmware should be free if critical functionality depends on an Internet-based service.<p>Or, it should at least be free whenever that service gets discontinued.<p>I&#x27;ve been thinking that perhaps to be able to market a product where critical functionality depends on commercial software connected services, a company should be required by law to provide their source code to a government agency that holds it in escrow. Then when the company goes out of business or just decides to discontinue the product then that agency will publish the source code under an open source license.<p>This shouldn&#x27;t just apply to firmware in connected devices, but to all commercial connected software. There are countless games that can&#x27;t be played any more only because a company behind it has discontinued its DRM servers.<p>Of course there are details that need to be worked out with how this will work in practice. The publisher will have to prove to some degree that the provided source code is sufficient. You&#x27;d have to prevent the publisher from circumventing the solution in a future software update. And the publisher would have to pay a free for the privilege, to be able to fund the agency.

From the comments:<p>&gt; My primary use of non-free firmware is to stop free riding by hardware cloners. It really sucks to put a lot of effort into a hardware and software design, then have your product get cloned using your own firmware.<p>That&#x27;s a massive problem indeed. In ham circles, the tinySA spectrum analyzer is one prime example... there&#x27;s tons of clones of them floating around despite the hardware actually being closed source, but the firmware being FOSS. And people turn up in ham forums asking why their &quot;tinySA&quot; doesn&#x27;t work, only to find out they have been shipped counterfeits with sub-par components.

I get why they want control over this stuff (simplification, segmentation and obsolescence) but the very second they lose interest, stop supporting it, <i>owners of the hardware</i> should have access and a licence to the source and build instructions.<p>Not even necessarily open source. Just something better than automatic ewaste.

IMO, If you buy hardware, you should get firmware src too allow porting to whatever OS you want to run

As a purchaser of hardware, I want full control over the stuff I own, including the right to modify firmware. But I&#x27;m also sympathetic to hardware manufacturers, especially in this day and age where information travels so fast.<p>A hardware company can say your warranty is void if you modify your purchase&#x27;s firmware. But it can&#x27;t stop you from flashing back the original firmware, saying it was broken when you received it, and still making a bogus warranty claim. Nor can it stop you from writing a terrible Amazon review about how complicated the product is, when all your complaints are self-inflicted from modified firmware you found online that the company didn&#x27;t even write.<p>Companies are responsible for the entire relationship between their products and their customers. So I can see why they want to define hard boundaries around it.

Firmware frequently includes NDAs and license agreements for patented intellectual property.<p>Now, once those patents expire then sure... open it up

Like any software when they are not supposed to suck and work for not against you

I think anyone selling commerical products to the public that include software&#x2F;firmware components should be required to submit source code and binary artifacts to the Library of Congress. The library can then release it to the public when copyright expires or the vendor approves it.

free? definitely when partially(however minute) funded by taxpayers

Always, and by law.

&gt; <i>The maximalist position is not to compromise at all - all software on a system, whether it&#x27;s running at boot or during runtime, and whether it&#x27;s running on the primary CPU or any other component on the board, should be free.</i><p>As stated, I don&#x27;t think this actually makes for a consistent position. The author throws out the terms &quot;system&quot; and &quot;board&quot; and hopefully assumes they define a good boundary, but they actually don&#x27;t. PCIe expansion cards and hard drives are both not &quot;on the board&quot; but still part of the &quot;system&quot;. Peripherals and other support devices (keyboard&#x2F;usb switch&#x2F;UPS&#x2F;serial server) are not &quot;on the system&quot; or perhaps not even part of &quot;the system&quot; at all, yet significantly [ae]ffect the system.<p>Defining that bound is important, because without it you end up with a wishy-washy escape hatch like &quot;<i>within which software installation is not intended after the user obtains the product</i>&quot;, making the definition completely fail at being a maximalist position. (and then when taken as a maximalist&#x2F;hardline position ends up causing strife...)<p>The original FSF position was based on the copyright license status of what they shipped on distribution media. This is neatly consistent, but completely outmoded in today&#x27;s globally networked software-pervasive environment. The spirit of this lives on in things like linux-libre.<p>I&#x27;d say that any modern definition of software freedom <i>must</i> pull in a larger scope that focuses on effective individual freedom in the face of pervasive global networking. A mouse, a video card, and an IoT device can all have proprietary updateable firmware, but <i>drastically</i> different affects on your individual freedom - I&#x27;ve never wanted to change my mouse firmware, if&#x2F;when video card firmware is updated is (almost) completely under your control and the card lacks easy backhaul, whereas a a proprietary IoT device is essentially a rogue agent on your network.<p>My own definition involves something like a much more fine-grained definition of <i>device</i>, analyzing how easy it is to modify&#x2F;inspect code on each <i>device</i>, as well as analyzing trust&#x2F;security relationships between devices. This ends up being independent from maximalism, as you can choose how important it is for any given device to be libre or not, and see how any compromise specifically affects your freedom.<p>For example I recognize that my hard drives themselves are completely and utterly non-free. But also my desire for libre hard drives is pretty low as well. The libre device&#x2F;system those drives store data for protects itself by the use of full disk encryption, and the drives are unlikely to become active attackers due to lacking any network connections besides SATA&#x2F;SAS to the libre system. Meanwhile the system they&#x27;re attached to is a KGPE-D16 running libreboot, which has nearly zero proprietary code running in its main CPU domain. I compromise on CPU microcode because the small binary size means low complexity, I choose if&#x2F;when to update, and it&#x27;s similar trust to the unavoidable shipped silicon. But no javascript (I run web browsing on another machine with virt-viewer =). I&#x27;d say this is a much healthier way of analyzing software freedom, whereas the traditional way kind of lumps many things together and then finds reasons to ignore inconvenient details.

Always!