On 2022-04-19 12:41, Jonas Smedegaard wrote: > Quoting Christian Kastner (2022-04-19 11:33:30) >> Here's a somewhat radical idea: I propose that we make option (1) and >> (2) conditional on all Debian infra switching to hardware entirely >> free of binary firmware/microcode blobs. >> >> Because if *we* can't do it, then imposing this stringency on our >> users is outright idealist hypocrisy. >> >> [Spoiler: we can't, unless some open x86_64 silicon has popped up >> somewhere (doubtful, because of the required patents).] > > I certainly like "eat our own dogfood", but our infrastructure currently > runs on _top_ of Debian systems, using non-Debian applications. > > I don't think we should put the bar higher for firmware than we do for > applications, regarding "eat our own dogfood". What would be the point > of that (other than artificially creating an argument for option 5)?
I'm sorry, but I don't quite follow your argument? In case my own wasn't clear, what I meant was: (a) all of the x86_64 hosts in our infrastructure use CPUs that utilize non-free microcode, and (b) unless we're crazy, those hosts also use the non-free intel-microcode or amd64-microcode packages to get security fixes. Consequently, expecting our users to forgo non-free entirely is, in my eyes, extremely hypocritical. We make exceptions for these microcode packages because whether we like it or not, it's the only reasonable/secure/sane thing to do. Here's an even more radical thought: shipping any x86_64 installer CD without amd64-microcode and intel-microcode installed by default is a disservice to our users. There's no ideological "Win" when you're paying for it with the user's security, especially when they might be unaware of the problem.