Dear Qubes Users, I have been using Qubes OS for a couple of days now. I own a Lenovo Thinkpad X200 and everything works fine, including WiFi. However, I am concerned about this, because my X200 has an Intel WiFi chipset, which I know uses proprietary firmware. I am concerned about this because the firmware could be malicious, so I think this is quite bad from a security perspective. The more proprietary software, the worse security you have, as has been shown many times. Since the hardware is secret, it is possible that the WiFi chipset could be used to do malicious actions without any way to tell. I am especially concerned about the firmware being in dom0, which has access to the hardware. For many months I used Trisquel GNU/Linux, which 'deblobs' the kernel with the scripts from the Linux-libre project, endorsed by the Free Software Foundation. WiFi does not work but I have an external dongle and at any rate ethernet is often faster. Other than that, everything else works flawlessly. Therefore my question is, for a security-orientated OS, what is the position on the proprietary firmware software? At the very least, I would like to install Linux-libre in Qubes dom0. The Free Software Foundation of Latin America (FSFLA) offer the freed-ora repositories for Fedora, which removes proprietary firmware packages and installs the upstream kernel (as far as I can tell; I used it in normal Fedora and it works fine) and free firmware programs. As a more permanent workaround, will Qubes offer Linux-libre by default? I think it is best not to include the firmwares at all but maybe that will be for further in the future.
Thanks, D. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f8496515-e58f-4219-b42e-b4ef9ea4e43a%40posteo.net. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: OpenPGP digital signature
