FSF(Free Software Foundation) is bad for the Privacy and Security of the general public

The FSF has a disregard for user privacy and security of it’s users in general , promoting political propaganda rather than doing some actual good, which results in the creation of policies that would’ve made sense in the 80s, but actively harm users today to quite some extent, through recommending obsolescent equipment , insecure software and hardware and discouraging both good security practices in general. As a result of these policies, misconception about FOSS and Linux runs wild in the privacy and security community and more users are tricked into installing shitty insecure stuff in the name of “escaping the bonds of big tech”.

The normal Linux kernel is not recommended by the FSF, because it allows for the use of proprietary firmware with devices. Instead, they recommend Linux-libre, which disables support for proprietary firmware by ripping out code which allows for the firmware to be loaded on to devices. Libreboot, being FSF-recommended, also has this policy of disallowing firmware blobs in the source tree, despite it being a source of nothing but problems.

The end result is that users who deploy the FSF-recommended firmware and kernel wind up with varying degrees of broken configurations. Worse yet, the Linux-libre project removes warning messages which suggest a user may want to update their processor microcode to avoid Meltdown and Spectre security vulnerabilities.

While it is true that processor microcode is a proprietary blob, from a security and reliability point of view, there are two types of CPU: you can have a broken CPU, or a less broken CPU, and microcode updates are intended to give you a less broken CPU. This is particularly important because microcode updates fix real problems in the CPU, and Libreboot has patches which hack around problems caused by deficient microcode burned into the CPU at manufacturing time, since it’s not allowed to update the microcode at early boot time.

There is also a common misconception about the capabilities of processor microcode. Many of the people belonging to the Stallman cult likes to believe that microcode is capable of reprogramming the processor. In reality, the microcode is a series of hot patches to the instruction decode logic, which is largely part of a fixed function execution pipeline.

By discouraging (or outright inhibiting in the case of Linux-libre) end users to exercise their freedom to update their processor microcode, the FSF pursues a policy which leaves users at risk for vulnerabilities such as Meltdown and Spectre, which were partially mitigated through a microcode update.

By FSF I assume you’re referring to the Free Software Foundation? Just looking to clarify for folks who may not be familiar.

That’s waaaaaaaaaaaaaaay better with (the sister organization?) the Free Software Foundation Europe. They promote a lot of open source and privacy: https://fsfe.org
The CEO has also recently written an open source children’s book to teach kids the world of Open Source.

Please stop hating on FSF. None of the words in the above article are true.

Yeah, lol. Are you trolling @whattheduck ?

Yeah a usability sacrifice for a privacy gain. I see nothing wrong.

You know more than RMS? Also untrue. Microcode can issue commands to make the CPU processor in a specific way i.e track you.

Please ensure some kind of fact checking board or something. Verify the posts and then only allow them to be published here.

With respect, I think the confusion here is between privacy and security. While these overlap they are not the same.

Assuming everything you said is true, this would be an attack on the FSF’s security recommendations, but not their privacy recommendations. It is indeed more private to only run vetted open source code. However, as you correctly highlight, that does not make it secure.

pLeASe sToP hAtiNG oN fSf!!!

The truth is that the reason people don’t care about privacy and security is because of how it impacts usability. The FSF does not care about most other people, they only care about circlejerking about how smart they are for making basic tasks significantly more inconvenient for the sake of “freedom”. That is why very few people take them even remotely seriously nowdays. If you want people to care about software freedom, acting like this is the best way to piss people off and never consider bothering.

People who disagree with you are not trolls. Not everyone idolizes RMS like you.

I said that this post might be a troll post because of the ovious untrue bogus stuff written here and the article may be factually wrong. You reply with an angry rant and agreeing to the bogus article.

Remind me again, who made the system utilities for Linux and actually made it an Operating system?

Propietary software do makes tasks easy, should we give in to that temptation of using it, when all it does are take away my American Rights, sell my data and make money off of it. I am sticking to my freedom, I will not be giving up my freedom just for the sake of usability.

The community did and does. There is no desktop Linux without it. No one wants to use a appless platform. The only meaningful contribution by the FSF are the GNU core utils and GPL.

Before you start saying I am against FOSS or something, I actively try to contribute to FOSS software (Calibre,Unity,KDE,GNOME).

Noboy denied the importance of things made by the FSF. Both historically and today they’re still relevant.

What’s being said here is that the FSF recommendations on security are painfully wrong.

I do like the idea of free software. I trend to prefer free software whenever possible.

The same goes for linux, while I use it and like it, I do aknowledge all its flaws.

Being critic is really important. Even more when talking about security and/or privacy.

I have always wanted to know what “freedom” (with context to the freedom stuff pushed by FSF) means. Does “freedom” mean using insecure stuff that removes warning messages aka. hiding problems it created in the first place? Or the fact that Purism(An FSF recommeded company) removes the ability for users to update their libre insecure kernels?

Purism/PureOS is endorsed by the FSF because PureOS is fully libre.

They can make a libre OS because they produce the hardware themselves, and can use hardware that doesn’t need any blobs, this also allows them to use a loophole to apply the microcode blob. They include the microcode in the firmware, and PureBoot isn’t endorsed by FSF.

from what i read in here fsf go full foss but because you need some proprietary parts to make most pc’s work fsf won’t use them even if a project is incomplete or is missing critical parts the foss software they will recommend

No good sir, you just blatantly spread misinformation.

People seem to wonder why Open Source projects are always short of developers. I too wonder why that is the case.

I am sure you aren’t a dev @rmswasright so it is very convenient of you to act like a entitled bigot. We devs are under workloads of pressure to the point where we are depressed, cut off from friends and family and in general live a miserable life. When someone finds time from that intense work pressure to contribute to a novel cause from where the dev basically doesn’t get any/nominal money, least you can do is say a thank you (even though it doesn’t really help).

least-unhinged FSF member ^

i sincerely apologize to hear that you are american, i hope you get well soon