Hello,
I try to make a list of devices in common laptops what has it's own firmware:
bios processor ("microcode"), loaded from bios, or from OS. VGA option ROM, loaded from bios. Sometimes optional EC (embedded controller), loaded from bios ME (Intel Management Engine), loaded from bios GPU (e.g. ATI/AMD) wired network controller wifi controller bluetooth (sometimes combined with wifi-controller) USB controller (AMD devices get USB3 firmware from bios) SSD/harddisk CD/DVD/Bluetooth reader/writer keyboard controller touchpad wired modem wireless modem, e.g. GSM soundchip firewire webcam fingerprint reader pc-card/express card/PCMCI slot wireless usb sata controller
What do I forget?
With regards, Paul van der Vlis.
Paul van der Vlis paul-kzJ6NpsJWJiWrUy98/Atqw@public.gmane.org writes:
Hello,
I try to make a list of devices in common laptops what has it's own firmware:
Nice list! Analysing each firmware further could be quite interesting.
Some laptops have NFC chips in them, which sometimes requires non-free firmware to work.
I've also heard that the power adapter and battery charger sometimes contains firmware, for charging the battery properly.
And maybe memory card readers should be added too?
Smart-card readers probably contain firmware too.
Not strictly part of the laptop, but many laptop docking ports also have non-free firmware in them that can be updated.
/Simon
bios processor ("microcode"), loaded from bios, or from OS. VGA option ROM, loaded from bios. Sometimes optional EC (embedded controller), loaded from bios ME (Intel Management Engine), loaded from bios GPU (e.g. ATI/AMD) wired network controller wifi controller bluetooth (sometimes combined with wifi-controller) USB controller (AMD devices get USB3 firmware from bios) SSD/harddisk CD/DVD/Bluetooth reader/writer keyboard controller touchpad wired modem wireless modem, e.g. GSM soundchip firewire webcam fingerprint reader pc-card/express card/PCMCI slot wireless usb sata controller
What do I forget?
With regards, Paul van der Vlis.
hi, On Mon, Mar 02, 2015 at 11:24:39AM +0100, Simon Josefsson wrote:
Paul van der Vlis paul-kzJ6NpsJWJiWrUy98/Atqw@public.gmane.org writes:
...
What do I forget?
well depending on what counts:
* (web) camera * in most case the touchpad i think * the display itself most likly conatins firmware ...
in shourt: most "high level" hardware parts (e.g. entities normally considered as on funktional item) conatin firmware of sorts, and unfortunatly most of it is non-free (and in some cases it might not be possible to replace them, as some pieces of hardware are probably not designed with uprading firmware in mind).
as for "depending on what counts": some of it will be configuration for FPGA's and the like: is that: * software * configuration * propritaery hardware?
i'm not really shure....
regards, albert
Op 02-03-15 om 12:05 schreef Albert Dengg:
hi, On Mon, Mar 02, 2015 at 11:24:39AM +0100, Simon Josefsson wrote:
Paul van der Vlis paul-kzJ6NpsJWJiWrUy98/Atqw@public.gmane.org writes:
...
What do I forget?
well depending on what counts:
- (web) camera
I did mention a webcam.
- in most case the touchpad i think
I did mention that.
- the display itself most likly conatins firmware
Hmm... Correct!
in shourt: most "high level" hardware parts (e.g. entities normally considered as on funktional item) conatin firmware of sorts, and unfortunatly most of it is non-free (and in some cases it might not be possible to replace them, as some pieces of hardware are probably not designed with uprading firmware in mind).
I am most interested in the devices what have replaceable firmware. Because somebody could do bad things with it, like they did with the firmware of harddisks.
It would be nice if it would be possible to make a list of all parts of the hardware what have upgradeable firmware. Not sure that's possible...
as for "depending on what counts": some of it will be configuration for FPGA's and the like: is that:
- software
- configuration
- propritaery hardware?
i'm not really shure....
regards, albert
Thanks for your help!
With regards, Paul van der Vlis.
On Monday 2. March 2015 14.26.02 Paul van der Vlis wrote:
I am most interested in the devices what have replaceable firmware. Because somebody could do bad things with it, like they did with the firmware of harddisks.
I think there definitely needs to be more discussion around firmware which can or cannot be upgraded, particularly since a lot of people seem to disagree with the FSF's position on this. From one perspective, making the firmware immutable is a bad thing for people who want to fix or improve it, ultimately consigning hardware to waste if it turns out to be critically flawed, but from another perspective, if only the manufacturer is in a position to upgrade the firmware, then they are exercising rights that they deny to the hardware's owners.
It's understandable to say that if there's a choice between only some people having the right to upgrade firmware and nobody being able to do it, then the latter prevents one group of people from having power over the other, potentially. However, there's always the argument that such power can be exercised by merely getting the firmware "right first time" (for whatever purpose) and then relinquishing the right to upgrade in order to satisfy the FSF criteria.
Sorry to drag things off topic, although I'll gladly point out Novena [1] for anyone not already aware of it as a useful reference for such matters.
Paul
[1] http://www.kosagi.com/w/index.php?title=Novena_Main_Page
Op 02-03-15 om 14:58 schreef Paul Boddie:
On Monday 2. March 2015 14.26.02 Paul van der Vlis wrote:
I am most interested in the devices what have replaceable firmware. Because somebody could do bad things with it, like they did with the firmware of harddisks.
I think there definitely needs to be more discussion around firmware which can or cannot be upgraded, particularly since a lot of people seem to disagree with the FSF's position on this.
For me there is not so much difference between to upload closed-firmware by the OS or to have a flashrom with closed-firmware feeding such a controller with cloesed-firmware. (But closed-firmware should not be distributed with an open source OS.)
When it's about firmware on a non-flashable ROM, I have the same conclusion as the FSF.
I would like to have open hardware/firmware, but that's not easy to realize. For me closed firmware is not the biggest problem, but I would like to make a sha256sum of it for security.
From one perspective, making the firmware immutable is a bad thing for people who want to fix or improve it, ultimately consigning hardware to waste if it turns out to be critically flawed, but from another perspective, if only the manufacturer is in a position to upgrade the firmware, then they are exercising rights that they deny to the hardware's owners.
Correct. But realize that maybe not only the manufacturer can do it. The code could be stolen, confiscated, extorted, or "part of a deal". China now wants sourcecode before buying hardware.
It's understandable to say that if there's a choice between only some people having the right to upgrade firmware and nobody being able to do it, then the latter prevents one group of people from having power over the other, potentially. However, there's always the argument that such power can be exercised by merely getting the firmware "right first time" (for whatever purpose) and then relinquishing the right to upgrade in order to satisfy the FSF criteria.
Sorry to drag things off topic, although I'll gladly point out Novena [1] for anyone not already aware of it as a useful reference for such matters.
Paul
[1] http://www.kosagi.com/w/index.php?title=Novena_Main_Page
This is really interesting hardware. Maybe I will order it, is there more information available? I would like to read a "critical article".
With regards, Paul van der Vlis.
On Monday 2. March 2015 15.58.59 Paul van der Vlis wrote:
Op 02-03-15 om 14:58 schreef Paul Boddie:
On Monday 2. March 2015 14.26.02 Paul van der Vlis wrote:
I am most interested in the devices what have replaceable firmware. Because somebody could do bad things with it, like they did with the firmware of harddisks.
I think there definitely needs to be more discussion around firmware which can or cannot be upgraded, particularly since a lot of people seem to disagree with the FSF's position on this.
For me there is not so much difference between to upload closed-firmware by the OS or to have a flashrom with closed-firmware feeding such a controller with cloesed-firmware. (But closed-firmware should not be distributed with an open source OS.)
When it's about firmware on a non-flashable ROM, I have the same conclusion as the FSF.
I would like to have open hardware/firmware, but that's not easy to realize. For me closed firmware is not the biggest problem, but I would like to make a sha256sum of it for security.
There are certainly plenty of considerations: whether it is closed or open to begin with, whether it can change, how it can change, who can change it, and who actually can make meaningful changes (whether it's open or closed, again). If you trust the manufacturer even if the firmware is closed, but don't trust further modifications (from whatever source), being able to verify that the firmware remains unchanged is also critical.
From one perspective, making the firmware immutable is a bad thing for people who want to fix or improve it, ultimately consigning hardware to waste if it turns out to be critically flawed, but from another perspective, if only the manufacturer is in a position to upgrade the firmware, then they are exercising rights that they deny to the hardware's owners.
Correct. But realize that maybe not only the manufacturer can do it. The code could be stolen, confiscated, extorted, or "part of a deal". China now wants sourcecode before buying hardware.
In the end, the poor end-user is last in the queue, and potentially many other parties have their opportunities to deny the end-user various freedoms. I can understand the FSF's position, certainly, although it also raises the issue of whether the firmware is guaranteed to be immutable, say, if it is provided in flash memory whose contents are supposedly protected.
It's understandable to say that if there's a choice between only some people having the right to upgrade firmware and nobody being able to do it, then the latter prevents one group of people from having power over the other, potentially. However, there's always the argument that such power can be exercised by merely getting the firmware "right first time" (for whatever purpose) and then relinquishing the right to upgrade in order to satisfy the FSF criteria.
Sorry to drag things off topic, although I'll gladly point out Novena [1] for anyone not already aware of it as a useful reference for such matters.
Paul
[1] http://www.kosagi.com/w/index.php?title=Novena_Main_Page
This is really interesting hardware. Maybe I will order it, is there more information available? I would like to read a "critical article".
Well, there's a crowd-funding campaign that got financed three times over [2], and the developers have a proven track record and have been very transparent about their operations, meaning that there's been a lot to learn from just following what they are doing.
Paul
P.S. I haven't ordered a Novena, so this isn't an endorsement by any means.
On Mon, Mar 02, 2015 at 02:26:02PM +0100, Paul van der Vlis wrote:
Op 02-03-15 om 12:05 schreef Albert Dengg:
hi, On Mon, Mar 02, 2015 at 11:24:39AM +0100, Simon Josefsson wrote:
Paul van der Vlis paul-kzJ6NpsJWJiWrUy98/Atqw@public.gmane.org writes:
...
What do I forget?
well depending on what counts:
- (web) camera
I did mention a webcam.
- in most case the touchpad i think
I did mention that.a
sorry i overlooked it...
- the display itself most likly conatins firmware
Hmm... Correct!
in shourt: most "high level" hardware parts (e.g. entities normally considered as on funktional item) conatin firmware of sorts, and unfortunatly most of it is non-free (and in some cases it might not be possible to replace them, as some pieces of hardware are probably not designed with uprading firmware in mind).
I am most interested in the devices what have replaceable firmware. Because somebody could do bad things with it, like they did with the firmware of harddisks.
It would be nice if it would be possible to make a list of all parts of the hardware what have upgradeable firmware. Not sure that's possible...
personnaly i would also seperate "upgradeable" into two katagories: * doable at runtime (either dynamic loading from userspace or by beeing able to write to it while the system is running) * upradable by using an external programmer or replacing the storage (flash)
the first group poses the most imidieate problem for the user, as it is (relativly) easy for an attacker as soon as he has temporary controll over the computer. the latter is of course also intressting for people willing to invest time into developing truely free systems. The security problem in closed, non changeable firmware is of course also there, however i regard it in the same class as malicious hardware design by itself, see for example clipper chip).
as for the list: it would also be helpfull to list every component that has been considered, but deemed not to contain firmware relevant for the list, as this makes it possible to judge hardware not directly listed whithout having to assume that everything that is not listed is harmless (which is a problem, as systems change all the time).
thx for bringing up the subject.
regards, albert
Op 02-03-15 om 11:24 schreef Simon Josefsson:
Paul van der Vlis paul-kzJ6NpsJWJiWrUy98/Atqw@public.gmane.org writes:
Hello,
I try to make a list of devices in common laptops what has it's own firmware:
Nice list! Analysing each firmware further could be quite interesting.
Thanks. An important point is: "can the firmware be updated or not".
Some laptops have NFC chips in them, which sometimes requires non-free firmware to work.
Correct, thanks.
I've also heard that the power adapter and battery charger sometimes contains firmware, for charging the battery properly.
It's called the "power management controller", I think.
And maybe memory card readers should be added too?
Good possible that they have firmware. Right.
Smart-card readers probably contain firmware too.
I don't know them in laptops. But maybe some have.
Not strictly part of the laptop, but many laptop docking ports also have non-free firmware in them that can be updated.
Correct, good possible.
Thanks for your help!
With regards, Paul.
/Simon
bios processor ("microcode"), loaded from bios, or from OS. VGA option ROM, loaded from bios. Sometimes optional EC (embedded controller), loaded from bios ME (Intel Management Engine), loaded from bios GPU (e.g. ATI/AMD) wired network controller wifi controller bluetooth (sometimes combined with wifi-controller) USB controller (AMD devices get USB3 firmware from bios) SSD/harddisk CD/DVD/Bluetooth reader/writer keyboard controller touchpad wired modem wireless modem, e.g. GSM soundchip firewire webcam fingerprint reader pc-card/express card/PCMCI slot wireless usb sata controller
What do I forget?
With regards, Paul van der Vlis.
Paul van der Vlis paul-kzJ6NpsJWJiWrUy98/Atqw@public.gmane.org writes:
Op 02-03-15 om 11:24 schreef Simon Josefsson:
Paul van der Vlis paul-kzJ6NpsJWJiWrUy98/Atqw-XMD5yJDbdMReXY1tMh2IBg@public.gmane.org writes:
Hello,
I try to make a list of devices in common laptops what has it's own firmware:
Nice list! Analysing each firmware further could be quite interesting.
Thanks. An important point is: "can the firmware be updated or not".
I think there are a couple of interesting questions:
1) Is there non-free firmware that can be updated? This leads to the possibility of writing free software firmware-replacements.
2) Is there any technical restrictions on the updating procedures? Some hardware may require cryptographically signed firmware in order to update. This has to be circumvented to replace the firmware.
3) What security problems are there in the firmware that is bad for the user? I initially wrote "Is there security problems" but we all know that any non-trivial software has bugs. I suppose the question is, further, to what extent the security issues have an impact on the user. If some hardware that has DMA to the main RAM has a security problem in its firmware, that may have severe consequences for the user.
/Simon