Proprietary firmware

Last updated

Proprietary firmware is any firmware that has had its use, private modification, copying, or republishing restricted by the producer. Proprietors may enforce restrictions by technical means, such as by restricting source code access, firmware replacement restrictions (by denying complete tooling that may be necessary in order to recompile and replace the firmware), or by legal means, such as through copyright and patents. Alternatives to proprietary firmware may be free (libre) or open-source.

Contents

Distribution

Proprietary firmware (and especially the microcode) is much more difficult to avoid than proprietary software or even proprietary device drivers, because the firmware is usually very specific to the manufacturer of each device (often being unique for each model), and the programming documentation and complete specifications that would be necessary to create a replacement are often withheld by the hardware manufacturer. [1]

Many open-source operating systems reluctantly choose to include proprietary firmware files in their distributions simply to make their device drivers work, [2] because manufacturers try to save money by removing flash memory or EEPROM from their devices, requiring the operating system to upload the firmware each time the device is used. [3] However, in order to do so, the operating system still has to have distribution rights for this proprietary microcode. [3]

Security concerns

Proprietary firmware poses a significant security risk to the user because of the direct memory access (DMA) architecture of modern computers and the potential for DMA attacks.[ citation needed ] Theo de Raadt of OpenBSD suggests that wireless firmware are kept proprietary because of poor design quality and firmware defects. [4] [5] Mark Shuttleworth of Ubuntu suggests that "it's reasonable to assume that all firmware is a cesspool of insecurity courtesy of incompetence of the worst degree from manufacturers, and competence of the highest degree from a very wide range of such agencies". [6]

The security and reliability risks posed by proprietary microcode may be lower than those posed by proprietary device drivers, because the microcode in this context isn't linked against the operating system, and doesn't run on the host's main processor. [2]

Alternatives

Custom firmware may still be available for certain products, which is often free and open-source software, and is especially popular in certain segments of hardware like gaming consoles, wireless routers and Android phones, which are capable of running complete general-purpose operating systems like Linux, FreeBSD or NetBSD, which are often the systems used by the manufacturer in their original proprietary firmware.

Another potential solution is going with open-source hardware, which goes a step further by also providing schematics for replicating the hardware itself.

Examples

See also

Related Research Articles

<span class="mw-page-title-main">BIOS</span> Firmware for hardware initialization and OS runtime services

In computing, BIOS is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the booting process. The BIOS firmware comes pre-installed on an IBM PC or IBM PC compatible's system board and exists in some UEFI-based systems to maintain compatibility with operating systems that do not support UEFI native operation. The name originates from the Basic Input/Output System used in the CP/M operating system in 1975. The BIOS originally proprietary to the IBM PC has been reverse engineered by some companies looking to create compatible systems. The interface of that original system serves as a de facto standard.

<span class="mw-page-title-main">Firmware</span> Low-level computer software

In computing, firmware is software that provides low-level control of computing device hardware. For a relatively simple device, firmware may perform all control, monitoring and data manipulation functionality. For a more complex device, firmware may provide relatively low-level control as well as hardware abstraction services to higher-level software such as an operating system.

<span class="mw-page-title-main">Theo de Raadt</span> Leader of the OpenBSD project (born 1968)

Theo de Raadt is a South African-born software engineer who lives in Calgary, Alberta, Canada. He is the founder and leader of the OpenBSD and OpenSSH projects and was also a founding member of NetBSD. In 2004, De Raadt won the Free Software Award for his work on OpenBSD and OpenSSH.

A disk array controller is a device that manages the physical disk drives and presents them to the computer as logical units. It almost always implements hardware RAID, thus it is sometimes referred to as RAID controller. It also often provides additional disk cache.

<span class="mw-page-title-main">UEFI</span> Operating system and firmware specification

Unified Extensible Firmware Interface is a specification that defines the architecture of the platform firmware used for booting the computer hardware and its interface for interaction with the operating system. Examples of firmware that implement the specification are AMI Aptio, Phoenix SecureCore, TianoCore EDK II, InsydeH2O. UEFI replaces the BIOS which was present in the boot ROM of all personal computers that are IBM PC compatible, although it can provide backwards compatibility with the BIOS using CSM booting. Intel developed the original Extensible Firmware Interface (EFI) specification. Some of the EFI's practices and data formats mirror those of Microsoft Windows. In 2005, UEFI deprecated EFI 1.10.

Freely redistributable software (FRS) is software that anyone is free to redistribute. The term has been used to mean two types of free to redistribute software, distinguished by the legal modifiability and limitations on purpose of use of the software. FRS which can be legally modified and used for any purpose is the same as free software. Non-legally modifiable FRS is freeware, shareware or similar.

<span class="mw-page-title-main">Free and open-source graphics device driver</span> Software that controls computer-graphics hardware

A free and open-source graphics device driver is a software stack which controls computer-graphics hardware and supports graphics-rendering application programming interfaces (APIs) and is released under a free and open-source software license. Graphics device drivers are written for specific hardware to work within a specific operating system kernel and to support a range of APIs used by applications to access the graphics hardware. They may also control output to the display if the display driver is part of the graphics hardware. Most free and open-source graphics device drivers are developed by the Mesa project. The driver is made up of a compiler, a rendering API, and software which manages access to the graphics hardware.

Advanced Configuration and Power Interface (ACPI) is an open standard that operating systems can use to discover and configure computer hardware components, to perform power management, auto configuration, and status monitoring. It was first released in December 1996. ACPI aims to replace Advanced Power Management (APM), the MultiProcessor Specification, and the Plug and Play BIOS (PnP) Specification. ACPI brings power management under the control of the operating system, as opposed to the previous BIOS-centric system that relied on platform-specific firmware to determine power management and configuration policies. The specification is central to the Operating System-directed configuration and Power Management (OSPM) system. ACPI defines hardware abstraction interfaces between the device's firmware, the computer hardware components, and the operating systems.

The OpenBSD operating system focuses on security and the development of security features. According to author Michael W. Lucas, OpenBSD "is widely regarded as the most secure operating system available anywhere, under any licensing terms."

<span class="mw-page-title-main">Comparison of open-source wireless drivers</span>

Wireless network cards for computers require control software to make them function. This is a list of the status of some open-source drivers for 802.11 wireless network cards.

These tables compare free software / open-source operating systems. Where not all of the versions support a feature, the first version which supports it is listed.

In the context of free and open-source software, proprietary software only available as a binary executable is referred to as a blob or binary blob. The term usually refers to a device driver module loaded into the kernel of an open-source operating system, and is sometimes also applied to code running outside the kernel, such as system firmware images, microcode updates, or userland programs. The term blob was first used in database management systems to describe a collection of binary data stored as a single entity.

Operating system Wi-Fi support is defined as the facilities an operating system may include for Wi-Fi networking. It usually consists of two pieces of software; device drivers; and applications for configuration and management.

The following outline is provided as an overview of and topical guide to free software and the free software movement:

<span class="mw-page-title-main">OpenBSD</span> Operating system

OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. The OpenBSD project emphasizes portability, standardization, correctness, proactive security, and integrated cryptography.

Intel PRO/Wireless is a series of Intel wireless products developed by Intel. These products include wireless network adapters, access points, and routers that are designed to provide high-speed wireless connectivity for computers, laptops, and other devices. Intel PRO/Wireless products use various wireless technologies, including Wi-Fi and Bluetooth, to provide wireless connectivity. Intel PRO/Wireless network adapters allow devices to connect to wireless networks, while access points and routers create wireless networks that devices can connect to.

<span class="mw-page-title-main">Linux-libre</span> Version of the Linux kernel without proprietary code

According to the Free Software Foundation Latin America, Linux-libre is a modified version of the Linux kernel that contains no binary blobs, obfuscated code, or code released under proprietary licenses. In the Linux kernel, they are mostly used for proprietary firmware images. While generally redistributable, binary blobs do not give the user the freedom to audit, modify, or, consequently, redistribute their modified versions. The GNU Project keeps Linux-libre in synchronization with the mainline Linux kernel.

The OpenBSD Cryptographic Framework (OCF) is a service virtualization layer for the uniform management of cryptographic hardware by an operating system. It is part of the OpenBSD Project, having been included in the operating system since OpenBSD 2.8. Like other OpenBSD projects such as OpenSSH, it has been ported to other systems based on Berkeley Unix such as FreeBSD and NetBSD, and to Solaris and Linux. One of the Linux ports is supported by Intel for use with its proprietary cryptographic software and hardware to provide hardware-accelerated SSL encryption for the open source Apache HTTP Server.

The hw.sensors framework is a kernel-level hardware sensors framework originating from OpenBSD, which uses the sysctl kernel interface as the transport layer between the kernel and the userland. As of 2019, the framework is used by over a hundred device drivers in OpenBSD to export various environmental sensors, with temperature sensors being the most common type. Consumption and monitoring of sensors is done in the userland with the help of sysctl, systat, sensorsd, OpenBSD NTP Daemon, Simple Network Management Protocol (snmpd), ports/sysutils/symon and GKrellM.

The bio(4) pseudo-device driver and the bioctl(8) utility implement a generic RAID volume management interface in OpenBSD and NetBSD. The idea behind this software is similar to ifconfig, where a single utility from the operating system can be used to control any RAID controller using a generic interface, instead of having to rely on many proprietary and custom RAID management utilities specific for each given hardware RAID manufacturer. Features include monitoring of the health status of the arrays, controlling identification through blinking the LEDs and managing of sound alarms, and specifying hot spare disks. Additionally, the softraid configuration in OpenBSD is delegated to bioctl as well; whereas the initial creation of volumes and configuration of hardware RAID is left to card BIOS as non-essential after the operating system has already been booted. Interfacing between the kernel and userland is performed through the ioctl system call through the /dev/bio pseudo-device.

References

  1. Jeremy Andrews (2005-03-08). "Feature: OpenBSD's "Out of the Box" Wireless Support". KernelTrap . Archived from the original on 2005-03-09.
  2. 1 2 Jeremy Andrews (2006-05-02). "Interview: Theo de Raadt". KernelTrap . Archived from the original on 2006-06-03.
  3. 1 2 Jeremy Andrews (2004-11-02). "Feature: OpenBSD Works To Open Wireless Chipsets". KernelTrap . Archived from the original on 2006-06-20.
  4. Theo de Raadt (2016-12-03). "Page 13: The hardware: 802.11 wireless networking (more detail)". Open Documentation for Hardware. OpenCON 2006, 2–3 December 2006. Courtyard Venice Airport, Venice/Tessera, Italy.
  5. Constantine A. Murenin (2006-12-10). "Почему так важно иметь документацию по программированию железа". Linux.org.ru (in Russian).
  6. 1 2 Mark Shuttleworth (2014-03-17). "ACPI, firmware and your security".
  7. "Drunk drivers granted access to breathalyser source code". 2005-11-03. Archived from the original on 2008-09-30.