Proprietary firmware

Last updated

Proprietary firmware is any firmware on which is not free (libre). Examples of proprietary works include ones upon which the author has placed restrictions on use, private modification, copying, or republishing.


Proprietors may enforce restrictions by technical means, such as by restricting source code access, firmware replacement restrictions (by denying complete tooling that may be necessary in order to recompile and replace the firmware), or by legal means, such as through copyright and patents.

Proprietary firmware may range from just a few kilobytes of microcode for a network interface controller [1] to megabytes of binaries for a wireless router. Custom firmware may still be available for certain products, which is often free and open-source software, and is especially popular in certain segments of hardware like gaming consoles, wireless routers and Android phones, which are capable of running complete general-purpose operating systems like Linux, FreeBSD or NetBSD, which are often the systems used by the manufacturer in their original proprietary firmware.

Difficult to avoid

Proprietary firmware (and especially the microcode) is much more difficult to avoid than proprietary software or even proprietary device drivers, because the firmware is usually very specific to the manufacturer of each device (often being unique for each model), and the programming documentation and complete specifications that would be necessary to create a replacement are often withheld by the hardware manufacturer. [2] One potential solution is going with open-source hardware, which goes a step further by also providing schematics for replicating the hardware itself.

Even though both proprietary firmware and proprietary device drivers are shipped in binary form, [3] to be practical, [3] the term "binary blobs" is used only to refer to proprietary drivers by some people [4] , whereas others use the term to refer to proprietary firmware too.

Distribution issues

Many open-source operating systems reluctantly choose to include proprietary firmware files in their distributions simply to make their device drivers work, [3] because manufacturers try to save money by removing flash memory or EEPROM from their devices, requiring the operating system to upload the firmware each time the device is used. [5] However, in order to do so, the operating system still has to have distribution rights for this proprietary microcode. [5] If such distributions rights are not obtained, then the device will not work; this especially presents a chicken-and-egg issue with wireless network interface controllers from certain manufacturers which cannot be used until such files are somehow obtained first, which is difficult to accomplish when the wireless card doesn't work. [5] [2] : [6] [7] [1] [8]

Security concerns

Proprietary firmware poses a significant security risk to the user, because of the direct memory access (DMA) architecture of modern computers, and the potential for DMA attacks. Theo de Raadt of OpenBSD suggests that wireless firmware are kept proprietary because of poor design quality, as well as firmware defects. [6] [7] Mark Shuttleworth of Ubuntu suggests that "it's reasonable to assume that all firmware is a cesspool of insecurity courtesy of incompetence of the worst degree from manufacturers, and competence of the highest degree from a very wide range of such agencies". [9]

However, the security and quality/reliability risks posed by proprietary microcode may be lower than those posed by proprietary device drivers, because the microcode in this context isn't linked against the operating system, and doesn't run on the host's main processor. [3]


See also

Related Research Articles

<span class="mw-page-title-main">Free software</span> Software licensed to preserve user freedoms

Free software or libre software is computer software distributed under terms that allow users to run the software for any purpose as well as to study, change, and distribute it and any adapted versions. Free software is a matter of liberty, not price; all users are legally free to do what they want with their copies of a free software regardless of how much is paid to obtain the program. Computer programs are deemed "free" if they give end-users ultimate control over the software and, subsequently, over their devices.

<span class="mw-page-title-main">Firmware</span> Low-level computer software

In computing, firmware is a specific class of computer software that provides the low-level control for a device's specific hardware. Firmware, such as the BIOS of a personal computer, may contain basic functions of a device, and may provide hardware abstraction services to higher-level software such as operating systems. For less complex devices, firmware may act as the device's complete operating system, performing all control, monitoring and data manipulation functions. Typical examples of devices containing firmware are embedded systems, home and personal-use appliances, computers, and computer peripherals.

<span class="mw-page-title-main">Theo de Raadt</span> Leader of the OpenBSD project

Theo de Raadt is a South African-born software engineer who lives in Calgary, Alberta, Canada. He is the founder and leader of the OpenBSD and OpenSSH projects and was also a founding member of NetBSD. In 2004, De Raadt won the Free Software Award for his work on OpenBSD and OpenSSH.

A disk array controller is a device that manages the physical disk drives and presents them to the computer as logical units. It almost always implements hardware RAID, thus it is sometimes referred to as RAID controller. It also often provides additional disk cache.

Freely redistributable software (FRS) is software that anyone is free to redistribute. The term has been used to mean two types of free to redistribute software, distinguished by the legal modifiability and limitations on purpose of use of the software. FRS which can be legally modified and used for any purpose is the same as free software. Non-legally modifiable FRS is freeware, shareware or similar.

coreboot Open-source computer firmware

coreboot, formerly known as LinuxBIOS, is a software project aimed at replacing proprietary firmware found in most computers with a lightweight firmware designed to perform only the minimum number of tasks necessary to load and run a modern 32-bit or 64-bit operating system.

<span class="mw-page-title-main">Free and open-source graphics device driver</span> Software that controls computer-graphics hardware

A free and open-source graphics device driver is a software stack which controls computer-graphics hardware and supports graphics-rendering application programming interfaces (APIs) and is released under a free and open-source software license. Graphics device drivers are written for specific hardware to work within a specific operating system kernel and to support a range of APIs used by applications to access the graphics hardware. They may also control output to the display if the display driver is part of the graphics hardware. Most free and open-source graphics device drivers are developed by the Mesa project. The driver is made up of a compiler, a rendering API, and software which manages access to the graphics hardware.

<span class="mw-page-title-main">Comparison of open-source wireless drivers</span>

Wireless network cards for computers require control software to make them function. This is a list of the status of some open-source drivers for 802.11 wireless network cards.

In the context of free and open-source software, proprietary software only available as a binary executable is referred to as a blob or binary blob. The term usually refers to a device driver module loaded into the kernel of an open-source operating system, and is sometimes also applied to code running outside the kernel, such as system firmware images, microcode updates, or userland programs. The term blob was first used in database management systems to describe a collection of binary data stored as a single entity.

Operating system Wi-Fi support is the support in the operating system for Wi-Fi and usually consists of two pieces: driver level support, and configuration and management support.

The following outline is provided as an overview of and topical guide to free software and the free software movement:

<span class="mw-page-title-main">OpenBSD</span> Security-focused Unix-like operating system

OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. According to the website, the OpenBSD project emphasizes "portability, standardization, correctness, proactive security and integrated cryptography."

Intel PRO/Wireless is a series of Intel wireless products developed by Intel. These products include wireless network adapters, access points, and routers that are designed to provide high-speed wireless connectivity for computers, laptops, and other devices. Intel PRO/Wireless products use various wireless technologies, including Wi-Fi and Bluetooth, to provide wireless connectivity. Intel PRO/Wireless network adapters allow devices to connect to wireless networks, while access points and routers create wireless networks that devices can connect to.

<span class="mw-page-title-main">Linux-libre</span> Version of the Linux kernel without proprietary code

Linux-libre is a modified version of the Linux kernel that contains no binary blobs, obfuscated code, or code released under proprietary licenses. In the Linux kernel, they are mostly used for proprietary firmware images. While generally redistributable, binary blobs do not give the user the freedom to audit, modify, or, consequently, redistribute their modified versions. The GNU Project keeps Linux-libre in synchronization with the mainline Linux kernel.

<span class="mw-page-title-main">NetBSD</span> Open-source Unix-like operating system

NetBSD is a free and open-source Unix operating system based on the Berkeley Software Distribution (BSD). It was the first open-source BSD descendant officially released after 386BSD was forked. It continues to be actively developed and is available for many platforms, including servers, desktops, handheld devices, and embedded systems.

The OpenBSD Cryptographic Framework (OCF) is a service virtualization layer for the uniform management of cryptographic hardware by an operating system. It is part of the OpenBSD Project, having been included in the operating system since OpenBSD 2.8. Like other OpenBSD projects such as OpenSSH, it has been ported to other systems based on Berkeley Unix such as FreeBSD and NetBSD, and to Solaris and Linux. One of the Linux ports is supported by Intel for use with its proprietary cryptographic software and hardware to provide hardware-accelerated SSL encryption for the open source Apache HTTP Server.

In computing, a devicetree is a data structure describing the hardware components of a particular computer so that the operating system's kernel can use and manage those components, including the CPU or CPUs, the memory, the buses and the integrated peripherals.

The hw.sensors framework is a kernel-level hardware sensors framework originating from OpenBSD, which uses the sysctl kernel interface as the transport layer between the kernel and the userland. As of 2019, the framework is used by over a hundred device drivers in OpenBSD to export various environmental sensors, with temperature sensors being the most common type. Consumption and monitoring of sensors is done in the userland with the help of sysctl, systat, sensorsd, ntpd, snmpd, ports/sysutils/symon and GKrellM.

The bio(4) pseudo-device driver and the bioctl(8) utility implement a generic RAID volume management interface in OpenBSD and NetBSD. The idea behind this software is similar to ifconfig, where a single utility from the operating system can be used to control any RAID controller using a generic interface, instead of having to rely on many proprietary and custom RAID management utilities specific for each given hardware RAID manufacturer. Features include monitoring of the health status of the arrays, controlling identification through blinking the LEDs and managing of sound alarms, and specifying hot spare disks. Additionally, the softraid configuration in OpenBSD is delegated to bioctl as well; whereas the initial creation of volumes and configuration of hardware RAID is left to card BIOS as non-essential after the operating system has already been booted. Interfacing between the kernel and userland is performed through the ioctl system call through the /dev/bio pseudo-device.


  1. 1 2 "/sys/dev/microcode/". OpenBSD .
  2. 1 2 Jeremy Andrews (2005-03-08). "Feature: OpenBSD's "Out of the Box" Wireless Support". KernelTrap . Archived from the original on 2005-03-09.
  3. 1 2 3 4 Jeremy Andrews (2006-05-02). "Interview: Theo de Raadt". KernelTrap . Archived from the original on 2006-06-03.
  4. Jeremy Andrews (2006-04-19). "Interview: Jonathan Gray and Damien Bergamini". KernelTrap . Archived from the original on 2006-04-24. Firmwares are not considered blobs and can be shipped with the base system (provided their license allows free redistribution). Firmwares execute on the device itself, meaning they are not tied to a particular OS, while blobs execute on the host CPU, most of the time inside the kernel.
  5. 1 2 3 Jeremy Andrews (2004-11-02). "Feature: OpenBSD Works To Open Wireless Chipsets". KernelTrap . Archived from the original on 2006-06-20.
  6. 1 2 Theo de Raadt (2016-12-03). "Page 13: The hardware: 802.11 wireless networking (more detail)". Open Documentation for Hardware. OpenCON 2006, 2–3 December 2006. Courtyard Venice Airport, Venice/Tessera, Italy.
  7. 1 2 Constantine A. Murenin (2006-12-10). "Почему так важно иметь документацию по программированию железа". (in Russian).
  8. "sysutils/firmware". OpenBSD ports .
  9. 1 2 Mark Shuttleworth (2014-03-17). "ACPI, firmware and your security".
  10. "Drunk drivers granted access to breathalyser source code". 2005-11-03. Archived from the original on 2008-09-30.