Should I use the Linux-libre kernel or no?
-
Hello, I'm wondering if I should use the Linux-libre kernel or if I should stay with the stock Linux kernel. I do want to remain 100% FOSS and have Libreboot installed, but, does it really matter if I use the stock kernel or not? Can the blobs from the stock kernel be a vulnerbility? My only reason for wanting to stay with the stock kernel is because its better maintained and gets audited more. But I'm really just worried about the blobs, can they do anything?
Hello! It’s great that you're committed to libre software principles and already using Libreboot.
Proprietary blobs in the kernel.org Linux kernel can indeed pose risks. These blobs are nonfree, meaning they can't be audited or modified
by the community. This leaves users dependent on vendors, and there's always the potential for vulnerabilities or backdoors. Linux-libre removes
these blobs entirely, ensuring your system runs only software that respects your freedom and can be fully audited.While the stock kernel benefits from frequent updates and broad testing, Linux-libre is a downstream fork of Linux. This means it incorporates all technical improvements, bug fixes, and security patches from the stock
kernel, minus the proprietary blobs. You get the best of both worlds: security and freedom.A quick note about Libreboot: while it strived to be 100% free in the past, many devices still rely on proprietary components like microcode updates. If you're aiming for full transparency, it's worth checking if your hardware depends on these since Libreboot did chose to make compromises and support them with nonfree blobs.
This don't lessen its value, as the project still makes the computing world more free, but it's something to consider as Libreboot is not entirely libre anymore for every board. For instance, every computer it supports has now nonfree microcode updates. You may consider using Canoeboot or GNU Boot instead. -
Hello, I'm wondering if I should use the Linux-libre kernel or if I should stay with the stock Linux kernel. I do want to remain 100% FOSS and have Libreboot installed, but, does it really matter if I use the stock kernel or not? Can the blobs from the stock kernel be a vulnerbility? My only reason for wanting to stay with the stock kernel is because its better maintained and gets audited more. But I'm really just worried about the blobs, can they do anything?
Do you use Netflix or other services/products with DRM?
That's your answer.
-
Hello, I'm wondering if I should use the Linux-libre kernel or if I should stay with the stock Linux kernel. I do want to remain 100% FOSS and have Libreboot installed, but, does it really matter if I use the stock kernel or not? Can the blobs from the stock kernel be a vulnerbility? My only reason for wanting to stay with the stock kernel is because its better maintained and gets audited more. But I'm really just worried about the blobs, can they do anything?
If you hardware is compatible, go for it !
-
Hello, I'm wondering if I should use the Linux-libre kernel or if I should stay with the stock Linux kernel. I do want to remain 100% FOSS and have Libreboot installed, but, does it really matter if I use the stock kernel or not? Can the blobs from the stock kernel be a vulnerbility? My only reason for wanting to stay with the stock kernel is because its better maintained and gets audited more. But I'm really just worried about the blobs, can they do anything?
i personally wouldn't use it as it's more inconvenient. also i suggest probably go outside /hj
-
Do you use Netflix or other services/products with DRM?
That's your answer.
Beside this service (which I'm not using), any other? I briefly looked for a list but couldn't find one.
-
Beside this service (which I'm not using), any other? I briefly looked for a list but couldn't find one.
I'm highlighting a contradiction in what you're doing.
You're asking whether you should use a non-DRM Linux kernel but using DRM everywhere else?
It's not a great flex, but the whole thing about Linux is that you can choose to do what you want with no restrictions.
Have at it! Enjoy!
-
Hello, I'm wondering if I should use the Linux-libre kernel or if I should stay with the stock Linux kernel. I do want to remain 100% FOSS and have Libreboot installed, but, does it really matter if I use the stock kernel or not? Can the blobs from the stock kernel be a vulnerbility? My only reason for wanting to stay with the stock kernel is because its better maintained and gets audited more. But I'm really just worried about the blobs, can they do anything?
if you want to be fully foss then sure but you'll probably find shit works less reliably with it. ymmv
-
Hello, I'm wondering if I should use the Linux-libre kernel or if I should stay with the stock Linux kernel. I do want to remain 100% FOSS and have Libreboot installed, but, does it really matter if I use the stock kernel or not? Can the blobs from the stock kernel be a vulnerbility? My only reason for wanting to stay with the stock kernel is because its better maintained and gets audited more. But I'm really just worried about the blobs, can they do anything?
Sure if your hardware works to your satisfaction with it. The only way to know is to try it yourself. You can test it with a Trisquel liveusb.
-
Hello, I'm wondering if I should use the Linux-libre kernel or if I should stay with the stock Linux kernel. I do want to remain 100% FOSS and have Libreboot installed, but, does it really matter if I use the stock kernel or not? Can the blobs from the stock kernel be a vulnerbility? My only reason for wanting to stay with the stock kernel is because its better maintained and gets audited more. But I'm really just worried about the blobs, can they do anything?
If your hardware supports linux-libre and you don't consume DRM content (If you don't know. Widevine is the cause), it's better to use that. If not, then you can use Debian/LMDE which can only use the blobs your hardware requires.
My only reason for wanting to stay with the stock kernel is because its better maintained and gets audited more
linux-libre used by Trisquel GNU+Linux which used by FSF. So don't worry.
Can the blobs from the stock kernel be a vulnerbility?
This is not the thing to worry about. Vulnerability is normal because we are human. What is worrying is that blobs are non-libre and you are dependent on the blob developer to care. If the blob developer cares, then great. If not, then you are done. Also, this is a matter of trust. We cannot know what blobs are doing because they are non-libre.
-
I'm highlighting a contradiction in what you're doing.
You're asking whether you should use a non-DRM Linux kernel but using DRM everywhere else?
It's not a great flex, but the whole thing about Linux is that you can choose to do what you want with no restrictions.
Have at it! Enjoy!
I'm confused, are you talking to me or OP? I didn't ask which kernel anyone "should" use. I asked about which software does rely on a specific feature that you mentioned, namely DRM. Please clarify.
-
Hello, I'm wondering if I should use the Linux-libre kernel or if I should stay with the stock Linux kernel. I do want to remain 100% FOSS and have Libreboot installed, but, does it really matter if I use the stock kernel or not? Can the blobs from the stock kernel be a vulnerbility? My only reason for wanting to stay with the stock kernel is because its better maintained and gets audited more. But I'm really just worried about the blobs, can they do anything?
Since you are already using Libreboot, you already have (proprietary) microcode updates installed. So I think it shouldn't be a security disaster with Linux-libre (that assumes that you keep your Libreboot updated). Worst thing that would happen is that your hardware won't work. That's also the best thing that will happen. The blobs are just firmware that gets loaded on a device that needs it. If you have the device, it won't work without blobs. If you don't have it, the firmware is not loaded so the outcome is not that different from regular linux. And also reading from comments there are some blobs for enabling DRM content. I guess that's not mandatory.
Though imo Linux-libre is pointless. For noobs it's a potential security disaster and skilled users would be better off compiling their own kernel with just the features they need to reduce attack surface.
-
Hello! It’s great that you're committed to libre software principles and already using Libreboot.
Proprietary blobs in the kernel.org Linux kernel can indeed pose risks. These blobs are nonfree, meaning they can't be audited or modified
by the community. This leaves users dependent on vendors, and there's always the potential for vulnerabilities or backdoors. Linux-libre removes
these blobs entirely, ensuring your system runs only software that respects your freedom and can be fully audited.While the stock kernel benefits from frequent updates and broad testing, Linux-libre is a downstream fork of Linux. This means it incorporates all technical improvements, bug fixes, and security patches from the stock
kernel, minus the proprietary blobs. You get the best of both worlds: security and freedom.A quick note about Libreboot: while it strived to be 100% free in the past, many devices still rely on proprietary components like microcode updates. If you're aiming for full transparency, it's worth checking if your hardware depends on these since Libreboot did chose to make compromises and support them with nonfree blobs.
This don't lessen its value, as the project still makes the computing world more free, but it's something to consider as Libreboot is not entirely libre anymore for every board. For instance, every computer it supports has now nonfree microcode updates. You may consider using Canoeboot or GNU Boot instead.Ok but Linux-libre does not solve the security risk. It just makes hardware not work. You might as well say that any kernel module is a security risk (be it Free or proprietary) and it's better to turn it off.
Also unlike the blobs which "can cause risks", Linux-libre causes risks. It removes proprietary microcode updates. So the outdated (also proprietary) microcode installed on your computer leaves you vulnerable to things like Spectre.
This is potentially not an issue if OP uses ARM for example but using Linux-libre for security reasons is a really bad joke.
