Should I use the Linux-libre kernel or no?
-
[email protected]replied to [email protected] last edited by
If you hardware is compatible, go for it !
-
[email protected]replied to [email protected] last edited by
i personally wouldn't use it as it's more inconvenient. also i suggest probably go outside /hj
-
[email protected]replied to [email protected] last edited by
Beside this service (which I'm not using), any other? I briefly looked for a list but couldn't find one.
-
[email protected]replied to [email protected] last edited by
I'm highlighting a contradiction in what you're doing.
You're asking whether you should use a non-DRM Linux kernel but using DRM everywhere else?
It's not a great flex, but the whole thing about Linux is that you can choose to do what you want with no restrictions.
Have at it! Enjoy!
-
[email protected]replied to [email protected] last edited by
if you want to be fully foss then sure but you'll probably find shit works less reliably with it. ymmv
-
[email protected]replied to [email protected] last edited by
Sure if your hardware works to your satisfaction with it. The only way to know is to try it yourself. You can test it with a Trisquel liveusb.
-
[email protected]replied to [email protected] last edited by
If your hardware supports linux-libre and you don't consume DRM content (If you don't know. Widevine is the cause), it's better to use that. If not, then you can use Debian/LMDE which can only use the blobs your hardware requires.
My only reason for wanting to stay with the stock kernel is because its better maintained and gets audited more
linux-libre used by Trisquel GNU+Linux which used by FSF. So don't worry.
Can the blobs from the stock kernel be a vulnerbility?
This is not the thing to worry about. Vulnerability is normal because we are human. What is worrying is that blobs are non-libre and you are dependent on the blob developer to care. If the blob developer cares, then great. If not, then you are done. Also, this is a matter of trust. We cannot know what blobs are doing because they are non-libre.
-
[email protected]replied to [email protected] last edited by
I'm confused, are you talking to me or OP? I didn't ask which kernel anyone "should" use. I asked about which software does rely on a specific feature that you mentioned, namely DRM. Please clarify.
-
[email protected]replied to [email protected] last edited by
Since you are already using Libreboot, you already have (proprietary) microcode updates installed. So I think it shouldn't be a security disaster with Linux-libre (that assumes that you keep your Libreboot updated). Worst thing that would happen is that your hardware won't work. That's also the best thing that will happen. The blobs are just firmware that gets loaded on a device that needs it. If you have the device, it won't work without blobs. If you don't have it, the firmware is not loaded so the outcome is not that different from regular linux. And also reading from comments there are some blobs for enabling DRM content. I guess that's not mandatory.
Though imo Linux-libre is pointless. For noobs it's a potential security disaster and skilled users would be better off compiling their own kernel with just the features they need to reduce attack surface.
-
[email protected]replied to [email protected] last edited by
Ok but Linux-libre does not solve the security risk. It just makes hardware not work. You might as well say that any kernel module is a security risk (be it Free or proprietary) and it's better to turn it off.
Also unlike the blobs which "can cause risks", Linux-libre causes risks. It removes proprietary microcode updates. So the outdated (also proprietary) microcode installed on your computer leaves you vulnerable to things like Spectre.
This is potentially not an issue if OP uses ARM for example but using Linux-libre for security reasons is a really bad joke.
