Yesterday, we ran a post on NVIDIA’s recent announcement of open-source drivers for video cards. And being hacked Huge Advocates of open source software and hardware, you think we’ll pour champagne. But it is more tactful than that.
One of the reasons they are able to publish a completely new, open-source driver is because of the privacy they want to keep Moved in Firmware. So is the whole system more or less open? Yes, probably both.
With more open interfaces between hardware and operating systems, people’s tasks of porting drivers to different architectures are getting easier. Bugs in the driver layer should be quickly detected and fixed. All normal open source arguments apply. But at the same time, the system as a whole is not so transparent. The irony about the new NVIDIA drivers is that we’ve been pushing them to be more open for decades, and they’ve responded by pushing their privacy into firmware.
The secrets of moving from software to firmware are still a secret, and even those of us who are staunch supporters of open source have blocked hardware and firmware paths on our computers. Take the Intel Management Engine, a small computer inside your computer that is running all the time – even when the computer is “off”. Do you want to audit the code for that? Sorry. And it’s not that it doesn’t have a fair share of security bugs
And the rabbit hole must go deep. No modern X86 chip actually conducts X86 machine language instructions – instead they have a microcode interpreter that reads the machine language and interprets what the chip actually says. This is very convenient because it means that chip vendors can work around silicon bugs by updating a firmware. But that means running a secret firmware layer at the root of your CPU. This layer is certainly not without bugs, which may have some security relevant effects.
This doubles for your smartphone, which is full of multiple processors that work more or less together to get the job done. So when Android users live in a more open environment than their iOS counterparts, when you start to see the firmware level, everything stays the same. Top layer of OS Is Open, but it’s swimming on a sea of binary blobs.
How relevant any one of them is to you depends on what you want to do with the device. If you are open source because you want to hack software, then having an open driver is a great resource. If you are looking for openness to offer security guarantees, well, out of your luck because you still have to blindly trust the firmware. And if you’re open source because bugs tend to be quicker to detect, it’s a mix – when top-level drivers are more closely monitored, other parts of the code are pushed deeper into obscurity. Maybe it’s time to start focusing on open source firmware?