Hello everyone,

In the wake of the recent Right to Repair Act (SB 244) enacted in California on October 10, 2023, the discourse around consumer rights and sustainable technological practices has intensified. A critical facet of this discourse is the BIOS/UEFI (Basic Input/Output System/Unified Extensible Firmware Interface), the fundamental firmware that initializes the hardware during the boot process of our computing devices.

Currently, BIOS/UEFI is largely under proprietary control, posing substantial barriers to our ability to repair, upgrade, and exercise full control over our own devices. This proprietary dominance not only stifles technological innovation and user freedom but also raises serious security concerns. The lack of transparency and verifiability inherent in closed-source firmware like Intel’s Management Engine (IME) and AMD’s Platform Security Processor (PSP) presents potential security vulnerabilities.

I am launching a petition on Change.org to advocate for Free and Open Source BIOS/UEFI. This initiative transcends personal control over our devices. It symbolizes a stride towards reducing electronic waste, promoting sustainability, and nurturing a culture where technology serves as a medium for empowerment rather than suppression.

The necessity for freedom in hardware firmware is clear. Open BIOS/UEFI furnishes a foundational level of control and understanding, dismantling barriers that keep users distanced from the core operations of their devices, and fostering a more inclusive and participatory technological ecosystem.

We are at a pivotal moment. The momentum nurtured by the Right to Repair movement invites us to extend the principles of openness and user empowerment to the foundational firmware of our devices. Our proactive stance today significantly influences our digital autonomy tomorrow.

The global advocacy for digital rights is reaching a crucial point, with a growing community rallying for more control, transparency, and accountability in the technology we use daily. The shift towards a more open and user-centric technological landscape is not just a fleeting trend, but a substantial movement that echoes the broader societal values of autonomy, privacy, and democratic engagement.

This petition endeavors to rally tech industry stakeholders and governmental bodies to advocate for the liberation of BIOS/UEFI from proprietary control. With open BIOS/UEFI, we inch closer to a technological landscape that aligns with democratic values, ensuring that technology serves the collective, not just a privileged few.

I invite you to sign the petition, disseminate it within your networks, and vocalize your support for a more open, sustainable, and democratically-aligned computing environment.

Together, through a shared vision and collective action, we can usher meaningful change in the technological domain.

Thank you for your support.

  • segfault@lemmy.world
    link
    fedilink
    English
    arrow-up
    44
    arrow-down
    2
    ·
    1 year ago

    Currently, BIOS/UEFI is largely under proprietary control

    This is incorrect.

    The UEFI Forum makes specifications freely available at no cost at https://uefi.org/specifications, and membership is free which would then allow you to redistribute and otherwise use the specs. There are many “open specifications” that require either a one-time purchase of a single specification or a subscription for continued access to a set of specifications, that you of course then cannot share. (PCI-SIG requires a company subscription at $4000 a year to access PCIe related specs.)

    edk2, the reference implementation used on everything with UEFI, is open source (BSD-2-Clause-Patent) and available on GitHub: https://github.com/tianocore/edk2.

    The problem is not that it’s under proprietary control, it’s that every fucking company forks edk2 into proprietary products because the license allows it (because Intel required it).

    • Most ODMs/IBVs/OEMs are not willing to make their garbage “value-add” components available, let alone source code for them.
    • Many companies are not willing or unable to make available any required datasheets or provide source code for Platform Initialization (such as NDAs for 3rd party components).
    • Intel has not only gone back on its word about making more the FSP open source (FSP also uses edk2), they are trying to take control even more by shoving increasingly more shit into the FSP.
    • pastermil@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      19
      arrow-down
      1
      ·
      1 year ago

      You basically just proved OP’s point that most our firmware is closed and it’s a problem.

      Wit that said, the nuance you mentioned is good to have, especially that we’re talking about legal stuff here.

    • OrwellianPenguin@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      17
      ·
      1 year ago

      While I appreciate that some components are open-source, the goal here is broader—ensuring BIOS/UEFI is not just open-source but entirely free and open in an ethical sense. This aims for complete transparency, verifiability, and user freedom, beyond what current licenses like BSD-2-Clause-Patent allow. The proprietary forks and lack of transparency you mentioned actually reinforce the need for a fully free BIOS/UEFI. Your points are well taken but highlight that there’s still work to be done to achieve full user freedom.

      • Dkarma@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        14
        ·
        1 year ago

        This whole “project” is the very definition of a solution in search of a problem.

        You’re more than welcome to flash whatever bin you want to put together. No one is stopping you. If you want these companies proprietary apis you’re kidding yourself.

        • OrwellianPenguin@lemm.eeOP
          link
          fedilink
          English
          arrow-up
          11
          ·
          1 year ago

          This whole “project” is the very definition of a solution in search of a problem.

          You’re more than welcome to flash whatever bin you want to put together. No one is stopping you. If you want these companies proprietary apis you’re kidding yourself.

          The goal isn’t merely to flash custom binaries; it’s about creating a computing environment where that sort of freedom is a given, not an exception reserved for those in the know.

          • Dkarma@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            7
            ·
            1 year ago

            Your comments make you come off as clueless as to how firmware works and is developed.

            • OrwellianPenguin@lemm.eeOP
              link
              fedilink
              English
              arrow-up
              7
              arrow-down
              1
              ·
              1 year ago

              You don’t need to be an expert in firmware development to recognize the systemic issues at play here. Understanding the problem doesn’t require a deep technical background.

        • watcher@nopeeking.link
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          Hasn’t it been established already that APIs can’t be proprietary, like the case woth Oracle against Google?

  • Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    20
    ·
    1 year ago

    I’m down but its unlikely to change anything. I bought a system76 labtop because I knew it wouldn’t do anything silly.

    • OrwellianPenguin@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      13
      ·
      edit-2
      1 year ago

      So what is the issue with this project https://libreboot.org/ ? maybe instead demanding change, supporting alternatives is a better option

      Libreboot is a great project, but its strict commitment to minimal blobs can limit compatibility. While the broader open BIOS/UEFI discussion often aims for a balance between freedom and compatibility, my advocacy is focused on pushing for a fully free and open BIOS to empower users to the greatest extent possible.

      Edit: In fact, Leah Rowe, the creator of Libreboot, just signed the petition.

  • nossaquesapao@lemmy.eco.br
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    I don’t want to sound non supportive, but just out of curiosity: why not put the effort into smartphone bootloaders, which are a high bottleneck of locking users and preventing right to repair?

    I mean, while uefi isn’t so tranaparent, we can at least install our os of choice, something usually not possible in phones.

    • OrwellianPenguin@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      1 year ago

      A victory in making BIOS/UEFI open and free could set a precedent that influences other realms of hardware and software, including the smartphone bootloaders you mentioned. It’s a step towards a more comprehensive shift in how we approach user freedom across devices.

  • TWeaK@lemm.ee
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    2
    ·
    1 year ago

    Hah! As if. Low level things like that is reserved for the best state-sponsored malware. We can’t be opening that up and letting users (gasp!) protect themselves.

    It would also undermine the OS security stuff, in the same way that Nintendo Switches were hacked through the bootloader when they first came out. Just have the BIOS tell the OS everything’s ok. So it really, really is a non-starter, as far as the industry is concerned.

    • OrwellianPenguin@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      With a free and open framework and the right security measures, we can address these issues over time and build a unified BIOS that empowers users while maintaining security standards. This initiative aims to create a more transparent and user-controlled tech ecosystem, recognizing that security through obscurity is not the solution.

      • TWeaK@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Yeah I understand the benefits - and even want them - but I really don’t see it happening. You mentioned the Intel ME, that was introduced right around the time the NSA started their PRISM program. Between commercial and intelligence interests I don’t think this idea will take off. If anything, state actors have been actively preventing open hardware from being developed and sold commercially.

        • OrwellianPenguin@lemm.eeOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Challenges from corporate and state players are real, but that’s all the more reason to push for change. Sure, it’s a tall order given the interests you’ve mentioned, but if we don’t speak up, who will? Advocacy starts somewhere, and it’s initiatives like this petition that can at least get the ball rolling.

    • SharkAttak@kbin.social
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      On one hand, I fear this could to people trying to have DDR5 speeds on DDR4, but on the other would make easier to spot and fix moronic features like the auto-update on some recent ASUS(?) motherboards.

  • ryannathans@aussie.zone
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    Wish there was an alternative to change… they force a subscription to their shit every time you sign