Restrictive Hardware

There are a few areas that hardware can be restrictive to software. Issues involving the software you run also impact the hardware that you purchase and how you use them together. These primarily are the restrictions on what software you can install on your computer thus restricting how you can use it and the perils of hidden software functionality that can mistreat you without your knowledge.

Most computers you buy today come loaded with non-free software. On Desktop’s and Laptops this is typically Microsoft Windows and Apple MacOS. While they are nasty proprietary software, typically they can be removed from the machines and replaced with a free operating system such as GNU/Linux. While we only recommend computers that come with Free software - for the moment, being able to remove the non-free programs and installing your own system this is a reasonable solution.

Most computers sold today however come with an additional system called ‘Secure Boot’; this is a function of the machine that allows the hardware to restrict what software can be used. If the user is in control as it is today this is a good thing as it allows additional control of what programs can run on your computer, the issue is that other companies are interested in locking this down so that you can only use vendor approved software. They control what you can use on your computer, not you. Microsoft has already done this with their Windows Phones and Windows RT products. Microsoft holds the keys and thus you cannot install a new operating system unless they approve it first hand. How long until Microsoft chooses for you?

These systems are typically coupled with operating systems that only allow you to get additional software through their ‘App Store’, these are tools of censorship as they only allow programs of which only they can approve of and not the users free choice. They also tend to come with software that cannot be uninstalled, software such as Facebook which are designed to grab as much personal information as possible without the users direct knowing. To have such systems forced on people should be a crime.

Even if you are granted access to install your own operating system you typically still not in control of your entire computer. Every desktop and laptop computer since 2009 that uses an Intel processor also has an additional processor called the Intel Management Engine (IME) and AMD based machines after 2013 have the Platform Security Processor (PSP). This is a secondary computer inside that the user has no access too. The primary purpose of this is to provide additional functionality to the computer while the main computer is not loaded. That functionality is a good thing for people like system administrators but it also brings a lot of nasty issues with it. For it to achieve this functionality it needs to have total access to the main computer system even when not booted up. These systems run a non-free proprietary software system that can not be studied or modified, as such we the users have no clue as to what these system can do.

This has two major implications. Firstly is that your system can be controlled independently of you - the owner of the computer. Secondly is that it can potentially be cracked by malicious players to gain your personal information. Because of the nature of this secondary computer, you have no way of checking if your system has been compromised. No anti-virus or Malware detection software can detect or remove a potential threat because they do not have access to the secondary computer.

While there are projects like ME_Cleaner that can potentially reduce the functionality of the Intel system, we still do not know if it entirely works. If hackers force the IME to shutdown, your computer will only run for 30 minutes until it the main computer will be forcefully shutdown. The idea is to make your computer unusable without this non-free computer running and watching at all times. Similarly on AMD machines, while the BIOS does allow you to “disable” the PSP, there is no way to verify that this is the case.

We need to demand that computers are made that either do not have this additional hardware, or that we have access to it and the ability to use free software to power it. That way either the problem doesn’t exist or we the users are in control.

Mobile Phone/Computers

All mobile phones are restricted devices to some degree.

Android phones are similar to desktop computers in that you have to request ‘root access’ to your own phone install and modify the base system. While many vendors do allow this, it is not guaranteed. Many devices are locked down waiting for hackers to reverse engineer the system so that users can regain access to their hardware, that is if hackers have the time and the will to break through some very difficult systems.

That these machines are locked down in the first place again should not be allowed. Computer systems like this should not be tolerated or even allowed as they put the power entirely in the hands of the companies that manufacture them rather than the users that purchase and own them. These devices are restricted so that you have no freedom to move. You have to use applications that are only supplied by them via the “App store” and you can only use updates as approved by the manufactures IF they even decide to update which they routinely do not. These limitations are done so that you are eventually forced to buy a newer machine as support for the old is abandoned – even when the hardware is still perfectly usable.

Mobile phones also have dedicated chips for the cellular modem and wifi. These chips have proprietary operating systems, that run alongside of your regular OS. In most cases they have access to the device's microphone, RAM and GPS.

In the case of Apple based phones, then it is even more difficult to break out of these digital jails as they don’t even allow ‘root access’.

These same issues are also prevalent in all manner of hardware. TV sets, digital video recorders, security cameras, video games machines, digital watches, fitness trackers, internet routers etc. Almost every device that can be named is locked down to keep you from using it as you wish, allows nasty players to mis treat you, stops it from being kept up to date for various security issues and adding new functionality that the hardware can support. Issues like this will be particularly significant with the use of robotic systems in future such as Self driving cars and similar automated systems. How can we trust that a robotic car can safely transport us without giving away our location or handing us over to malicious players if we cannot even inspect how it works?

With Free Software you remain in charge of the devices you purchase. We must demand to buy products that respect us as the user rather than turning these things into sealed appliances.

There are also machines that while run software but the user is never exposed too directly. These are things like Automatic Teller Machines, traffic light systems, kitchen appliances etc. These are machines that you do not typically anticipate having access the computer inside. While at a technical level there are computer chips and software inside the units, it is not expected behaviour for you modify these systems. For instance, a toaster cannot be used to harm you.

In addition; While we do support the right to repair hardware rather than merely replace it, this is not a core tenant of Free Software Australia as it is a hardware design issue. While there are elements that over lap our goals – pure hardware issues fall out of our area. For more information on this area please see the work of the Electronic Frontiers Australia group and Electronic Frontier Foundation. On top of the right to repair the hardware we support the right to repair the software inside the machine.