Paranoid: What does binary NIC firmware do? [closed]

Posted on

Paranoid: What does binary NIC firmware do? [closed] – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about linux, security, nic, firmware, realtek.

My server has a Realtek NIC, so I installed realtek-firmware package from Debian non-free. My question is:
What could be possible (paranoid) attack / backdoor scenarios coming with the proprietary of it (e.g. could it send duplicates of all packets to another IP)?

Solution :

Non-free = not open source.

It’s all explained in Debian, What do you mean by Free Software?:

Note: In February 1998 a group moved to replace the term “Free
Software
” with “Open Source Software“.

Software that is free only in the sense that you don’t need to pay to
use it is hardly free at all. You may be forbidden to pass it on, and
you are almost certainly prevented from improving it. Software
licensed at no cost is usually a weapon in a marketing campaign to
promote a related product or to drive a smaller competitor out of
business. There is no guarantee that it will stay free.

Debian has decided to stay extremely pure about this. Everything in the main distribution must be open source. However, most people need something that doesn’t meet these requirements, so it is possible to choose to opt-in for these non-free packages.

Drivers & firmware are a good example of something an user might actually need. Some manufacturers don’t want to expose the internal structure of their components to public and therefore won’t provide open source firmware. Yet, a device cannot function without it.

Many devices require a firmware to operate. Historically, firmware
were built-into the device’s ROM or Flash memory, but more and more
often, the firmware has to be loaded into the device by the driver
during the device initialization.

A true open source warrior, aka a stereotypical Debian user, chooses all hardware based on open source requirements. For the rest of people that already have the hardware, using non-free firmware is inevitable.

Leave a Reply

Your email address will not be published.