The Free Software Foundation's Respects Your Freedom certification "encourages the creation and sale of hardware that will do as much as possible to respect your freedom and your privacy, and will ensure that you have control over your device." The RYF cerfitication has several criteria a project needs to adhere to to earn it:
- All software running on the device as sold must be free software (duh)
- PCB designs are made in KiCad and GPL'd, so no problem there
- Case/mechanical designs are in Fusion 360, so while I can export the .f360 and the STL's, that might count as needing non-free software to build it...
- If someone was motivated enough, they could "port" my designs to FreeCad, OpenSCAD, etc.
- All Linux kernel-related stuff will obviously be under the GPL.
- Any other software I write for the project will be released as GPL or MIT/BSD (which is GPL-comatible)
- The ESP32 WiFi baseband/wpa-supplicant is currently a binary blob...
- Worst-case scenario: even if this firmware is never freed, the ESP32 should be otherwise functional without it - the Ethernet port would still work, although it would undermine the point of the project to need a tethered connection.
- Espressif says open sourcing is "on the roadmap", but little progress has been made since 2016. The main argument by Espressif seems to revolve around not wanting to kickstart another wave of those ESP8266 deauth throwies with security through obscurity for the 802.11 PHY.
- Some WPA2 & WPS code is due to be open-sourced in the 3.1 release though, so there is hope... At my pace, it might be "liberated" by the time I get a prototype working :P
- Sprite_TM said in the ESP32 Hack Chat that once there is another system on the market with easy direct control of the PHY he would push for it inside Espressif. So any enterprising hackers who want to make a plug-and-play SDR platform for screwing up WiFi should have at it and liberate this firmware ;)
- User installation & compilation of modified software
- While the system probably won't have anywhere near enough memory or storage to be fully self-hosting, considering my development PC only runs free software it should be impossible for me to make compiling the software require proprietary components.
- The security afforded by the ESP32's Secure Boot (especially when combined with Flash Encryption) is something I want to be able to capitalize on. My current plan is to ship the computers "unlocked", and to provide a tool for users to generate their own private keys to sign their software with.
- No spyware or backdoors
- I wouldn't dream of it. I hate those as much as the next guy. Besides, if all the code is open & builds are reproducible, it should be easy to prove there's nothing evil in there.
- Generally I am immediately suspicious of hardware built in the United States, especially without a warrant canary. One of the first things I plan to do when I build a website is add one. Until then, needless to say, this 15-year-old hasn't yet received any secret subpoenas or anything.
- Confusion with other products
- Well this is just kind of a generic guideline for any product, libre or not. The only "products" this could be confused with are the computers in Serial Experiments Lain - and that's intentional.
- I don't think I could even legally hold a patent on anything...
- I hereby license everything on this hackaday.io project under the GNU Free Documentation License.
- Cooperation with FSF PR
- Oh hang on, let me s:Linux:GNU/Linux:g real quick...
And there you go. Once I have a working prototype and I am sure all these plans are feasible, I'm pretty much going to copy-paste this into an email to the FSF and wait for my shiny sticker.
It feels good to just dump all this out onto the page. These ideas have been brewing in my head for months...