If absolutely nobody can replace the firmware (without desoldering chips and such), then the playing field is level; the firmware is effectively part of the hardware, like a voltage controller chip on the circuit board.
If the firmware is flashable, then until someone actually flashes it, the situation sort of resembles the above, which is why the original firmware image is acceptable.
Would you prefer that Stallman declare unacceptable any proprietary factory firmware that can be overwritten?
Basically the FSF concerns itself with things that are programmable: who controls that. If only some privileged players can produce images for the device (like the original manufacturer or some parner or other cohor thereof), then the user is disadvantaged: the field is not level.
A device with a nonprogrammable ROM could be be harmful, and that could be due to code. But it is not fixable by programming, just like a harmful toaster.
Let's pretend for a minute that there were enough people following FSF recommendations to affect the market (that's one objective, right?):
A hardware vendor can just move their blobs from the driver download to flash on the hardware, and they went from "not respecting your freedom" to "respecting your freedom" it's a silly place to draw the line.
Then on top of it, an OS that ships updated blobs is anti-Free, but an OS that just runs the out-of-date blob gets the stamp of approval.
I personally wish they'd revise this singular obtuse rule in favor of talking about specific processor domains. A peripheral running proprietary software, whether from ROM, flash, or loaded into RAM by a Free host, has a similar level of non-freedom. But it is ultimately still a peripheral with limited purpose and limited privilege - it does not harm my freedom in the main computing domain.
I'd say the FSF isn't so much "fighting the previous war", but rather new fronts in the war opened up and they've had a lackluster response. But there is of course much money to be made by convincing people to just give up on freedom entirely, to sell them flashy computationally-disenfranchising gadgets and services.
A place where this idea falls down now is many devices do not actually contain a ROM. They only have RAM and get their firmware loaded into them at initialization. Functionally they are little different from a device with a flashable firmware.
This is a weird situation for Linux distros or any FOSS operating system. In order to use this hardware they need to ship closed binary blobs. Even if the license on the blobs allow redistribution shipping non-free software is often against a groups internal rules.
Peripherals requiring firmware from the host are not new. In the consumer PC market, software modems (or "winmodems") appeared in the early-to-mid 1990's.
A device with only RAM that gets proprietary software loaded into it from a storage device on startup is the description of any computer booting a proprietary operating system.
The GNU Public License contains an exception allowing GPLed programs to link to the libraries of an existing installation of a proprietary system.
The situation that is different with firmware blobs is that you have to redistribute them. Even if you get rid of the proprietary OS from the host machine, your free OS has to supply those blobs.
> A device with a nonprogrammable ROM could be be harmful, and that could be due to code. But it is not fixable by programming, just like a harmful toaster.
So why is it better to be harmful and unfixable than harmful and fixable?
I can think of one reason: when something can't be updated, whether that be a ROM or hardware itself, device manufacturers are more likely to keep that thing as simple and well-defined as possible, in order to limit risk. Complex functionality, opinionated functionality, potentially user-hostile functionality: that is left to updatable software.
But that is only a heuristic, not a fundamental moral value. It cannot justify behavior like [1], where an existing hardware component, designed with the idea that its firmware would be updatable, has a downstream hardware manufacturer put that firmware into something hard-to-update for the sole purpose of getting Respects Your Freedom certification. To be fair, the Librem 5 still does not have RYF cerification (who knows why), but I vaguely (perhaps wrongly) recall there being older examples of similar shenanigans.
There is also the example of Linux-libre removing warnings to update insecure microcode. It doesn't make the un-updated microcode any more free! At best it protects against a hypothetical attack where the manufacturer adds a backdoor in an update, but again that seems less like a fundamental moral value, more like a practical question of threat models and security tradeoffs.
> So why is it better to be harmful and unfixable than harmful and fixable?
In terms of the harm, it isn't better; harmful is harmful.
A non-programmable device is more freedom-respecting than one that is only programmable by a vendor. It causes users to have some blackbox whose future behaviors are controlled by third parties.
The situation with the non-programmable device is a vacuous truth. Like why is it possible that "all crows in set X are black" if X is an empty set? Yet not if X is a set containing one white crow?
"Nobody can program this device" implies that users are just as free to program the device as the vendors and their cohorts.
The statement "any firmware that can be flashed onto this device is allowed to be a nice, clean-smelling piece of GNU software" is a logically true statement, if the set of what can be flashed is empty. The statement becomes false when the set of what can be flashed becomes nonempty, and excludes free software.
It's a waste of time to try to fix your definitions in order to eliminate "weird" vacuous truths.
It's like trying to change the definition of what is a black crow so that not all crows are black in an empty murder of crows.
But it's not, because it only affects a small number of devs with a lot of conviction. A number small enough to be mostly irrelevant for any company with relevant market share. The rest of the world does just ignore the FSF of today.
If absolutely nobody can replace the firmware (without desoldering chips and such), then the playing field is level; the firmware is effectively part of the hardware, like a voltage controller chip on the circuit board.
If the firmware is flashable, then until someone actually flashes it, the situation sort of resembles the above, which is why the original firmware image is acceptable.
Would you prefer that Stallman declare unacceptable any proprietary factory firmware that can be overwritten?
Basically the FSF concerns itself with things that are programmable: who controls that. If only some privileged players can produce images for the device (like the original manufacturer or some parner or other cohor thereof), then the user is disadvantaged: the field is not level.
A device with a nonprogrammable ROM could be be harmful, and that could be due to code. But it is not fixable by programming, just like a harmful toaster.