If You Want More Verifiable (Auditable) Security, Use GNU Linux-Libre

posted by Roy Schestowitz on Feb 27, 2026

This is Alexandre Oliva's personal blog, that does not necessarily represent the opinions held by FSFLA, FSF, AdaCore or any other organization the author may be or may have been associated with, or even by myself, as of now or ever.

A common theme that we've focused on (and others too explored) recently was real security as opposed to bug doors or back doors sold as "security patches" or secure "secret sauce". Ryan already explained several years ago that IBM's LVFS (Linux Vendor Firmware Service) may have created more problems - or added risk - than it solved for some of the same reasons WordPress was tentatively abandoned by us in 2013. RMS has long referred to those sorts of things as "universal back doors"; they could moreover target particular individuals/users/servers - this made them even harder to anticipate and detect (isolated, insular payloads).

GNU/Linux will never be 100% secure (like any very large program or combination of many large programs). It will always have some holes here and there, but that does not mean we should make it more trivial to perform "complete system takeover" remotely.

As RMS put it in relation to Mono, just because risk is everywhere does not mean you should put your head inside the lion's jaw and hope for the best.

This brings us to GNU Linux-Libre^*. In about two months (maybe less, maybe more) GNU Linux-Libre 7.0 will come out. The Rust aspects of it may or may not complicate security (Rust is controlled by Microsoft in GitHub, whose CSO is literally NSA). But at least the firmware or other blobs will be culled. It is a step in the right direction as far as GNU's (of the FSF's) mission goes.

Linux-Libre's developer says that "stricter is less popular", but then again the Rust People say the same about people who try Rust and give up. See, they say we need more difficulties to ensure security, but many of those same people slag off the likes of Linux-Libre.

Maybe they don't value security, they only pretend to (tunnel vision). █

^* No need to compile it. "Distributions in which Linux-libre is the default kernel" as per Wikipedia:

Image source: Exposition Universelle in Paris, 1900

Other Recent Techrights' Posts

Almost 3 Days Later, Still Zero Press Coverage (Except One Publisher) About Mass Layoffs at Red Hat, Almost 500 People Laid Off (Over 400 for Sure): "A document posted by FOSS advocacy site Techrights appears to be that memo and explains that Red Hat has devised a location strategy under which it has identified key sites for prioritized hiring and strategic workforce investment."
The Register MS, About 6 Million Pounds in Debt, Helps Promote Microsoft's Gartner Group and Prop Up the Ponzi Scheme of Slop Plagiarism, Fake Article Mentions "AI" About 20 Times: What was now known as The Register UK not only works against the interests of the UK; it works for charlatans and frauds
IBM 'Value' Fell 20%, The Executives Took Bonuses and Bonus Hikes: IBM is paying more and more money to the executives
More Information on IBM Red Hat Layoffs in April 2026, Hundreds of Skilled GNU/Linux Engineers Laid Off (300+ Simultaneously): How long can the corporate media ignore IBM layoffs for?
SLAPP Censorship - Part 41 Out of 200: More Misuse of UK-GDPR (for US Citizens), More Copy-Pasting for Garrett and Graveley, Alleging That Publishing Unflattering Information is a 'Privacy' Issue: No wonder his own colleagues thought poorly of him (the junior barrister)
Links 11/04/2026: Twitter Presence Considered Harmful to News Sites, "The Future of Everything is Lies": Links for the day
thenextweb.com (TNW) Appears to Have Become a Slopfarm, Fake Articles About France and GNU/Linux Flood the Web: If you're not against slop, you're part of the problem
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, April 10, 2026: IRC logs for Friday, April 10, 2026
Three Years Ago We Disconnected From the United States, Now France Does the Same: Maybe in the coming months France will recruit loads of UNIX/Linux specialists
While Thousands of EPO Workers Are on Strike the President of the EPO, Who Bribes His Voters, Gives Himself Millions of Euros and 5,000 Euros Per Month in Housing Allowance: Campinos is immune, inherently corrupt, and habitual briber of his 'voters'
IBM and Red Hat Whistleblowers Versus a Dying Fourth Estate (Journalism Seems to Have Died as Silently as IBM RAs Go): What a crazy world we live in!
Slopfarms We Forget About Because They Silently Die: The hard reality (for slobs and sloppers) is, slopfarms have no future
Gemini Links 10/04/2026: Flexiveganism, What Happened to Twitter, and Algorithm Fetishes: Links for the day
Links 10/04/2026: Indonesia's Social Control Media Bans Extend to Google YouTube, "I.M.F. Says Iran War Will Drag Global Growth Lower": Links for the day
Media Blackout Regarding Mass Layoffs at Red Hat: To be very clear, what happened is certainly real
SLAPP Censorship - Part 42 Out of 200: Getting the Very Basic Technical Concepts Very Wrong, or Where Miscomprehension Begets "Plausible Deniability": It's difficult to argue with people over things that they do not even understand
This Coming Weekend and Next Week We'll Cover EPO Scandals a Lot, There Are Still Perpetual Strikes That the Media Intentionally Avoids Covering: Expect our focus on EPO corruption to grow again
Raw: Extensive Evidence of Red Hat's Mass Layoffs in China (IBM Meets Geopolitics): This has nothing to do with workers' performance
We'll Never Ever Do Social Control Media, Nate Silver's Article Helps Explain Why: If you want to research and publish, stay away from it
Links 10/04/2026: Pseudoscience and "Amazon Pulls Support for Perfectly Fine Older Kindles" and More Attacks on American Journalism: Links for the day
Dr. Andy Farnell Blasts Misuse of the Term "AI" to Describe Plagiarism, Plunder, and Misinformation: Dr. Stallman wrote about it back in the early 1980s
A Sign of Progress?: We'll solve war hunger and colonise Mars soon, according to men who never graduated from College
The Slop Delusion: This Morning We Broke Story on Red Hat Layoffs in Two Posts, Google is Already Plagiarising Them With Slop and Getting the Basic Facts Wrong: Google does not have "AI"; it has slop, which means it scrapes other people's work, then imitates it poorly
"IBM is Constantly Laying Off People" (Not Just in Red Hat): IBM as a company is collapsing
Many Layoffs at IBM Red Hat, as the Rumours Said: Red Hat mass layoffs [...] "this was a difficult decision to make."
Microsoft, Drowning in Net Debt, Will Make Many More Cuts: The company is a net negative to society
April 15: Richard Stallman to Speak at the University of Texas in Austin, Texas: Next Wednesday in the afternoon Dr. Stallman will speak in a US college for the second time this year and for the second time in nearly 8 years
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, April 09, 2026: IRC logs for Thursday, April 09, 2026
Gemini Links 10/04/2026: Cycling, Slop, and Software to Keep Photos Organised: Links for the day
Henry Abbott (TrueHoop) Says Microsoft Taken Public by Alvin Bernard "Buzzy" Krongard (in New Interview About Jeffrey Epstein): He has claimed that the man who took Microsoft public was a banker and also connected to the CIA (former Executive Director)
Quick Roundup of "Linux" Slop: Today we saw a slopfarm again in Google News
Links 09/04/2026: Microsoft Attacking VeraCrypt and "Canada’s New Surveillance Law": Links for the day
Gemini Links 09/04/2026: Shopping, LLMs That Ruin the Net, and Moving to GNU/Linux: Links for the day
Links 09/04/2026: TikTok Sets Up Another Outpost in Finland (EU), "Trump Attacks On Public Media Blocked by Judge": Links for the day
Microsoft's DevDiv Executive Has Quit (Is GitHub on the Chopping Block?): CodePlex all over again?
Chatbots (or LLMs) Are Killing Us, and We Ought to Talk About It: We need to talk (to each other, not to bots)
Microsoft Also Fires Senior Executives: Microsoft is a very feeble company pretending to be a giant
Microsoft Windows in Ireland: From 90% to Just 16%: When it comes to Ireland's Web usage, not much of it is from Windows anymore
SLAPP Censorship - Part 40 Out of 200: Putting Forth Frivolous Claim Only a Few Days Before Running Out of Time (12 Months): my response to a frivolous claim from Graveley
IBM Layoffs by Performance Improvement Plan (PIP) and More Evidence of Layoffs at HashiCorp After IBM Took Over: Notice how the media does not cover IBM layoffs
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 08, 2026: IRC logs for Wednesday, April 08, 2026
Gemini Links 09/04/2026: On the Radio, Boogie Notes, Slop in Search Engines and USENET: Links for the day