It replaces a proprietary component of your system with an open source one.
Reading https://libreboot.org/#why-use-libreboot might provide further enlightenment.
It replaces a proprietary component of your system with an open source one.
Reading https://libreboot.org/#why-use-libreboot might provide further enlightenment.
That still doesn't answer the question of why it's better. Unless you're paranoid about an OEM backdoor, I think this is cool but not worth the effort.
I think firstly is the FOSS obsession and backdoor paranoia from evangelists, and secondly and the more practical one is that the proprietary IBM BIOS is full of bugs and anti-consumer blacklists and whitelists designed to limit repairability and upgradeability, which stil boggle my mind on how those laptops got such a good image on that front.
I mean, maybe paranoia is the wrong word.. it's not something that I'm personally worried about, but stuff like that has actually happened.
>but stuff like that has actually happened
Yes, if you live and organize your life around things that are unlikely to happen to you, but only because they've happened ONCE to someone else, typically a high value target by state actors, that's called paranoia.
Most people are not gonna be targeted via BIOS hacks. From state actors to online scammers they all have easier ways to getting your data remotely.
> Most people are not gonna be targeted via BIOS hacks.
This is not really true:
https://www.techdirt.com/articles/20150812/11395231925/lenov...
I'm not sure that's paranoia (as others have pointed out, OEM firmwares have had security problems before), but sure, let's ignore security problems for a moment.
1. Firmware contains bugs. Old proprietary firmware tends to not get fixes. If you switch to an open source version, you can get the bugs fixed.
(Edit) 1.a. Old proprietary firmware also doesn't tend to get new features, and open source replacements can cover that. (eg. booting over HTTP(S) or security features to help against Evil Maid attacks)
2. Libreboot claims to be faster to boot than the vendor firmware. Depending on the particular device/firmware, that wouldn't surprise me at all.
Yes, I said in another comment that I might have used the wrong word. It's still not something I have a lot of motivation to do something about. At least not until the process is easy.
> Unless you're paranoid about an OEM backdoor
Lenovo does have a history with installing a very obvious spyware rootkit on their consumer PCs[0].
[0]https://support.lenovo.com/us/en/product_security/ps500035-s...
I think you've pretty much summed it up.
As far as I'm aware, it has less functionality than the OEM, so you use it to _remove_ features (good and/or bad).
Aside from that, I suppose it means you can run a more up to date firmware if yours is no longer maintained, but I'm not sure what that means in practical terms.
There's also the "hyper paranoid" fork "canoeboot" which has no proprietary blobs, and presumably _even less_ functionality.
The short answer is; if you don't know why you want it or need it, you probably don't.
This answer is "do it out of principle". OP is looking for the practical considerations.
As far as I can tell, this is the only reason, you'll likely lose a bunch of functionality (that's been my experience); so "principle" is the only reason I'm aware of (or minimalism, but that's a principle too is it not?).
I suppose if nothing else, you can run a more up to date firmware if the vendor stopped supporting yours, but I have no idea what that means in a practical sense.
I don't really feel like I've lost any functionality, personally?
If I weren't using binary blobs in the firmware, I think I would have more trouble, but that is Canoeboot to my knowledge, not Libreboot. ^^