Yes, every cellular modem on the market requires binary blobs, but there are 3 types of blobs:
- Requires a proprietary Linux driver (and usually proprietary firmware as well stored in /lib/firmware). This is the worst option because the blob is loaded into the Linux kernel and executed by it.
- Requires proprietary firmware stored in the Linux file system (in /lib/firmware) and then the blob has to be passed to the modem every time that it is initialized. This isn’t as much of a security threat, because the binary code is only copied over, and it isn’t executed inside Linux.
- Requires proprietary firmware stored on the modem, so the main Linux system never has to touch the blob.
The BM818 and PLS8 used in the Librem 5 are the third type of blob, which is allowed by the FSF’s Respects Your Freedom certification.
All cellular modems require proprietary firmware, and it is nearly impossible to reverse engineer the firmware. The manufacturers also won’t release any info or code for fear of patent lawsuits.
The situation isn’t much better for WiFi and Bluetooth. There were two types of WiFi 802.11b cards where experimental FOSS firmware was reverse engineered but they didn’t work very well. The only WiFi 802.11n cards that don’t require any firmware are Atheros ath9k (but they require proprietary firmware for the Bluetooth). The Redpine Signals RS9113 and RS9116 (which is used in the Librem 5) have proprietary firmware, but it is stored in the component. For 802.11ac/ad/ax we don’t have any options.