All those advantages I mentioned, is protecting novice/unskilled users from malicious introduced by new updates, not protecting an experienced user from a purposed attack. It is never a matter of “it is more secure for you”, it is “safer in general”.
The existence of firmware jail, means Purism want to take responsibility to check this firmware. By this way, at least we see they are trying to make a change. I can understand your concerns, but keep in mind that removing that WiFi card can solve the entire issue. Maybe in future, Purism will make Pureboot capable of “clean itself”.
No, it’s not. I already gave an example scenario where that isn’t the case (and that is not a hypothetical attack either).
That’s true. And that’s bad. But imagine that there’s some string clearly visible in the blob that you would like to change and that is perfectly safe to change.
You didn’t answer my question as to what you mean by “installation”.
You didn’t clearly specify whether, where and when the signature is checked / enforced.
I would put it like this though: You are in control.
If you let firmware get updated via apt then it can be difficult / inconvenient / a compromise to prevent firmware update. If you have to take explicit, separate, inconvenient action that involves quite unusual activity on the user’s part then you can let apt rip but still be in control of firmware updates.
The current linux-firmware package is enormous and monolithic. It must have hundreds of firmware files in it. You have very little chance of keeping on top of what’s in it, and what is actually changing. I understand that this level of blobness is not really Linux’s fault.
No, not at all. A completely misunderstanding. I am saying in the quoted paragraph that the user is slower than Debian. It has nothing to do with Purism. Purism in no way controls the firmware versions present after a device has been shipped. It is entirely dependent on the user to make the choice to update firmware.
I think the nature of the firmware jail should be pretty clear: It is not an extra security flaw in most time. It is an awkward workaround, but it does nothing bad and is easily to turn off or avoid. It tries to make non-free hardware useful for our fully-libre devices, not to force non-free hardware into your ass.
I think unless if we want to completely avoid WiFi, the firmware jail can be there. If you want that way (no wifi), then do that way, but don’t say firmware jail is bad simply because you are standing on some software freedom moral high ground.
If you really care about thing being “so pure”, I don’t know what can do for you. Even the most free hardware has minimal proprietary bits, and these devices are going outdated even for now. Soon enough, fully free hardware would be a fairytale, and it is indeed. Sticking with fully free items is not going to do anything other than being a live proof of concept, but this is neither attractive to public, nor helpful to the community.
We have to face the reality no matter you want it or not.
Debian now has a Deblob pure blend that removes non-free firmware and this mail gives a good explanation of the difference between firmware supplied with hardware (covered by consumer protection laws) and separately installed firmware (firmware license agreement). The argument being, user has less legal rights when installing firmware separately.