From 60561dc3df139eeab103e65e27924d43674c7270 Mon Sep 17 00:00:00 2001 From: Andrew David Wong Date: Fri, 12 Aug 2022 14:50:25 -0700 Subject: [PATCH] Update GNU FSDG certification FAQ entry See the discussion at: https://forum.qubes-os.org/t/13035/ --- introduction/faq.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/introduction/faq.md b/introduction/faq.md index 3cb1d24c9a..d9a5d98a14 100644 --- a/introduction/faq.md +++ b/introduction/faq.md @@ -273,7 +273,13 @@ tracking](/doc/issue-tracking). ### Will Qubes seek to get certified under the GNU Free System Distribution Guidelines (GNU FSDG)? -Not currently, for the same reasons that [Debian is not certified](https://www.gnu.org/distros/common-distros.en.html). +We wish we could, but the unfortunate reality right now is that an operating system *cannot be secure* without a certain minimum number of proprietary closed-source "blobs" (e.g., CPU microcode updates). A 100% free operating system that excludes all such blobs is vulnerable to known exploits and is therefore unsuitable for any use case where security matters. + +Instead, Qubes aims to be as free as possible *without sacrificing security*. All of the code created by the Qubes OS Project itself is 100% free. However, in order for users to actually run that code securely on their hardware, we must pair it with a small number of non-free blobs, which disqualifies Qubes, [along with the vast majority of open-source Linux distributions](https://www.gnu.org/distros/common-distros.html), from GNU FSDG certification. + +The [four essential freedoms](https://www.gnu.org/philosophy/free-sw.html) are part of the core of our philosophy, but so is security. Together, they inform our decisions and motivate our actions. Qubes aims to maximize both security and software freedom to the extent that they are compatible in the world today. + +Also see the Qubes OS [software license](/doc/license/). ### Should I trust this website?