None use Linux, most just use BSD licence software (or things like openssl). I haven’t seen any GPL code at all tbh.
But yep, would be nice if it was open source, although not sure how much that would help (only if sufficiently motivated auditors can be bothered to look at it). A bunch of baseband firmware is even encrypted on disk now (loaded into BB memory from the kernel)
Being open source at the chip level, while an admirable goal isn't really required for open source firmware. Most router firmware is linux, that runs on either ARM or MIPS based SoCs. Opening up that code is more than enough to fix any security flaws like these.
It baffles me that a company like espressif wouldn’t publish complete API specs of their radio hardware . I could see why they may not want their proprietary source out there, as it might make it easier for competitors to make similar chips, but what is the downside to enabling someone to write software particular to your hardware?
It seems like they would have everything to gain and nothing to lose from this?
I honestly don't understand why these companies aren't publishing their code for both firmware and server source.
AFAIK, they aren't charging any money for this shit, so why not make it open source so, in the event you go out of business, your customers can figure out workarounds. Bonus point, you'll get security fixes for free.
Yeah. Things get a little fuzzy this close to the hardware.
The “open source” project is a (platform.io) project that runs on the ESP32 (or a few other similar enough) microcontroller. It controls the LoRa (totally closed) firmware on the LoRa components (and GPS as well).
Even your Gnuradio setup has similar black box firmware underneath that it relies on (unless you’ve got to extraordinary lengths to ensure the machine it’s running in has no propitiatory firmware for things like disk/ssd controllers, USB controllers, battery management systems, etc. )
Sprite, how will Espressif react to this effort to open-source wifi? Will it help by releasing wifi phy documentation? Will it add DRM to block future efforts?
As I understand it, the designer used freertos. At that point, he can just give a readme with hand-wavey "get sdk, install freertos, find firmware files here... and here's all my code which I'm free to license as I wish" and no license infringement necessary. Not sure why a backdoor is needed, but then I've never built a project like this.
I think there is a misunderstanding here. The product and firmware is fully open source. We just prepopulated the endpoint with our server as many people want to use our dashboard. However you can just change the endpoint to your own server or flash ESPHome on it and it will not send anything to us.
As the other poster mentioned, the driver and firmware can be closed source. The rest of the Android WiFi stack is very liberally licensed. The Android Java portion is apache and the supplicant is BSD. You can do a lot to tune the stack without sending code upstream.
>The right to use the OpenIPC firmware and its components is granted to all users free of charge and only for personal, non-commercial purposes. If you are interested in using OpenIPC for your business projects, please contact our team.
Their SDK is Apache licensed but does include some compiled radio-frequency stuff: https://github.com/espressif/esp32-wifi-lib/tree/master/esp3...
reply