Right to Repair and Software Freedom

Recently, the right to repair movement has been gaining a lot of momentum around the world, which I absolutely support and am extremely happy to see. But as people are cheering over the passage of some of the pro-right to repair regulations, I cannot help but fear that all of this would end up stopping short of its actual full promise of "owning what you own" and reducing planned obsolescence. In my mind, to achieve its goal in its fullest form, the right to repair is not at all separable from having fully functional free software, or at least open-source and user modifiable software, running on most of our devices.

The problem with right to repair without FOSS software is very simple, at least to me -- it does not address modern products in their fullest forms. Sure, the phones, computers, or cars you buy today are still made from mostly the same physical materials they used to be made of 20 years ago. But the software side of these devices has evolved a lot, by that I mean, a real LOT, in recent years. Nowadays, basically everything is running a full-fledged computer operating system kernel, like Linux or Darwin, with some maybe even containing multiple OS kernel-capable chips, like the Apple T2 security chips. The nature of modern software and the internet means constant maintenance is needed for basically everything for security except fringe cases where the device is intended to operate fully offline and isolated from wireless communication.

Requiring manufacturers to provide spare parts and repair manuals only fixes one side of the problem. As a simple example, even if you can physically fix your phone, if it has an insecure piece of unmaintained software as its only available operating system infested with bloatware that have been discontinued years ago or even outright malware, it would still not be very useful past its originally intended obsolescence date. Sure, one could introduce legislation to force manufacturers to provide software support, and by software support I mean real updates, for at least a certain duration, but that, aside from potentially increasing the cost of consumer devices, ignores the fact that the manufacturer can obsolete your phone without even officially discontinuing software support -- a nonfree operating system can do arbitrary things to old devices, such as intentionally slowing them down, without having to public admit to anything. Lawmakers could absolutely make this illegal as they like, but in practice it would be very hard to prove such practices, let alone suing the multi-billion-dollar corporations.

Without owning the software, you still do not actually own your device. This unfortunately is still very much the case nowadays, even on Android, where you are supposed to have more options for customization. There are the TEE blackbox, the secure elements, and even a full-fledged hypervisor on Qualcomm platforms. These non-free software quickly become antiquated and even dangerous in the ever-changing security landscape. Without access to the source code and the ability to run your own version of such code, even the best you can do will be very limited. As an example, even though LineageOS provides after-market support for new Android versions on very old phones, such a port still runs very much upon the same old binary blobs that were extracted from the device years ago. However much effort they put in fixing the OSS-side bugs, whatever is in those binaries stay the same forever, since they are out of official support.

And that, my friend, is why I think the next step of right to repair movements should be software freedom. To be clear, even the most basic forms of right to repair are not yet a reality, so I do not expect anyone to actually pursue it as the next step any time soon. Nevertheless, it is always good to keep in mind what we as users and consumers actually want, and what we ultimately want to take back from the billion-dollar corporations.