Hello, It has come to my attention that OpenBSD does not included non-free drivers, dubbed "blobs" - which is excellent. However, you still include non-free firmware in the kernel and some packages.
With spying revelations, it is well-known that non-free firmware can contain backdoors. ( just one recent example: http://www.wired.com/2015/02/nsa-firmware-hacking/ ) I would feel a lot safer if the kernel and packages were fully free, containing no non-free drivers nor non-free "firmware". At the very least provide a separate branch of known "clean" 100% free packages and kernel. For example the non-free athn and rsu firmware are currently in the repository, and I would suspect other non-free firmware is into the kernel. Offering a stripped kernel and separating those few packages only increases the security of OpenBSD. Also, We can probably find replacements for most all the non-free firmware. Taking for example this replacement for some of the athn firmwares: https://github.com/qca/open-ath9k-htc-firmware All we'd need is a driver to load those instead of the blobs. Thanks for your time and consideration!
