10 sats \ 0 replies \ @monk_cactus 18 Mar 2023
this is some pretty slick marketing, good work
reply
10 sats \ 0 replies \ @Zazon 17 Mar 2023
Looks good, could combo well with a coldcard for multisigs
reply
0 sats \ 8 replies \ @nerd2ninja 17 Mar 2023
Pretty good. They should probably credit the repo they forked the firmware from, but other than that looks pretty good.
Inherent problem with buying pre-built hardware wallets is if a government orders a hardware backdoor that isn't overwritten with a firmware flash, but for a pre-build, from what I can see from my quick look at it, no shitcoins, no wireless, simpler OS than some other ones I've seen (less code to maintain and therefore less chance for vulnerabilities to be missed). All of that chalks it up to being a pretty decent pre-build.
reply
0 sats \ 5 replies \ @w3irdrobot 17 Mar 2023
not sure why they have to credit the previous repo
reply
15 sats \ 0 replies \ @foundationdvcs OP 17 Mar 2023
One of the core aspects of the free and open-source movement is to ensure that all code remains open-source and that proper credit is given.
It's both a legal and moral requirement, and we're more than happy to go above the minimum and give full credit where it's due!
reply
0 sats \ 3 replies \ @nerd2ninja 17 Mar 2023
Yeah so when you do open source development, its just sort of rude to rip someone's code without credit even when the license says that you can because a lot of the time, people use their open source repo as their portfolio to help get them a job, but also its just like inherent to human nature don't you think? No one likes their social media post ripped off, no one likes their art ripped off and no one likes their code ripped off without just a little credit to where it came from.
Good to see it was added to the credits of the repo though.
reply
3 sats \ 2 replies \ @foundationdvcs OP 17 Mar 2023
Just to be clear, it wasn't added on at some later date, full credit was given from the start and we were 100% compliant with their license at all times.
Since then they have chosen to stop being fully free and open source and have switched to a restrictive license that is known as "source available." After that change we have not touched their code in any capacity and thus remained completely compliant.
Our code is, and always will be, 100% free and open-source and anyone is free to use it as long as our core license is honored (GPLv3).
reply
0 sats \ 1 reply \ @nerd2ninja 17 Mar 2023
Well I can see that the first mention was 3 years ago
https://github.com/Foundation-Devices/passport-firmware/blame/main/README.md#L43
And I know this is sort of a touchy subject for you, but you know I've only heard one side of this story until now so you'll have to forgive my ignorance here.
reply
0 sats \ 0 replies \ @foundationdvcs OP 17 Mar 2023
Yes, the company was started 3y ago and that mention was 4mo before we launched any product:
https://foundationdevices.com/2020/07/introducing-passport/
Not touchy at all, just a common point of FUD that is spread by one of our competitors despite it being false, unfortunately :)
reply
0 sats \ 1 reply \ @foundationdvcs OP 17 Mar 2023
We have credited ColdCard from day one for their contributions, and have since migrated almost entirely off of any ColdCard code. You can see the credit given here, far more than the minimum normally done with free and open-source licenses:
https://github.com/Foundation-Devices/passport2#open-source-components
We agree as well, and being open-source hardware gives another potential layer of protection against hardware back-doors as you could (in theory, of course most don't have the expertise) validate the hardware components are exactly what is expected, no more, no less.
Any questions or concerns we can answer for you?
reply
10 sats \ 0 replies \ @nerd2ninja 17 Mar 2023
No questions Mr. Marketing department. I was just looking at the pros and the cons here and giving you props for having the most pros of the pre-builds I've seen. Even cold card with their marketing about why USB connection bad and wireless bad, went and added NFC to their devices.
reply