[1] Many open-source operating systems reluctantly choose to include proprietary firmware files in their distributions simply to make their device drivers work,[2] because manufacturers try to save money by removing flash memory or EEPROM from their devices, requiring the operating system to upload the firmware each time the device is used.
[3] However, in order to do so, the operating system still has to have distribution rights for this proprietary microcode.
[4][5] Mark Shuttleworth of Ubuntu suggests that "it's reasonable to assume that all firmware is a cesspool of insecurity courtesy of incompetence of the worst degree from manufacturers, and competence of the highest degree from a very wide range of such agencies".
[6] The security and reliability risks posed by proprietary microcode may be lower than those posed by proprietary device drivers, because the microcode in this context isn't linked against the operating system, and doesn't run on the host's main processor.
[2] Custom firmware may still be available for certain products, which is often free and open-source software, and is especially popular in certain segments of hardware like gaming consoles, wireless routers and Android phones, which are capable of running complete general-purpose operating systems like Linux, FreeBSD or NetBSD, which are often the systems used by the manufacturer in their original proprietary firmware.