I agree with you. I think FSF RYF is a pointless certification since firmware isn't going away anytime soon. I'm not a fan of their "it's part of the wiring if you can't upgrade it" compromise either since it doesn't achieve their goals and makes the situation even worse.

It would be nice if the firmware itself was free software so that it could be shipped alongside the Linux kernel, maintained indefinitely and we could customize it however we want. The hardware is supposed to do what we want it to do, not what the manufacturer lets us do.

I don't like the fact every single device out there has entirely separate computers inside them running unknown proprietary software. It feels like our operating systems aren't operating the system anymore, it's like they're just some user app sandboxed away from the real system. This presentation explains what I mean:

https://youtu.be/36myc8wQhLo

It's an imperfect reality. Security by isolation of devices via IOMMU addresses real concerns such as devices being able to access RAM via DMA. It's great that GrapheneOS is doing this.