Thanks for all the interesting information for my questions (and - um - "commentary" :-) It has given me a lot to think about.
Best, Jim
On Tue, Oct 10, 2017 at 7:10 PM, Taiidan@gmx.com Taiidan@gmx.com wrote:
The lenovo G505S is the latest owner controlled coreboot x86-64 laptop, running the FT3 platform which is 4 years old. It supports VMX, RVI and IOMMU.
While it does have a blob for video and power both of those have no hardware code signing features (thus replaceable), and unlike ivy bridge it doesn't have a black box supervisor processor.
Had the folks from purism asked me what they should do, I would have suggested FT3.
On 10/09/2017 07:54 PM, Youness Alaoui wrote:
I don't get why you constantly try to discredit Purism and insult
everything we do. You complain about coreboot being "useless" because it uses FSP, but you fail to mention that anything using coreboot will use the FSP unless it's 10 year old hardware (Sandybridge is the latest FSP-free supported CPU). The original email asked about a coreboot port, not a libreboot port. Every time I see purism mentioned, you have to jump in to insult and dishonestly say that Purism is dishonest. If you want to claim bullshit like that, at least find something real and concrete to back it up. I've ignored you many times, but I'm fed up of your one-man vendetta against Purism. What happened to you for you to have so much hate against us?
In the efforts of not getting moderated again we can continue this off list but it boils down to the dishonest crowdfunding style "some day we will do X" marketing.
I would have recommended your devices at least once if you were selling them as they were instead of as they could be.
I dislike:
- Aspirational marketing "LibreM" "every chip hand selected to respect
your privacy" "continued efforts to remove ME" that confuses even linux veterans and detracts from competitors products.
- The lobbying for the FSF to decrease the RYF standards
- (although most companies do this) Not asking the target audience for
advice on what to do next.
I wouldn't have said anything but on the other lists I visit for every person like me there are 5 others who constantly talk up your products. I believe everyone needs critical voices.
On 10/09/2017 08:42 PM, Nico Huber wrote:
On 09.10.2017 00:15, Taiidan@gmx.com wrote:
their version of coreboot is nothing more than a wrapper layer for intel FSP (binary blob that does all the hardware init) which is next to pointless for the amount of money you would spend on one as all it does is move trust from vendor to OEM not avoiding the hypothetical OEM firmware backdoors.
I've seen that mentioned a lot and can only say: Please stop spreading that FUD about coreboot. Even with blobed silicon init, coreboot still gives you about 80% of the freedom of a free firmware. You only have to trust in one party that provides the blob and not in n parties that put their code into the usual Windows booting firmware. coreboot, even blobed, also gives you much more freedom about the platform configu- ration and the boot process as a whole.
Don't get me wrong, I don't like FSP either (from a developer point of view, it makes coreboot porting twice as hard and 10 times more frus- trating if something doesn't work right away). You can stomp on it as you wish. But please don't disgrace coreboot.
Can you suggest a better way of saying it?
People with EE/CS degrees (non-laymen I suppose) I have conversed with over the years still consider "coreboot" to mean what it did circa 2011 where the only real difference between coreboot and libre* was philosophical not technical, when someone says "our devices have coreboot" they believe that it is entirely "free firmware".
While an FSP coreboot "port" is still technically superior to an entirely closed source firmware no one I have talked to would consider spending an extra 1K per device just to cut the vendor out of the trust picture (they and I desire silicon init)
I propose a kind of freedom-level badge certification system (like "Intel Inside" stickers) for this situation with everything clearly explained on a central website to solve this situation, similar to the one currently on the coreboot wiki.