On Fri, 2017-12-22 at 22:06 -0500, Youness Alaoui wrote:
On Tue, Dec 19, 2017 at 3:54 PM, Timothy Pearson tpearson@raptorengineering.com wrote:
Thank you for the detailed explanation. I guess this is an area in which experience matters; it is absolutely unacceptable (and not unexpected) that Intel misled your CEO, but this is sadly not an uncommon tactic in the industry.
Intel has not misled anything. We knew the ME/FSP/vBIOS were the issues (from my first questions to this coreboot mailing list and the replies from the community), but there was no perfect alternative, so we chose Intel to get hardware (more) people wanted and work and invest toward liberating it.
I can say, without much doubt, that if we chose any other platform we would have struggled in volume and not advanced any faster or farther than we have already.
To liberate hardware, there are three larger paths: 1) use existing liberated hardware (gets older and older) 2) design using freed chips (low performance) 3) use products people want that are not yet fully liberated, invest in liberating.
For laptops: #1 is already being done by many #2 is also being done #3 is the path we are doing for laptops.
For a phone: #1 doesn't exist #2 is the path we are doing #3 others are trying
We can then cross-polinate our investment efforts into the phone motherboard into a laptop with #2.
I have a published business vision page here: https://puri.sm/about/business-model-and-vision/
One item I would like to call out though is the following:
if old or non-x86 architectures were so appealing, you would have seen that become the norm rather than the exception)
This statement is accurate. The volume of sales would be significantly less if we tried non-x86. And then our growth would be smaller; and our investment toward freeing future hardware would not happen; and then there would be no advancement toward convenient ethical products, which is our goal.
Trying to switch architectures may be hard, but it is only going to get harder day after day as people continue to cling to false hope that the x86 platform may ever be brought under their control.
It's pretty simple. With leverage we can change businesses. This is not a short-term game, but a long-term... grow-gain leverage-influence change-repeat. And this is what we are doing at Purism, and will continue. We are not griping about the state of affairs, we have a plan to change the future, and are executing on it.
I wonder, though, if given this information if possibly Raptor and Purism might have some common business ground here? Purism has experience with laptop mechanicals and related concerns, and we have experience with truly blob-free, powerful hardware -- combining those two could yield an interesting machine...
Ping me off list to discuss. We are always looking for aligned- partnerships or collaboration.
The main question I have, and this is an honest question, is why Purism chose to use the x86 platform as a base for libre hardware, when it has been known for some time that said hardware could never be made fully blob-free?
See above, I think I laid out and answered this clearly. It's not just technical, there is a strong business model behind our approach.
There were (and are) other good ways to make a system that could be fully blob-free, for instance ARM, and given the engineering effort that is said to have been put into the Purism machines I wonder what we could have had if said effort had been put into an aarch64 system instead of an x86 system?
Sure, that would sell a small fraction of the quantity, and fail to impact the future of computing in a way we model out.
The second reason is that Todd (CEO) was in talks with Intel and was unfortunately lead to believe that they were open to release an ME-less design CPU for his needs, it ended up not being the case.
Intel did not mislead, we told them, and continue to, that we _want_ an ME-less design (which is their term for what we asked for). And as we grow our leverage will grow, and our influence will grow. This is a long-term strategy and is playing out as planned.
They will not adjust based on small quantities, but quantity = leverage, and our influence changes as volumes grow. (e.g. $ = influence)
Todd thought that it would be possible to get a binary blob free coreboot/CPU with a few months of work.
Not binary-blob free. It was always known this will be a large investment of both time and money. But coreboot ported to hardware within a few months is an accurate assessment of what I heard, and that turned out to be much longer, not in technical nature, but finding the right people/developers to do it properly. Now all our (x86) products are running coreboot, and will continue to.
A good summary is that we want to "bring blob-free to the hardware that people want", rather than "bring blob-free hardware to the people who want it".
This is great; and I may quote you on that :)
Todd.
Intel did not mislead, we told them, and continue to, that we _want_ an ME-less design (which is their term for what we asked for).
This is Mission Impossible. The reasons are Technical (bringing up the platform) and Political => Sales and Marketing domination/implications.
And as we grow our leverage will grow, and our influence will grow. This is a long-term strategy and is playing out as planned.
Actually, it is vice versa. ME gets more and more complicated, as time progresses. Understandable why. If INTEL solves Cannon Lake woes with 10nm technology (INTEL struggles for 20 months with yields), ME will be even more complex to support EUV lithography and its outcomes.
Not binary-blob free. It was always known this will be a large investment of both time and money. But coreboot ported to hardware within a few months is an accurate assessment of what I heard, and that turned out to be much longer, not in technical nature, but finding the right people/developers to do it properly. Now all our (x86) products are running coreboot, and will continue to.
As well as FSP. It gets more complicated, although it gets more structured. There are three parts of the FSP blob now: FSP-S, FSP-M and FSP-P. Silicon init, MRC and early platform init. And this to disassemble is quite possible, but then the disassembled code will be all magic addresses and magic data (except MRC, at least for LPDDR3).
Something like: uint32 read (uint32 * addr), void write (uint32 * addr, uint32 data), where on some magic addr 0xFF87429C magic data are stored: 0x0030CF46, and nobody really knows what address points to (the feature), and what the data mean (since there are fields, usually from 5 fields +)?! And there are gazillion of such registers there, undocumented, which are outlined in C-Specs, NOT all of them???
The only proper way how to solve this problem is to force INTEL to publicly release C-Specs for each and every CORE and ATOM families, which is equivalent to force NSA to release their deepest secrets to the public.
Good Luck with all of these efforts! Zoran Stojsavljevic
On Sun, Dec 24, 2017 at 1:16 AM, Todd Weaver todd@puri.sm wrote:
On Fri, 2017-12-22 at 22:06 -0500, Youness Alaoui wrote:
On Tue, Dec 19, 2017 at 3:54 PM, Timothy Pearson tpearson@raptorengineering.com wrote:
Thank you for the detailed explanation. I guess this is an area in which experience matters; it is absolutely unacceptable (and not unexpected) that Intel misled your CEO, but this is sadly not an uncommon tactic in the industry.
Intel has not misled anything. We knew the ME/FSP/vBIOS were the issues (from my first questions to this coreboot mailing list and the replies from the community), but there was no perfect alternative, so we chose Intel to get hardware (more) people wanted and work and invest toward liberating it.
I can say, without much doubt, that if we chose any other platform we would have struggled in volume and not advanced any faster or farther than we have already.
To liberate hardware, there are three larger paths:
- use existing liberated hardware (gets older and older)
- design using freed chips (low performance)
- use products people want that are not yet fully liberated, invest in
liberating.
For laptops: #1 is already being done by many #2 is also being done #3 is the path we are doing for laptops.
For a phone: #1 doesn't exist #2 is the path we are doing #3 others are trying
We can then cross-polinate our investment efforts into the phone motherboard into a laptop with #2.
I have a published business vision page here: https://puri.sm/about/business-model-and-vision/
One item I would like to call out though is the following:
if old or non-x86 architectures were so appealing, you would have seen that become the norm rather than the exception)
This statement is accurate. The volume of sales would be significantly less if we tried non-x86. And then our growth would be smaller; and our investment toward freeing future hardware would not happen; and then there would be no advancement toward convenient ethical products, which is our goal.
Trying to switch architectures may be hard, but it is only going to get harder day after day as people continue to cling to false hope that the x86 platform may ever be brought under their control.
It's pretty simple. With leverage we can change businesses. This is not a short-term game, but a long-term... grow-gain leverage-influence change-repeat. And this is what we are doing at Purism, and will continue. We are not griping about the state of affairs, we have a plan to change the future, and are executing on it.
I wonder, though, if given this information if possibly Raptor and Purism might have some common business ground here? Purism has experience with laptop mechanicals and related concerns, and we have experience with truly blob-free, powerful hardware -- combining those two could yield an interesting machine...
Ping me off list to discuss. We are always looking for aligned- partnerships or collaboration.
The main question I have, and this is an honest question, is why Purism chose to use the x86 platform as a base for libre hardware, when it has been known for some time that said hardware could never be made fully blob-free?
See above, I think I laid out and answered this clearly. It's not just technical, there is a strong business model behind our approach.
There were (and are) other good ways to make a system that could be fully blob-free, for instance ARM, and given the engineering effort that is said to have been put into the Purism machines I wonder what we could have had if said effort had been put into an aarch64 system instead of an x86 system?
Sure, that would sell a small fraction of the quantity, and fail to impact the future of computing in a way we model out.
The second reason is that Todd (CEO) was in talks with Intel and was unfortunately lead to believe that they were open to release an ME-less design CPU for his needs, it ended up not being the case.
Intel did not mislead, we told them, and continue to, that we _want_ an ME-less design (which is their term for what we asked for). And as we grow our leverage will grow, and our influence will grow. This is a long-term strategy and is playing out as planned.
They will not adjust based on small quantities, but quantity = leverage, and our influence changes as volumes grow. (e.g. $ = influence)
Todd thought that it would be possible to get a binary blob free coreboot/CPU with a few months of work.
Not binary-blob free. It was always known this will be a large investment of both time and money. But coreboot ported to hardware within a few months is an accurate assessment of what I heard, and that turned out to be much longer, not in technical nature, but finding the right people/developers to do it properly. Now all our (x86) products are running coreboot, and will continue to.
A good summary is that we want to "bring blob-free to the hardware that people want", rather than "bring blob-free hardware to the people who want it".
This is great; and I may quote you on that :)
Todd.
coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
On 12/23/2017 07:16 PM, Todd Weaver wrote:
Intel did not mislead, we told them, and continue to, that we _want_ an ME-less design (which is their term for what we asked for). And as we grow our leverage will grow, and our influence will grow. This is a long-term strategy and is playing out as planned.
They will not adjust based on small quantities, but quantity = leverage, and our influence changes as volumes grow. (e.g. $ = influence)
You will never have that type of leverage, if google can't pull it off then no one can.
Even the NSA only got HAP, not a CPU without ME all together and the US government probably spends hundreds of millions with intel every year.
x86-64 will always have ME/PSP and it simply can't be disabled, pretending otherwise is doing a disservice to many who look to the big shots for advice and pipe dreams like that being spread to the masses are the main reason I dislike purism so much.
People will think "well gee why buy an actually-libre-right-now TALOS 2 when I can simply wait a few years when the eggheads have cracked ME and I can keep getting cheap soul-less computers" as tim said the discovery of HAP etc probably set back libre computing a decade.
I hope you are buying a TALOS 2.
On Sat, Dec 23, 2017 at 11:32 PM, Taiidan@gmx.com Taiidan@gmx.com wrote:
On 12/23/2017 07:16 PM, Todd Weaver wrote:
Intel did not mislead, we told them, and continue to, that we _want_ an ME-less design (which is their term for what we asked for). And as we grow our leverage will grow, and our influence will grow. This is a long-term strategy and is playing out as planned.
They will not adjust based on small quantities, but quantity = leverage, and our influence changes as volumes grow. (e.g. $ = influence)
You will never have that type of leverage, if google can't pull it off then no one can.
Yeah, I agree with you on that, I don't think any leverage could make Intel budge on that at this point.
Even the NSA only got HAP, not a CPU without ME all together and the US government probably spends hundreds of millions with intel every year.
x86-64 will always have ME/PSP and it simply can't be disabled, pretending otherwise is doing a disservice to many who look to the big shots for advice and pipe dreams like that being spread to the masses are the main reason I dislike purism so much.
You know of the ROM Bypass stuff, right? The first byte of the flash contains a JMP instruction into the ROMB partition in the flash (that's why the IFD magic number is at offset 0x10, not 0x0), so if you put the right flag in the flash to enable ROM Bypass, then you could get full unsigned/unchecked code (since the code in the ROM is what checks signatures). Now, that actually doesn't work because it's a feature that is disabled on production chips, only pre-production chips allow the ROM Bypass feature. What if someone finds a way to enable that feature on a production chip ? What if you can make your CPU think it's in preproduction mode thanks to some microcode update for example ? Then you can get fully user controlled ME from the very first instruction.
I'm not saying it's possible or that it will be possible, but I'm saying that it's not a "pipe dream" like you seem to think. Even better, forget HAP, forget ROM Bypass, how about using the exploit that PT announced at BlackHat to get your own unsigned code to execute on the ME. You get full user control of the ME that way, and while we know that the HAP bit happens at the end of the BUP module's task, it's possible the exploit happens at the start (it does happen when it tries to read a config file, so it could be early in the BUP). The entire code from the first instruction all the way to the time the exploit runs, could be reverse engineered, so even if you don't control what happens there, you could at least have the source for it and audit it to make sure it's not doing anything you wouldn't want it to do, then have your exploit run and execute your own user controlled ME firmware. It's not an as perfect solution as being able to do a ROM Bypass and control everything from the very first JMP, but it's something doable today, it's not even a "maybe", so again, it's not a pipe dream.
People will think "well gee why buy an actually-libre-right-now TALOS 2 when I can simply wait a few years when the eggheads have cracked ME and I can keep getting cheap soul-less computers" as tim said the discovery of HAP etc probably set back libre computing a decade.
I hope you are buying a TALOS 2.
I think people buying a TALOS 2 and people buying a Librem are two very distinct types of people. I very much doubt that someone has ever had to decide between buying a Librem and a TALOS. No one in need of a computer and in need of a open hardware machine will decide to "wait a few years" either.. when you need a new PC, you buy a new PC. If you want a TALOS, then you buy a TALOS, if you don't want it, or you want a laptop, or if you don't have the budget for it, then you look elsewhere, you're not going to just read some article and decide to wait years without a computer in the hope that what you actually want might be released by then.
A good summary is that we want to "bring blob-free to the hardware that people want", rather than "bring blob-free hardware to the people who want it".
This is great; and I may quote you on that :)
Yeah, Todd, you can quote me. I also really liked that when I thought of it :p And thanks for answering Nico's questions and correcting my statements. I didn't even know an i.mx8 librem 13/15 had already been thought of, that's pretty cool if it's in the plans!
On Sat, 2017-12-23 at 23:32 -0500, Taiidan@gmx.com wrote:
You will never have that type of leverage, if google can't pull it off then no one can.
There are a lot of assumptions you are making.
First off, having leverage doesn't only mean with Intel, it also means with competitors or alternatives; we are fighting for user freedom and ethical computing. Having leverage is better than no leverage.
Second, I'm not convinced Google's goals were exactly that, so saying "If Google can't pull it off then no one can." is a defeatist attitude. You may as well say "nobody has done it, so nobody can." There are a lot of avenues to take, and giving up before attempting is of no interest to me.
Even the NSA only got HAP, not a CPU without ME all together and the US government probably spends hundreds of millions with intel every year.
Sure, but that may have been what they asked for. Projecting the NSA's request to be what you would have asked for is a huge assumption. "Which makes an 'ass' out of 'u' and 'mption'." :)
x86-64 will always have ME/PSP and it simply can't be disabled,
It can be disabled, but I suppose you are meaning that it can be re- enabled again via software update; but we have plans (and will be releasing) the ability to measure the ME region (via TPM) to flag any re-enablement attempts. Disable ME, measure it is tampered with, notify tampering (via coreboot+TPM+Heads).
NOTE: This is not "removal" which is the process of never initializing the ME, which is the end goal for user freedom. This term is how we distinguish between the progress being made, as we clearly posted previously.
pretending otherwise is doing a disservice to many who look to the big shots for advice and pipe dreams like that being spread to the masses are the main reason I dislike purism so much.
Our approach is to grow, gain leverage, and influence positive change. Everything we do is about creating ethical computing; and we will continue to do so. You are more than welcome to dislike our path or approach, even though it sounds like we share the same end-goal.
People will think "well gee why buy an actually-libre-right-now TALOS 2 when I can simply wait a few years when the eggheads have cracked ME and I can keep getting cheap soul-less computers" as tim said the discovery of HAP etc probably set back libre computing a decade.
This is projecting an individual opinion onto others, our users are not buying Librem laptops over Talos 2, they're drastically different products, prices, and capabilities.
Todd.
As a businessman what do you answer when in commercial meeting with Intel they tell you: "Okaye man, you got the HAP bit and obviously your users are happy with that.. Your products are great and are selling like no tomorrow and no user ever come back complaining that the ME "isn't completely disabled". Aren't they?.. So why are you pissing us again with your unreasonable requests about the ME? You know very well that this question is not negotiable for us. What about giving you a price break for the next batch of Intel components you want to buy and be done with that?.."
----- Mail d'origine ----- De: Todd Weaver todd@puri.sm À: Taiidan@gmx.com, Youness Alaoui kakaroto@kakaroto.homelinux.net, Timothy Pearson tpearson@raptorengineering.com Cc: Dame Más damemasporfavor@gmail.com, coreboot coreboot@coreboot.org Envoyé: Sun, 24 Dec 2017 21:42:43 +0100 (CET) Objet: Re: [coreboot] Coreboot Purism BIOS is free? open?
On Sat, 2017-12-23 at 23:32 -0500, Taiidan@gmx.com wrote:
You will never have that type of leverage, if google can't pull it off then no one can.
There are a lot of assumptions you are making.
First off, having leverage doesn't only mean with Intel, it also means with competitors or alternatives; we are fighting for user freedom and ethical computing. Having leverage is better than no leverage.
Second, I'm not convinced Google's goals were exactly that, so saying "If Google can't pull it off then no one can." is a defeatist attitude. You may as well say "nobody has done it, so nobody can." There are a lot of avenues to take, and giving up before attempting is of no interest to me.
Even the NSA only got HAP, not a CPU without ME all together and the US government probably spends hundreds of millions with intel every year.
Sure, but that may have been what they asked for. Projecting the NSA's request to be what you would have asked for is a huge assumption. "Which makes an 'ass' out of 'u' and 'mption'." :)
x86-64 will always have ME/PSP and it simply can't be disabled,
It can be disabled, but I suppose you are meaning that it can be re- enabled again via software update; but we have plans (and will be releasing) the ability to measure the ME region (via TPM) to flag any re-enablement attempts. Disable ME, measure it is tampered with, notify tampering (via coreboot+TPM+Heads).
NOTE: This is not "removal" which is the process of never initializing the ME, which is the end goal for user freedom. This term is how we distinguish between the progress being made, as we clearly posted previously.
pretending otherwise is doing a disservice to many who look to the big shots for advice and pipe dreams like that being spread to the masses are the main reason I dislike purism so much.
Our approach is to grow, gain leverage, and influence positive change. Everything we do is about creating ethical computing; and we will continue to do so. You are more than welcome to dislike our path or approach, even though it sounds like we share the same end-goal.
People will think "well gee why buy an actually-libre-right-now TALOS 2 when I can simply wait a few years when the eggheads have cracked ME and I can keep getting cheap soul-less computers" as tim said the discovery of HAP etc probably set back libre computing a decade.
This is projecting an individual opinion onto others, our users are not buying Librem laptops over Talos 2, they're drastically different products, prices, and capabilities.
Todd.
-
echelon@free.fr -
Taiidan@gmx.com -
Todd Weaver -
Youness Alaoui -
Zoran Stojsavljevic