Oh boy, lots of emails to answer! So first, thanks for everyone who shared their input, I very much appreciate it.
I think you can decide what hardware your products include, right? I
meant dedicated hardware on the mainboard.
Yes, but I'm currently looking for a solution to existing hardware, not for the next laptop Purism produces. And by 'dedicated hardware' I thought you meant only allow users to update their BIOS using an external SPI flasher, which would be impractical of course.
It's not just the part. A single simple part like that has all kinds of follow-on effects that are not obvious unless you've been at a company which designs and builds consumer electronics.
Thank you for the perspective. I do understand that changing one component can affect others.
Purism isn't a typical laptop company. The addition of hardware switches, to control webcam, mic and Wi-Fi, is one of the USPs for their Librem models. These undoubtedly had knock-on effects for the BOM. Purism was undeterred by that. In that context...
I'm just asking for one more switch.
So, Youness and others at Purism: if you are reading this, please do spec a momentary switch to control flashing on future Librems. Your security-conscious users will thank you for it.
Yes, I already suggested it for the next iteration. It wouldn't be a switch though, but rather a low profile 90-degrees jumper on the motherboard. As for your question earlier about someone forgetting it. I would assume that it would be easy to have the Heads menu show a big warning to the user if it's left unprotected (I assume there would be a way to detect if WP# is 1/0 through a GPIO (or other method) without being able to use that GPIO to override the WP# value). Right now, if you boot into linux while ignoring tampering, you get your ttys in red, as a huge and very visible warning. Also, yes Sam, you did understand me perfectly, thanks!
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
-
Youness Alaoui