-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Hi all,
https://libreboot.org/amd-libre/
We call on coreboot to join us in our campaign to convince AMD to start cooperating with the libre hardware community again. Are there people in coreboot already doing this?
- -- Leah Rowe
Libreboot developer
Use free software. Free as in freedom. https://en.wikipedia.org/wiki/Free_software
Use a free operating system, GNU+Linux. https://libreboot.org/docs/distros/ Or BSD: https://libreboot.org/docs/bsd/
Use a free BIOS. https://libreboot.org/
Support computer user freedom. https://peers.community/
Minifree Ltd, trading as Ministry of Freedom | Registered in England, No. 9361826 | VAT No. GB202190462 Registered Office: 19 Hilton Road, Canvey Island, Essex SS8 9QA, UK | Web: https://minifree.org/
So, first, I admire and agree with your enthusiasm for making this happen. I hope it works.
That said, having gotten vendors to break open this kind of information, with a number of vendors a number of times, and having both failed and succeeded, my experience is that a broadcast call like this is probably the least effective approach.
So I'd rather not have the "coreboot community" join in this sort of call, for the simple reason that I would rather see us place our efforts on something that's likely to be effective. That involves individual members of our community spending lots of time locating the right people in the right organizations, getting them into a single room, talking to them, drafting documents, and getting them to agree to some sort of joint communique. It's time consuming and boring but it's how the jobs gets done. But, that work naturally occurs behind closed doors, not via web pages.
We could target putting a meeting with AMD together at the Denver meeting or the one in the fall. ron
On 03/03/2017 02:25 PM, Leah Rowe wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Hi all,
https://libreboot.org/amd-libre/
We call on coreboot to join us in our campaign to convince AMD to start cooperating with the libre hardware community again. Are there people in coreboot already doing this?
Leah Rowe
Libreboot developer
Use free software. Free as in freedom. https://en.wikipedia.org/wiki/Free_software
Use a free operating system, GNU+Linux. https://libreboot.org/docs/distros/ Or BSD: https://libreboot.org/docs/bsd/
Use a free BIOS. https://libreboot.org/
Support computer user freedom. https://peers.community/
Minifree Ltd, trading as Ministry of Freedom | Registered in England, No. 9361826 | VAT No. GB202190462 Registered Office: 19 Hilton Road, Canvey Island, Essex SS8 9QA, UK | Web: https://minifree.org/
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE+JRrnG26iGmvPhSA/0W3TPnRz5QFAli5wy0ACgkQ/0W3TPnR z5SjBQf+NCfTdd5WPPW9KDAD/UtvddNtjKrtwQz/50wR2mxuwqoiESq2M4pPk9C4 17zVqTPbQYESk5+smT4h3fnqVG5HvqhDJHpwEchq4x/PO0ZgsEGbDNpjt9FjOv6M 82U/RT33wW/X3KvPKhywYNOp5qhYzUN7DL4275cgikKsqLk9izbRxUE6lgTbcSTU 3mjTlRfyCr46EKEsB+c+qmbWAhaIrnu/6Vuv3LHZfO1iFEOQKmnZEvoNNnEGMPKY JQF/B3kuf3jcJ9yq4nhIQO9pBEAB2CuuYPn4XZZArHJS1OZX7ILMO2zj2o8favDf 5SWR2o2zEui3LZkwj8gwCPz3VF4Rag== =3Ke8 -----END PGP SIGNATURE-----
Definitely - No matter what anyone thinks about the probability of this happening it is still very important that we show them how much we care.
Of course they also must release the signing keys as well afaik, or we would be stuck at a tivo style not really open source impasse. Nobody has mentioned this fact in that thread.
I can't understand as to why intel/amd after decades and decades of computing suddenly add a black box supervisor processor to every product line (not just the business models) that can't be removed or modified. All we are asking for is a way to shut it off but for some reason they believe that is unreasonable.
One of the side issues is also the lack of open source GPU firmware and of course the signing keys for that as well.
It is incredibly depressing that every commodity grade computer is moving to the locked down model, we can only hope that POWER will not follow suit.
On 03/03/2017 06:26 PM, ron minnich wrote:
So, first, I admire and agree with your enthusiasm for making this happen. I hope it works.
That said, having gotten vendors to break open this kind of information, with a number of vendors a number of times, and having both failed and succeeded, my experience is that a broadcast call like this is probably the least effective approach.
So I'd rather not have the "coreboot community" join in this sort of call, for the simple reason that I would rather see us place our efforts on something that's likely to be effective. That involves individual members of our community spending lots of time locating the right people in the right organizations, getting them into a single room, talking to them, drafting documents, and getting them to agree to some sort of joint communique. It's time consuming and boring but it's how the jobs gets done. But, that work naturally occurs behind closed doors, not via web pages.
We could target putting a meeting with AMD together at the Denver meeting or the one in the fall. ron
Yeah I agree, that would be what could really make something happen.
It is like the difference between getting a job interview with an HR lackey and an actual technical person.
Intel would never be willing to do this, but AMD? slightly possible.
On 04.03.2017 02:57, Taiidan@gmx.com wrote:
Of course they also must release the signing keys as well afaik, or we would be stuck at a tivo style not really open source impasse. Nobody has mentioned this fact in that thread.
Please don't ask for that.
If somebody put a signature verification for his firmware in place, you should first discuss the reasons and alternatives (for the particular design in question). Sure there are alternatives to signature verifi- cations to put some trust in hardware (like ROMs or the RO partitions in cros devices). But removing the security checks from hardware who's trust is designed around these checks? You'd likely end up with a sys- tem where you have to check the flash contents with external hardware before every boot (if it can be tampered with from the running system).
Of course you can ask for alternatives in new designs.
For yet released platforms, however, it's more feasible to ask for docu- mentation, reproducible binaries and signatures (e.g. for fixes / reim- plementations).
Nico
On 03/04/2017 06:39 AM, Nico Huber wrote:
On 04.03.2017 02:57, Taiidan@gmx.com wrote:
Of course they also must release the signing keys as well afaik, or we would be stuck at a tivo style not really open source impasse. Nobody has mentioned this fact in that thread.
Please don't ask for that.
If somebody put a signature verification for his firmware in place, you should first discuss the reasons and alternatives (for the particular design in question). Sure there are alternatives to signature verifi- cations to put some trust in hardware (like ROMs or the RO partitions in cros devices). But removing the security checks from hardware who's trust is designed around these checks? You'd likely end up with a sys- tem where you have to check the flash contents with external hardware before every boot (if it can be tampered with from the running system).
Of course you can ask for alternatives in new designs.
For yet released platforms, however, it's more feasible to ask for docu- mentation, reproducible binaries and signatures (e.g. for fixes / reim- plementations).
Nico
I am simply stating that source code is pointless without the ability to flash it and have the hardware execute it.
The issue isn't that there are signing keys in the first place (which are common sense to prevent rogue BIOS updates) it is that the hardware enforces them for manual external flashes.
Your idea isn't a free platform, it isn't owner controlled because you can't modify it - you can only be on the outside looking in.
On 04.03.2017 17:54, Taiidan@gmx.com wrote:
On 03/04/2017 06:39 AM, Nico Huber wrote:
On 04.03.2017 02:57, Taiidan@gmx.com wrote:
Of course they also must release the signing keys as well afaik, or we would be stuck at a tivo style not really open source impasse. Nobody has mentioned this fact in that thread.
Please don't ask for that.
If somebody put a signature verification for his firmware in place, you should first discuss the reasons and alternatives (for the particular design in question). Sure there are alternatives to signature verifi- cations to put some trust in hardware (like ROMs or the RO partitions in cros devices). But removing the security checks from hardware who's trust is designed around these checks? You'd likely end up with a sys- tem where you have to check the flash contents with external hardware before every boot (if it can be tampered with from the running system).
Of course you can ask for alternatives in new designs.
For yet released platforms, however, it's more feasible to ask for docu- mentation, reproducible binaries and signatures (e.g. for fixes / reim- plementations).
Nico
I am simply stating that source code is pointless without the ability to flash it and have the hardware execute it.
That's why I'd ask for documentation and reproducible binaries. You could audit it then and wouldn't have to bother yourself with any fla- shing.
The issue isn't that there are signing keys in the first place (which are common sense to prevent rogue BIOS updates) it is that the hardware enforces them for manual external flashes.
Correct. And that's why publishing the keys wouldn't solve the problem. You'd just replace one problem with another.
Your idea isn't a free platform, it isn't owner controlled because you can't modify it
Yes, not a free platform. We are talking about AMD here. Releasing pri- vate keys won't make it free. It would just make it less secure, IMO. Btw. not my idea of any platform. Just my suggestion how to make cur- rent platforms more trustworthy.
- you can only be on the outside looking in.
Better nobody (including myself) can tamper with my system than every- body.
Nico
https://www.reddit.com/r/Amd/comments/5x4hxu/we_are_amd_creators_of_athlon_r... "Thanks for the feedback. Please believe me that this has CEO level attention and AMD is investigating the steps and resources necessary to support this. It is not the work of a minute, so please bear with us as we define what we can do."
Damn! this is incredible beyond belief that we got their attention - now we must keep up the pressure.
This never would have happened with intel, they have way too much bureaucracy to realize there is a market for a "secure, owner controlled computer".
PSP/ME should have been an optional removable module like a TPM, not something foisted on everyone with mandatory signing key enforcement for external flashes.
-
Leah Rowe -
Nico Huber -
ron minnich -
Taiidan@gmx.com