On 05/01/2017 10:52 PM, Youness Alaoui wrote:
On Mon, May 1, 2017 at 7:22 PM, Taiidan@gmx.com Taiidan@gmx.com wrote:
On 05/01/2017 06:44 PM, ron minnich wrote:
On Mon, May 1, 2017 at 1:17 PM Rene Shuster rene.shuster@bcsemail.org
wrote:
Yes Puri.sm has been debunked.
I disagree. I've seen the systems. From what I can see, Puri.sm has made
a good faith effort to go as far possible *with modern x86 chipsets* toward getting rid of the blobs. They can't get to 100%, but they're trying to get as close as possible.
ron
Name one thing that they have done themselves?
https://www.reddit.com/r/linux/comments/3anjgm/on_the_librem _laptop_purism_doesnt_believe_in/ (yeah its leah but shes right about the coreboot community being corrupted)
Everything they "do" is someone elses code, and their "coreboot" has zero actual init code it is entirely blobbed.
Their marketing is the only thing that is good.
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
Without entering into a flamewar, you're asking "name one thing that they have done themselves" and I will answer that. Full disclaimer: I am working for Purism, and I have been a paid contractor working since last December (part time initially, full time since March) on bringing coreboot and the ME-disablement effort to the Librem line of laptops (more precisely Librem 13 v1, and now working on the Librem 13 v2 hardware which is set to be released/shipped next month).
I don't wanna argue this as it never leads anywhere but one more thing why haven't you guys set realistic easily attainable goals such as: FM2 laptop. KCMA-D8 laptop, with an 35W EE CPU, custom case battery keyboard ETC. multi-core ARM laptop - see the Gigabyte MP30 for an example of a non-mobile, performance ARM system.
Both can easily be brought up to an RYF standard, but as it stands your products still don't have even native init - making "coreboot" pointless as it is simply a wrapper layer. The only way a new intel/amd laptop is going to be "RYF" is if the standard is diluted.
It doesn't matter if you eventually somehow figure out how to run unsigned ME code, that is illegal under the DMCA so it can't be sold.
Anything is possible if you throw millions of reverse engineering dollars at it, but all that is good for is black hat stuff because the moment you release it to the world intel will patch the "security flaw" - which brings me back to the realistic goals.