[coreboot] Coreboot Purism BIOS is free? open?

Todd Weaver todd at puri.sm
Sun Dec 24 21:42:43 CET 2017 

On Sat, 2017-12-23 at 23:32 -0500, Taiidan at gmx.com wrote:
> You will never have that type of leverage, if google can't pull it
> off then no one can.

There are a lot of assumptions you are making.

First off, having leverage doesn't only mean with Intel, it also means
with competitors or alternatives; we are fighting for user freedom and
ethical computing. Having leverage is better than no leverage.

Second, I'm not convinced Google's goals were exactly that, so saying
"If Google can't pull it off then no one can." is a defeatist attitude.
You may as well say "nobody has done it, so nobody can." There are a
lot of avenues to take, and giving up before attempting is of no
interest to me.

> Even the NSA only got HAP, not a CPU without ME all together and the
> US government probably spends hundreds of millions with intel every
> year.

Sure, but that may have been what they asked for. Projecting the NSA's
request to be what you would have asked for is a huge assumption.
"Which makes an 'ass' out of 'u' and 'mption'." :)

> x86-64 will always have ME/PSP and it simply can't be disabled,

It can be disabled, but I suppose you are meaning that it can be re-
enabled again via software update; but we have plans (and will be
releasing) the ability to measure the ME region (via TPM) to flag any
re-enablement attempts. Disable ME, measure it is tampered with, notify
tampering (via coreboot+TPM+Heads).

NOTE: This is not "removal" which is the process of never initializing
the ME, which is the end goal for user freedom. This term is how we
distinguish between the progress being made, as we clearly posted
previously.

> pretending otherwise is doing a disservice to many who look to the
> big shots for advice and pipe dreams like that being spread to the
> masses are the main reason I dislike purism so much.

Our approach is to grow, gain leverage, and influence positive change.
Everything we do is about creating ethical computing; and we will
continue to do so. You are more than welcome to dislike our path or
approach, even though it sounds like we share the same end-goal.


> People will think "well gee why buy an actually-libre-right-now TALOS
> 2 when I can simply wait a few years when the eggheads have cracked
> ME and I can keep getting cheap soul-less computers" as tim said the
> discovery of HAP etc probably set back libre computing a decade.

This is projecting an individual opinion onto others, our users are not
buying Librem laptops over Talos 2, they're drastically different
products, prices, and capabilities.

Todd.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://mail.coreboot.org/pipermail/coreboot/attachments/20171224/33ecd040/attachment.asc>

More information about the coreboot mailing list