[coreboot] Remote security exploit in all 2008+ Intel platforms

ron minnich rminnich at gmail.com
Tue May 2 19:56:42 CEST 2017


On Tue, May 2, 2017 at 10:39 AM Nico Huber <nico.h at gmx.de> wrote:

>
> Sorry Ron, I didn't write it to offend you.
>

No problem. It hurt a bit because I respect you so much :-)

I find that people's take on Purism varies depending on whether they have
personally interacted with Todd or not. Up here in Mountain View we've had
multiple meetings as we tried to provide guidance to Todd. From that
experience I've come to believe that Purism, like so many of us when we
started out, was extremely naive about what was possible, and made claims
based on their lack of knowledge. But I also saw Todd working very hard to
try to engage Intel, over a period of years. I saw a sincere effort to
achieve their goals, coupled with a complete lack of knowledge about how
much effort it was, which led to them making claims that could not be
supported.

I hope they are cleaning up their claims.  They made a lot of mistakes over
the first few years, and were way too optimistic about how all this was
going to work, which cost them a lot of trust, and that is their fault.
Adding Youness was a good move, and has got them going in the right
direction.

If anyone at Purism is listening, could you please take the time to talk to
people from this group about your web site and the claims you are making?
>From what Nico says, you're still overdoing it. It just makes you look bad
and you don't need that.

At the same time, we need to be realistic about what's going to be possible
in x86 universe. And the answer, I'm afraid, is "less and less". I'm afraid
blobs are a permanent part of the picture on any new x86 design, and if you
don't like that (I don't) then it's time to find a new architecture to work
on, as Tim and others are doing.

[Nico, this last part is not about what you said.] I realize feelings are
strong about these issues, but calling people and projects "corrupt" is
unacceptable and, in my view anyway, I'd like people who say such things to
find another project. I watched the Plan 9 mailling list get destroyed by a
few bad actors and I don't want to see that happen here.

Thanks

ron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot/attachments/20170502/33317105/attachment-0001.html>


More information about the coreboot mailing list