[coreboot] greetings and laptop questions

Taiidan at gmx.com Taiidan at gmx.com
Wed Oct 11 01:10:41 CEST 2017 

The lenovo G505S is the latest owner controlled coreboot x86-64 laptop, 
running the FT3 platform which is 4 years old.
It supports VMX, RVI and IOMMU.

While it does have a blob for video and power both of those have no 
hardware code signing features (thus replaceable), and unlike ivy bridge 
it doesn't have a black box supervisor processor.

Had the folks from purism asked me what they should do, I would have 
suggested FT3.

On 10/09/2017 07:54 PM, Youness Alaoui wrote:

> I don't get why you constantly try to discredit Purism and insult
> everything we do. You complain about coreboot being "useless" because
> it uses FSP, but you fail to mention that anything using coreboot will
> use the FSP unless it's 10 year old hardware (Sandybridge is the
> latest FSP-free supported CPU). The original email asked about a
> coreboot port, not a libreboot port. Every time I see purism
> mentioned, you have to jump in to insult and dishonestly say that
> Purism is dishonest. If you want to claim bullshit like that, at least
> find something real and concrete to back it up. I've ignored you many
> times, but I'm fed up of your one-man vendetta against Purism. What
> happened to you for you to have so much hate against us?
In the efforts of not getting moderated again we can continue this off 
list but it boils down to the dishonest crowdfunding style "some day we 
will do X" marketing.

I would have recommended your devices at least once if you were selling 
them as they were instead of as they could be.

I dislike:
* Aspirational marketing "LibreM" "every chip hand selected to respect 
your privacy" "continued efforts to remove ME" that confuses even linux 
veterans and detracts from competitors products.
* The lobbying for the FSF to decrease the RYF standards
* (although most companies do this) Not asking the target audience for 
advice on what to do next.

I wouldn't have said anything but on the other lists I visit for every 
person like me there are 5 others who constantly talk up your products. 
I believe everyone needs critical voices.

On 10/09/2017 08:42 PM, Nico Huber wrote:

> On 09.10.2017 00:15, Taiidan at gmx.com wrote:
>> their version of coreboot is
>> nothing more than a wrapper layer for intel FSP (binary blob that does
>> all the hardware init) which is next to pointless for the amount of
>> money you would spend on one as all it does is move trust from vendor to
>> OEM not avoiding the hypothetical OEM firmware backdoors.
> I've seen that mentioned a lot and can only say: Please stop spreading
> that FUD about coreboot. Even with blobed silicon init, coreboot still
> gives you about 80% of the freedom of a free firmware. You only have
> to trust in one party that provides the blob and not in n parties that
> put their code into the usual Windows booting firmware. coreboot, even
> blobed, also gives you much more freedom about the platform configu-
> ration and the boot process as a whole.
>
> Don't get me wrong, I don't like FSP either (from a developer point of
> view, it makes coreboot porting twice as hard and 10 times more frus-
> trating if something doesn't work right away). You can stomp on it as
> you wish. But please don't disgrace coreboot.
Can you suggest a better way of saying it?

People with EE/CS degrees (non-laymen I suppose) I have conversed with 
over the years still consider "coreboot" to mean what it did circa 2011 
where the only real difference between coreboot and libre* was 
philosophical not technical, when someone says "our devices have 
coreboot" they believe that it is entirely "free firmware".

While an FSP coreboot "port" is still technically superior to an 
entirely closed source firmware no one I have talked to would consider 
spending an extra 1K per device just to cut the vendor out of the trust 
picture (they and I desire silicon init)


I propose a kind of freedom-level badge certification system (like 
"Intel Inside" stickers) for this situation with everything clearly 
explained on a central website to solve this situation, similar to the 
one currently on the coreboot wiki.

More information about the coreboot mailing list