:: Re: [DNG] TALOS 2 - The Libre Owner…
Pàgina inicial
Delete this message
Reply to this message
Autor: zap
Data:  
A: dng
Assumpte: Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server


On 09/03/2017 09:41 AM, Alessandro Selli wrote:
> On 03/09/2017 at 13:32, zap wrote:
>>
>> On 09/03/2017 05:26 AM, Alessandro Selli wrote:
>>> On 01/09/2017 at 20:36, zap wrote:
>>>>> I doubt it will be owner controlled, as their laptops aren't - they
>>>>> still haven't even gotten a blobbed version of coreboot working
>>>>> (blobbed init code + ME enabled as they insisted on a crappy intel soc)
>>>>> Purism isn't a trustworthy company.
>>>> Gee, I thought purism was a trustworthy company, I mean they claim you
>>>> can get the latest and the greatest without intel me
>>> This is *not* what they claim:
>>>
>>> https://puri.sm/learn/intel-me/
>>>
>>> "Freeing the ME is a challenge, but not impossible"
>>>
>>> "By working with Intel, motherboard design developers, as well as our
>>> coreboot developers, Purism has put in motion a solid approach on how to
>>> run a freed Intel ME *in the future*."
>> Sorry, but have you talked to libreboot or coreboot about this?
> What should I tell them? "Why did you let Librem's *evil* patches into
> your code?" (https://review.coreboot.org/#/q/owner:"Alaoui" )

No... That's not what I meant. I mean if coreboot and libreboot couldn't
figure it out. Why do you think purism can?


>> and also,
>> not even google with all their money can convince intel to give their
>> secrets to them.
> What secrets? Intel designes CPUs to Goggle's specifications, what
> secrets are you talking about?

Not quite, not according to libreboot.
>> That for me is a solid reason why I said this.
> This is the present state of the matter:
> https://puri.sm/learn/avoiding-intel-amt/
>
> "So, there is no hardware level remote access to Purism hardware?"
>
> "No, none that we are aware of, nor have put-in. As it relates specifically
> to Intel AMT, we neutralize the threat by avoiding Intel CPUs that have the
> hardware chip allowing it, we do not use Intel networking cards, we use a
> version of the Intel ME that Intel claims does not have these capabilities
> (yes, we know that “Intel claims…” means we don’t have visibility into the
> source code, and yes, we know that is a concern, and yes, we are working on
> solving this) and we neutralize/lobotomize the Intel ME binary, including
> the “network” and “kernel” parts of the Management Engine."
>
> [...]
>
> "We are also planning to reverse-engineer the remaining parts. We have
> reverse-engineered the ROMP module and will continue the work for other
> modules throughout 2017."
>
> What Librem did to Intel's hardware (fuses: https://puri.sm/learn/intel-me/
> ) and software (firmware) is documented. Better than this you can only have
> smartphones from an open-hardware vendor that produced everything in-house,
> from the CPU to the screen. Is there such a vendor?
>
> [...]
>
>>> "We are working to completely remove (or reverse engineer, as we have begun
>>> to do) the Intel ME, on all our models, and will update on our blog (and
>>> this page) as we make progress on that front."
>> I don't think they will succeed even if they did care...
> They are doing it. They already went much farther than anyone else who
> tried, AFAIK.

AFAIK... that's the problem... you don't really know as much as you
think. I used to believe they could do it... But I now realize that they
either A, don't care or B: are unable to. Those are the only options
given the nature of the free software community and the intel blobs.
>>>> in it and also they
>>>> claim that they can sprinkle magic fairy dust on all the hardware so
>>>> that you can use it all without any blobs or firmware that is
>>>> proprietary...
>>> Again, this is *not* what they claim:
>>>
>>> https://puri.sm/learn/blobs/ and
>>> https://puri.sm/about/competitors/
>>>
>>> They do *not* state that their products are free of any binary blob,
>>> they state that *their* software does not have any, from Coreboot on, and
>>> that the motherboard's BIOS is *partially* free of binary blobs.
>> Saying, that purism is being serious and not misleading people, I doubt
>> they can achieve what your talking about, *Intel will not help them!
> I know, they know and they're not hiding it at all.
> Do you know what "reverse engineering" mean?

I am not completely aware of what it means, but I have a sense it means
to decompile it and get full access to the code.
>> *If *Google cannot get convince intel to give their source code to them,
> Did they try? AFAIK, Intel produces chips to Goggle's specifications,
> what software does Google need from Intel?

This is false, because of the nature of most governments wanting intel
to put backdoors in the hardware that cannot be removed. Although it
allows governments to do more spying, it also lets terrorists crack into
more hardware too. 
But that aside, there are some insane usa laws which make it against the
law even to *admit there are backdoors let alone tell people how to
remove them!*
>> then purism has no chance in hell...* to get the source code
>> **
> They do not actually need source code, they'd be content with knowing how
> to get rid of what they put in.

I am sure that would be nearly impossible due to drivers needing to be
signed now.
>>>> Doesn't that sound just plain trustworthy? Can you
>>>> honestly say that they cannot be trusted?
>>> They are honest in what they say. Could you prove they lied of
>>> misguided people in their statements please let everyone know.
>> I am sorry to say that I disagree completely, especially due to them
>> originally trying to pass nvidia as a means to achieve libre status until
>> there was an uproar and they changed to intel.
> So, they heeded the community's voice, they excluded a major vendor due to
> security concerns, and you claim they are *not* sincere in developing a
> system tat is as free as possible from proprietary software? Other than
> allegations and personal opinions, do you have anything solid to counter
> their claims?

Well I didn't want to mention this,
www.pcworld.com/article/2960524/laptop-computers/why-linux-enthusiasts-are-arguing-over-purisms-sleek-idealistic-librem-laptops.html

look at this, for one example, look for the line about how purism
originally intended to use nvidia graphics cards but due to backlash,
they changed to intel graphics.  nvidia is very hostile beyond even
intel's status towards free software.
*which means they could not have used them without proprietary drivers.*
>> Unless they are just plain stupid.
>>
>> Listen to coreboot and libreboot's reasoning why this will never work.
>>
>> https://libreboot.org/faq.html
>>
>> look at the parts about purism and intel.
> Nothing new there. They just say that the only way to be sure is
> "avoiding all modern [>=2008] Intel hardware." Plus: "libreboot project
> recommends avoiding all modern [>=2013] AMD hardware."
>
> This leaves out just ARM, SPARC and Power CPUs. Mind if I ask you: what
> are your PCs and laptops running on?

I use a librebooted x200.  *The Intel me has been removed therefore, it
is a lot more free then purism. Maybe outdated and old, but in the
future I hope to get eoma68 which promises even more freedom.*

>> Also if you do, you will see
>> that what I said though very sarcastically, was true.
> They said nothing about Purism's use of Field Programmable Fuses to lock
> ME regions and their removal of 93% of the ME code (as stated in
> https://puri.sm/learn/intel-me/ ).
>
> Do you believe that all ARM, SPARC and Power suppliers do not put anything
> in their CPUs that users and developers do not know about? Again, the only
> way to be sure is buying hardware from a vendor that produces it's own
> hardware, CPUs included, openly releasing their full specifications,
> blue-prints and software. Do you know any?

Nope, I believe that all hardware has some obstacle to some extent.  But
intel and amd are much, much harder to remove the crap from. ARM and
Power seem, are probably the easiest from what I hear to remove the
blobs from. Although, You have to again get an older version of it for
it to work properly...

You are being serious though right... Please tell me I am not wasting my
time responding to a troll.

I want to believe you really don't have a clue, but trust me when I say,
Richard Stallman and the free software community know a lot more about
why this is so.  Have you asked Richard Stallman about if he thinks
librem is a scam? Trust me not if you like, but at least ask him about
the legitimacy of purism.
>
> Greetings,
>
>
> Alessandro
>
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng


null