On 09/03/2018 at 00:05, taii...@gmx.com ha wrote: > On 03/08/2018 11:34 AM, Alessandro Selli wrote: > >> In fact it's just another take of Taiidan against Purism, it's his job. > You fail to mention that there are many people who are constantly promoting > purism, whereas I am the only one who provides constructive criticism.
You are as constructive on Purism as Trump is constructive on N Korea. > I have told them that their marketing is dishonest many times, hell they > even agreed with me that it needed to be changed only they never did so. I'd like to read this exchange. >>>> Purism is NOT free hardware and certainly not "grassroots" as their >>>> mysterious founder somehow has a bottomless pit of money to burn on >>>> hardware costs and propaganda campaigns. >> [...] >> >>> Are these things an illusion? >>> >>> https://puri.sm/posts/purism-integrates-heads-security-firmware-with-tpm-giving-full-control-and-digital-privacy-to-laptop-users/ >>> >>> >>> https://puri.sm/posts/librem-now-most-secure-laptop-under-full-user-with-tamper-evident-features/ >>> > They didn't make heads they simply install it on their laptops. Did they write they made heads? No, they gave credit to all those involved. > Again my issue is that they claim to have "open source firmware" and a > "disabled" ME when they actually don't. The firmware they use is Coreboot, so the firmware they use is as free as Coreboot is. ME they state (https://puri.sm/learn/intel-me/) is "neutralized *and* disabled" and provide with this pointers as proof: https://puri.sm/posts/neutralizing-intel-management-engine-on-librem-laptops/ https://puri.sm/posts/todds-librem-13-with-coreboot-and-a-neutralized-me/ They claim they removed "over 90% of the Intel ME", "leaving only the very small section (120k) to initialize and configure the hardware." In detail, these are the removed partitions and what is still in place: The remains A question remains, however: “What exactly did we remove, and what remains?” So I tried to dig into that as well. ## Original ME modules : total 1.6M 8.0K -rw-r--r-- 1 kakaroto kakaroto 8.0K Feb 28 17:08 AFWS-20687000.mod 12K -rw-r--r-- 1 kakaroto kakaroto 12K Feb 28 17:08 BOP-20392000.mod 116K -rw-r--r-- 1 kakaroto kakaroto 116K Feb 28 17:08 BUP-200d4000.mod 16K -rw-r--r-- 1 kakaroto kakaroto 16K Feb 28 17:08 CLS-206e0000.mod 4.0K -rw-r--r-- 1 kakaroto kakaroto 4.0K Feb 28 17:08 ClsPriv-20716000.mod 12K -rw-r--r-- 1 kakaroto kakaroto 12K Feb 28 17:08 FPF-206b3000.mod 132K -rw-r--r-- 1 kakaroto kakaroto 140K Feb 28 17:08 FTPM-20777000.mod 60K -rw-r--r-- 1 kakaroto kakaroto 60K Feb 28 17:08 HOSTCOMM-20396000.mod 24K -rw-r--r-- 1 kakaroto kakaroto 24K Feb 28 17:08 HOTHAM-2032b000.mod 16K -rw-r--r-- 1 kakaroto kakaroto 16K Feb 28 17:08 ICC-203ad000.mod 272K -rw-r--r-- 1 kakaroto kakaroto 272K Feb 28 17:08 JOM-208c2000.mod 344K -rw-r--r-- 1 kakaroto kakaroto 344K Feb 28 17:08 KERNEL-200f8000.mod 28K -rw-r--r-- 1 kakaroto kakaroto 28K Feb 28 17:08 MCTP-20379000.mod 28K -rw-r--r-- 1 kakaroto kakaroto 28K Feb 28 17:08 ME_TUNNEL-203b4000.mod 52K -rw-r--r-- 1 kakaroto kakaroto 52K Feb 28 17:08 NET_STACK-20383000.mod 20K -rw-r--r-- 1 kakaroto kakaroto 20K Feb 28 17:08 NFC-208bb000.mod 196K -rw-r--r-- 1 kakaroto kakaroto 204K Feb 28 17:08 Pavp-20040000.mod 124K -rw-r--r-- 1 kakaroto kakaroto 124K Feb 28 17:08 POLICY-2034d000.mod 4.0K -rw-r--r-- 1 kakaroto kakaroto 4.0K Feb 28 17:08 ROMP-200d2000.mod 60K -rw-r--r-- 1 kakaroto kakaroto 60K Feb 28 17:08 SESSMGR-20719000.mod 44K -rw-r--r-- 1 kakaroto kakaroto 44K Feb 28 17:08 SESSMGR_PRIV-2015a000.mod 4.0K -rw-r--r-- 1 kakaroto kakaroto 4.0K Feb 28 17:08 UPDATE-2003e000.mod 32K -rw-r--r-- 1 kakaroto kakaroto 32K Feb 28 17:08 utilities-2036f000.mod ## Cleaned ME modules : total 120K 4.0K -rw-r--r-- 1 kakaroto kakaroto 4.0K Feb 28 17:15 ROMP-200d2000.mod 116K -rw-r--r-- 1 kakaroto kakaroto 116K Feb 28 17:15 BUP-200d4000.mod > You tell me I am "attacking them" since you care so much you can email them > to remove the dishonest marketing and sell their products *as they are* not > as they could be eventually - then I would have no issue with them What is dishonest in what they write on their site? What is that they sell not as is but as "could be eventually"? >>>> I encourage everyone who cares about the future of free computing to >>>> contact the FSF about this. >>>> Here are posts that help explain the purism situation better than I can. >>>> https://www.reddit.com/r/linux/comments/3anjgm/on_the_librem_laptop_purism_doesnt_believe_in/ >>>> >>> In IT terms, that Reddit thread started a long time ago.... perhaps it >>> is irrelevant these days? > It is still relevant, purism claims to have "open source firmware" when all > the hardware init is done via binary blobs. CPU microcode too is a proprietary binary blob. Still, there are laptops that are considered free hardware and meet RYF criteria. >> No, it is not relevent, and Taiidan knows it, as he was explained time ago, >> in 2017-11-03: >> https://lists.dyne.org/lurker/message/20171103.162330.6499510a.en.html >> >> He falsely writes that all Purism did was "running ME cleaner which they >> didn't make", while in fact what they did is this (quoting from the November >> email): > The HAP bit doesn't disable ME. It leaves in place the hardware init. Everything else is removed: https://puri.sm/posts/neutralizing-intel-management-engine-on-librem-laptops/ The me_cleaner tool deletes most modules [...] pretty much everything except the hardware initialization (BUP = Bring UP) module in the ME image. After the BUP module is executed, it can’t find the other modules, so it stops executing (as it has nothing to execute into), but at that point the 30 minutes watchdog has already been disabled by the BUP itself, so we can keep running. This is already a great improvement! [...] I then checked the output of “cbmem”—coreboot’s debug log during the boot sequence—and it showed that the ME was now stuck in “bring up phase”, its state was “recovery” instead of “normal”. What is dishonest in what they write? > Try removing the ME ROM from purism's firmware (I assume you have one) - the > laptop will shut off after 30 minutes. > If the ME really was disabled you could physically disconnect the ME cpu > core, or remove the and have the laptop still function. > > The ME kernel runs, thus ME is not disabled. They do acknowledge there is more work to do: "We plan to go even further than that in the future and reverse- engineer the remaining parts just so we can attain 100% freedom." > As before they simply need to revise their marketing to say "Partially > disabled". They already went beyond that: they detailed precisely what is gone and what is left. >> He slants Purism because they allegedly have a "mysterious founder [who] >> somehow has a bottomless pit of money", provides with no proofs of his >> allegations. > It costs millions of dollars to make their supposidly custom hardware So? Does Talos' custom hardware cost peanuts? >> and smears FSF because they found out Purism's claims to be >> true and their hardware to be among the most free available today. > Their hardware is anything but free and there are a variety of other options > out there. Smearing Purism is not just pointing out there are other options out there. >> And he >> keeps peddling the hardware produced by Talos Engineering. Let's compare >> Purism and Talos: >> >> 1) Purism is crystal about who run the company and who is working for them: >> https://puri.sm/about/team/, https://puri.sm/about/board/ >> >> 2) In the past they had Jacob Applelbaum and Stefano Zacchiroli (former >> Debian Project Leader) in the Board of Advisors: >> https://web.archive.org/web/20160322025039/https://puri.sm/about/ > That doesn't mean anything or imply some type of endorsement of quality. It does means something, it means they put their name and face on the project. Or, do you have some statement of theirs where they criticized Purism after they could see how it was managed? https://twitter.com/ioerror/status/546321378249809920 Jacob Appelbaum @ioerror I've been emailing with the #Purism folks. I'm really impressed with their vision, their commitment to Free Software (FL/OSS) and privacy. 07:09 - 20 dic 2014 Stefano Zacchiroli is still tweeting positively about Purism: https://twitter.com/zacchiro Stefano Zacchiroli ha ritwittato Purism @Puri_sm 8 mar Purism Partners with Cryptography Pioneer Werner Koch to Create a New Encrypted Communication Standard for Security-Focused Devices https://puri.sm/posts/purism-collaboration-with-cryptography-expert-werner-koch/ >> https://web.archive.org/web/20170105163722/https://puri.sm/about/advisory-board/ >> >> >> 3) Talos is shrouded in secrecy, as nowhere in their site is available >> a list of who's who: https://www.raptorcs.com/ > It is a marketing company of raptor engineering which is owned by timothy > pearson. Why is this not stated on their site? Who are you and how do you know this? How reliable are you as a source of information concerning anything about Talos? >> 4) They are backed by IBM, according to Taiidan: >> https://www.mail-archive.com/dng@lists.dyne.org/msg17532.html >> "They didn't have corporate backers before, now they do." >> [...] >> "Getting corporate backing isn't fishy, IBM wanted to support a POWER >> workstation project via the OpenPOWER foundation." >> >> As this is nowhere stated on talos' website I wonder how does Taiidan know >> that IBM is behind them: does he work for Talos? > Because I am on the TALOS IRC and have asked the owner of raptor many > questions? On Internet Relay Chat? Hardly a dependable, public source of corporate information. [...] >> 5) Whatever Purism develops, they release and publish under an opensource >> license and contribute code to Coreboot; > They currently have not contributed anything that does more than help them > sell their own products (ie: you can't use it on any other motherboard) Of course you can use it on any motherboard equipped with the same chipset and processor. In fact Purism was the first company to invest in Coreboot development for current, not ancient Intel chips: https://puri.sm/coreboot/timeline/ (excerpts) Prologue “A beginning is a very delicate time.” In the summer of 2014, a few months prior to the launch of Purism, Todd Weaver posted to the coreboot mailing list for input on possible hardware choices to run a fully freed coreboot on, and to offer contract work to the coreboot community. Various coreboot contributors pointed out that there were no great hardware choices out there to meet these requirements. Initial Negotiations and Development Work In the middle of 2015, Purism then brought on a coreboot developer requesting to remain anonymous, working under the pseudonym “Larry Moberg”. Anonymous Larry began testing coreboot and publish his findings regularly on the coreboot and Purism blogs. After three months of progress, anonymous Larry disappeared (stopped working and ended any communication with Purism or the public). Todd Weaver met again with various coreboot contributors (including Stefan Reinauer, Ron Minnich, David Hendricks, and a few others), handing them four Purism Librem 13 units to help continue the porting efforts. The aim at the time was porting Coreboot to Xeon E3: https://mail.coreboot.org/pipermail/coreboot/2014-August/078520.html Todd Weaver todd at m2n.com Thu Aug 28 20:09:48 CEST 2014 On Aug 28, 2014, at 10:36 AM, David Hubbard <david.c.hubbard+coreboot at gmail.com> wrote: >> The truth here is that we NEED to have a blob-free version >> (libreboot), so I have a lot of work ahead of me :) > > The reality is that Intel has no plans to release code for Xeon > E3-1200 v3 and HM86 Express. Coreboot's progress so far has been > to integrate the blobs. That is helpful to know, I was considering funding coreboot development, coupled with a libreboot (to deblob it) dual effort, and now I know it will be more than just a consideration. >> 6) Talos promises to let specs be public in the future, but there is nothing >> available right now: https://www.raptorcs.com/content/base/software.html >> And Taiidan is aware of this: >> https://www.mail-archive.com/dng@lists.dyne.org/msg17532.html >> "the public will get the spec sheets and HDL's when the hardware is >> released" >> >> This too I cannot find on their website, and no date is set. > Currently you have to email them for it, but there is a page being set up as > seen in the support section. So, there is no official statement, nothing the public can know. Why is this? >> Why is >> this? How does Taiidan know what they are going to do in the future? > I do my research and I read the TALOS IRC. Do you understand this is *not* the way you run a business and attract investors and customers? Hell, even Novena, Pyra/Pandora and many more manage communication a lot better, and they sell much cheaper products! >> Why are people supposed to trust this anonymous poster? >> >> 7) Purism strives to produce a fully libre system, so much so that they >> axed an initial plan to equip their laptops with NVidia GPUs. > If they really were "striving" they would have never had that plan in the > first place, the only reason they decided not do use a nvidia gpu is because > of community pressure - no one wanted to buy something so obviously non-free. >> At Talos >> instead they value more vendor-bashing that producing the most libre >> possible system: > I don't work for or receive money for anyone - I am unemployed right now. You could state anything about yourself, as no one knows who you are. > It is ironic that you say that considering how many times purism has bashed > minifree as seen in my archived links. What links? What did they write about minifree? [...] > The FSF says that the T2 is still able to be RYF certified with that issue > without diluting the current rules (as an IOMMU isolates the networking > controllers, and that is the only drawback of the system) - whereas purisms > laptops will never be able to be RYF certified without diluting the standards. > > Compare having a black box supervisor processor and not having any free > hardware initiation at all to having free hardware init for everything but > an IOMMU isolated component. At Purism they are aware of this, and they are open about it. As for everything else, the do state on their web site (not on IRC, non to personal emails): https://puri.sm/coreboot/timeline/ Current Work and Future Plans 3. Finish reverse engineering work towards freeing the remainder of the Intel ME binaries 4. Continue to push Intel for a ME-less design, or consider alternative architectures (such as RISC-V, i.MX6, etc.) as potential solutions. >> 8) Taiidan spreads FUD, disinformation and plot conspiracies against Purism >> and provides with no evidence to back his claims: >> >> "Purism is NOT free hardware and certainly not "grassroots" as their >> mysterious founder somehow has a bottomless pit of money to burn on >> hardware costs and propaganda campaigns. > What exactly about purism is free hardware? They detailed throughout how much free their hardware is. Potential customers have all they need to take an informed decision. They are crystal that they still have work to do, that there is some binary firmware inside the systems they sell, and are open on a platform change in case progress stops on this front. > Their hardware initiation is entirely done by binary blobs and there is > hardware enforced code signing on the boards black box supervisor procesor > (ME), As far as I understand the workings of ME, on Purism systems ME stops after hardware init, before any code signature verification. Could you provide with pointers on this matter? > the only way that is "free" hardware is if you change the meaning of > free. >> Purism donates to their own crowd-funding campaigns to make them seem >> more successful and whenever negative facts about them are posted on the >> internet some random guy shows up to insist that the person is >> mistaken." > https://www.phoronix.com/scan.php?page=news_item&px=Libre-13-Self-Funding > "It turns out that it looks like the Librem 13 is being self-funded by Todd > Weaver, the CEO of Purism, in order to meet their goal with the crowd-funded > campaign ending on 17 September." > "Recently, the campaign seemed to surge by around 90,000 USD in a day. > Looking at the page before the surge and the live page, it showed only 4 > extra names. I am not really enthusiastic about self-funding a crowd-funded campaign, however: 1) Todd Weaver put his own name on the contributions, i.e. he did not try to conceal the fact he was putting his own money in the crowdfunding; 2) he's putting his money where his tongue is. > The first one in that list is Todd Weaver, the CEO of Purism. Basically, > Todd has unfairly contributed a large sum to his own campaign." He acted openly, he put his own name on his contributions, why do you state he was unfair? >> "they claim to have "disabled" ME [...] they have not as disabling ME is >> both impossible and illegal." >> (see https://puri.sm/learn/intel-me/ and >> https://puri.sm/posts/deep-dive-into-intel-me-disablement/ to read how >> this was done) >> >> "(archived due to the powers that be removing these posts after >> receiving political pressure)" >> >> 9) How much does it cost you believing anonymous people's promises about >> their allegedly free and open hardware (except for components that are >> open but are from Intel)? > So what exactly is open about anything that comes from intel? >> https://secure.raptorcs.com/content/TL2WK2/purchase.html $4,925.00 >> >> Buying from proven. > Proven by whom? someone who works for purism? By the thousand people who bought their systems. > The developers of ME cleaner and the researchers who have found the HAP bit > state that it doesn't disable ME. Purism detailed very clearly what they took away and what is left inside. > The ME kernel still runs 120 KB of the 1,5 MB execute the hardware init. Then it sits unable to execute anything else. > and can do as it pleases, the HAP bit supposedly > shuts it off after it is more than able to add a backdoor to the system - > how is that disabled? It cannot open a backdoor. All the ME networking stack is gone. > Disabled is being able to physically disconnect the ME core and have the > system still function. >> documentedly IME-disabled provider Purism costs you >> $1,599 for their top-of-the line laptop. > The TALOS 2 board and CPU combo costs $2.5K which is a standard price for > server hardware in that performance class. > > Non-free x86_64 servers from the major vendors such as Dell, HPE, SuperMicro > with comparable performance etc start at 5K for a barebones high performance > server and go up from there. You are comparing apples to oranges. Purism sells finished laptops, not "barebone high performance server"s. >> Truth is, Purism has been delivering products for years, their statements >> are verifiable, just like their code, while Talos has nothing to show for >> their words, sorry, for Taiidan's words, as their hardware offering page did >> not progress beyond the "Pre-Order Acceptance" status: >> >> Today: https://www.raptorcs.com/content/base/products.html >> https://web.archive.org/web/20170707122844/https://www.raptorcs.com/content/base/products.html >> > They have been shipping them out to customers for months now, one of the > buyers had one on display at FOSDEM. > https://syslog-ng.com/blog/centos-dojo-fosdem-2018/ > If you were to buy one you would be per-ordering part of the next batch of > motherboards which is generally how small batch hardware purchasing works to > prevent having too much unsold stock Sorry, other than costing way too much for what I can afford, I really need portable systems, as I do 90% of my job on laptops on different premises (my employers' and their customers). And I do not want to spend 4.900$ on a system that I cannot find details on what software it runs on the motherboard, that nowhere is stated that the IMM's BIOS was removed or that is was opensourced. >> A previous crowdfunding of theirs was turned down by the free hardware >> community: > It wasn't "turned down", there was a lack of publicity for the type of > people who had the money to spend on it - the first TALOS cost too much and > the T2 is much less expensive and thus an actual shipping product. > > It takes around $4M to do a full motherboard production run, that isn't > exactly chump change. And those $4M are evil when Purism puts them on the table, while they're a blessing when Talos does it? > I would really like to know as to how purism is able to make multiple custom > laptops for much less than what it normally costs to produce a motherboard. Would it change what it's inside them and what Purism states is inside them? Since when did it become evil having the money to start a hardware company? >> 14% funded >> 495 backers >> $516,040 raised of the $3,700,000 goal. >> >> Purism instead managed to capitalize from it's increasing popularity on >> the crowdfunding front, too: >> >> https://puri.sm/shop/librem-5/ >> >> 155.26% funded >> 4,339 backers >> $2,328,966 raised of the $1,500,000 goal. >> >> They are Purism's source of funding, together with their customers, not >> just the not any "mysterious founder", Mr. Todd Weaver. The only mysterious >> people and money are Taiidan and those behind Talos. > Cheaper products receive more backers and thus more total money (who would > have thought?) Right, money matters. Didn't you know? > and todd contributes to his own campaigns to make them appear > more successful as referenced above. While I do think a crowdfunded campaign should not be funded by the same person who launched it unless it's stated from the start that the should the campaign fall short of the target the difference is going to be covered by those behind it, I do not think it's wrong that Todd uses his own money to fund a project and a company he believes in. > I doubt that purism can make a custom phone for that price, it is probably a > whitebox rebadge. They are clear how they're moving ahead on this project: https://puri.sm/shop/librem-5/ It's going to be a custom hardware that: * Does not run Google Android * Does not run Apple iOS * Runs PureOS by default, can run most GNU+Linux distributions So, no rebadging of a pre-existent smartphone. They have development boards based on i.MX 6: https://puri.sm/posts/librem-5-roadmap-to-imx8/ Are now switching to i.MX 8 Vivante. They chose this CPU/GPU because it has the best opensource software support among the alternatives, that is: Mali, Adreno, PowerVR and Tegra. > There is no mystery about "those behind talos" - all that information is > freely available on the coreboot mailinglist Do you realize how strange it is that a company selling 4,900$ desktops is only available on a mailing list of a different project, not run by the company itself, or on IRC and their website has no information about these channels? https://www.raptorcs.com/content/base/contact.html > where raptors founder > frequently posts to help people with coreboot development and answer > questions. How is one supposed to know who is one who writes something on a ML or IRC channel running on a different domain, related to a different project than Raptor? Do you realist they have serious communications problems and are not addressing them any way? > It is a modified IBM romulus development board made available to the general > public by raptor engineering/computing systems, IBM assisted raptor with > their efforts via the OpenPOWER foundation as they wanted to get a POWER > workstation to market for those who develop POWER software. Honestly, I'd like to see them succeed, but I doubt they will because they do not show what they are doing and who they are, their web site seems to only have static and old information yet they sell very expensive hardware and there is no public way to see the code of what they're putting inside the systems' motherboard. How in the world do you expect people to want to contribute to their efforts, to believe what they say about their systems and buy them? And please know that you are paying them a big disservice when you repeatedly launch smear campaigns against their competitors from an anonymous email address claiming you know things and people that are nowhere available on the project website, https://www.raptorcs.com/. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
