On Sun, 03 Aug 2025 13:20:42 -0700 Jason Self <[email protected]> wrote:
> From a software freedom perspective, some 32-bit x86 machines - > especially those supported by GNU Boot - remain among the most > freedom-respecting hardware available. The ThinkPad X60 is probably the best audited and easiest to secure machine with respect to physical security. The CPU is soldered and 64bit CPUs are extremely rare for this computer. While not everybody might be concerned by physical security, nonfree software also implement it (usually in the form of restricted boot), and it seems useful for some use cases when implemented with free software (otherwise people would not advocate its use that widely, despite its huge issues when implemented with nonfree software). The main issue is that not many free distro that support i686 remain: - Guix - Parabola - Hyperbola There is also Trisquel 11 (with your kernel), LibreCMC and ProteanOS that can work on i686 but in all these cases it is not self-hosting: you can't build software on Trisquel 11 due to missing packages. As for Guix, with Guix 1.4.0 and linux-libre-lts it works, but it is broken with linux-libre and/or more recent Guix. I need to find the time to bisect that (it's been years that I've been trying to find the time though). As for hyperbola, its contributors are focusing on Hyperbola BSD, so I've no idea if it's up to date or not, but the packaging policy in Hyperbola is also meant to have at the same time software that doesn't change and that can very easily benefit from security fixes. So Parabola is probably the best shot for most uses cases, as it has a wide selection of packages. It's a rolling release and few years ago when I still contributed to fixing Parabola i686 it tend to break more than x86_64. This is also because Arch Linux ARM, Arch linux 32 and Arch linux (x86_64) are not in sync, and they sometimes have different packages versions, which complicates things for Parabola as it reuses most of their binary packages (it only replace or avoids the ones with freedom concerns). It would be really nice to unbreak Guix as we could promote it more widely for usage with i686. It has some limitations like the lack of rust, but this is also worked around globally in Guix, so it's mostly bugs and package compilation issues that remain to fix to make it usable again. Though compilation issues and broken package tests (make check) can also push users to try to fix issues upstream, and that is not necessarily fast to do. So we basically need more people to help fix things. On Linux side they seem to want to keep support for i686 but at the cost of disabling certain things. Here a way to help would be to simply watch what they are doing for instance by reading news and complain if they remove the support for some hardware that we are still using. This is often enough to keep the support because they seem to only remove support for hardware that has no more users. The consequence of this approach is also that they can simply tell that there are no more users because the support was broken since ages, so here too we would need to use recent kernels to try to detect as early as possible that the support for certain hardware broke, and complain. If we test soon enough it might even be possible to prevent the merge of patches that break things, or force people to fix. I'm unsure of the granularity we need though. But at least testing RC might be something we could organize somehow, and as far as I understand, linux-libre also publishes RC, so with that it would be relatively easy to test and contact Linux before the releases. Denis.
pgp5Qo_AskniD.pgp
Description: OpenPGP digital signature
_______________________________________________ linux-libre mailing list [email protected] http://www.fsfla.org/cgi-bin/mailman/listinfo/linux-libre
