On Sun, April 15, 2018 11:01 pm, vel...@tutamail.com wrote:
> I am exploring the best Qubes laptop based on the following criteria:
> 1) Secure/Privacy
> 2) Usability and maintenance for the layman in need of security
> 3) Price
> 4) New laptop

I wrote a selection guide here:

It might be a biased example of the logic that led me to choosing G505s,
but the links in there could help you make up your own mind too.

> Purism - Libre or coreboot? with proprietery software in BIOs
> System 76 - Gaming PC primarily
> Thinpenguin - Libre or coreboot? with proprietery software in BIOs,
> manufacturer unsure of 4.0 compatability

If I was forced to buy something new for Qubes, I'd look at the above.
Search this mailing list (and HCL) for reports, though.

> Talos2 - expensive(desktop only?)

Great hardware but not compatible with Qubes yet.

> My specific questions are:
> 1) A lot of custom gaming laptop makers in the USA...any companies
> flashing Coreboot or Libre on new or refurbished laptops commercially for
> Linux?
> 2) My wish list would be able to crack open a laptop and flash
> coreboot(orLibre) but I am concerned this is just too techy. Is it hard
> to do? Is it hard to maintain? Hard to repeat?

It's hard to do the first time, and some motherboard designs even need you
to desolder the flash chip in order to accomplish it (G505s doesn't). Once
you get core/libreboot on there, you can reflash updated versions using
the internal flasher so you don't have to open it up any more.

 3) How risky are the
> proprietery BIOS? Is this Nation state, Lenovo threats only? While I like
> my privacy I likely have bigger issues if they want access. How risky are
> "stock" BIOs from say a Lenovo...realistically/practically speaking.

Judgement call; I enjoy seeing how secure I can make my systems while
still being usable, but have no reason to suspect a targeted nation-state
attack (unless they are targeting everyone running Qubes in which case
they need their budget reduced to help them focus on real threats...)

> 4) Is Qubes still better then a Mac or PC even with proprietery BIOS?

Of course!

