Re: Talos II (FSF RYF candidate)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 09/14/2018 04:02 PM, Paul Boddie wrote: > On Tuesday 12. September 2017 16.07.12 Timothy Pearson wrote: >> Just wanted to pass this along from the FSF on this side of the pond in >> case you haven't seen it yet: >> >> https://www.fsf.org/blogs/licensing/support-the-talos-ii-a-candidate-for-respects-your-freedom-certification-by-pre-ordering-by-september-15 > > One year later and it looks like this is available to purchase: > > https://raptorcs.com/TALOSII/ > > Is that correct and why didn't you keep us posted? ;-) Have you had much > interest from the Free Software community? > > Paul Yes, it's true! :-) We've been selling these machines for the better part of a year now, and so far the reception has been quite positive. We'll have some of our hardware available on display / for live demo at the OpenPOWER Summit in Amsterdam [1] if anyone is interested in trying one out live... [1] https://openpowerfoundation.org/summit-2018-10-eu/ - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBCAAGBQJbnCnTAAoJEK+E3vEXDOFbVpQIAIoCtMfqpXl60tpmehS0HW+P dtxQq3kbZnPW2ILOFco2iBU9nHOtrOUyua6YWTBkxg0MZfbHDWb9l3pOyHlEzrSJ +/f7txLwG9xmxaMLXXYbip3NPCODKuFuqODwDIbUWak31aK5h4jaVKzpsqORvrKo UtCHypCePw4JpNWNYv3GzBbaJYT9/lbaEQyRQCxOQciMyXknZdiScCe+xXblcstt Qn73mYEwI7DzN72LhTONN9s69A/xW4M2qEyy2h0u+Q1H6lKOZVpmCtvX9o+b3emH x08GeUE7i6MSjrGolqnda5oIeE03yskSGTF8exoThCLfivJerXt6lBvb1Lj10lw= =+MTn -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion This mailing list is covered by the FSFE's Code of Conduct. All participants are kindly asked to be excellent to each other: https://fsfe.org/about/codeofconduct
Re: to git or not to git
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 09/07/2018 08:41 AM, evaggelos balaskas wrote: > Without derailing too much this wonderful discussion, I would like to make a > comment on lost commits/code. > > IMHO git is not a backup solution, its a version control system. sometimes we > forgot this simple but important tiny thing so freq commits (even on a local > cloned repo or branch) is really useful and > copy/merge/rebase/rewrite/whatever when ready to master. Well said. Along those lines, for those that would rather not use the proprietary system that is GitHub, we've had good luck over the years with SCM manager [1]. It's BSD licensed but quite polished and very stable, and simple enough to get going on a VPS or similar. Also has native git / hg/ subversion support so you don't have to use one SCM only. Back the VPS up to another location on schedule, and data loss / corruption should be mitigated. [1] https://www.scm-manager.org/ - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBCAAGBQJbksFnAAoJEK+E3vEXDOFbbgoIAJZ8H7z2kvutWY8D9G32M0Xk akmkt+FeLenb/GKnh3qAnRok3eZ40/Ob7k4Nbzcd2C6UDSggoKZIMszjkqUbffXv ppR7/zAnNVAMkEFa6liZKbu5m9UhxqxStHSS315DaaJtRzgQV5mpKsizjyKdrHm7 mhYXhnMdKy8Q8xxiWzP2PPZWlHqFQzsj7nQWmqY6F838JaRWy/c6iElcLmwSwh52 UAFkTpQ33BfVrKx4v0po9iM10QrNUQvp8ciXRPAWKw/ChucqO8m1eEqhYy2cCT/z QDFEUAThlgfJC3ndnFKPTAw0n9H0B+KlsfNUiF0XnV0jgGXZENVjAn33v4E4hLo= =+lm3 -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion This mailing list is covered by the FSFE's Code of Conduct. All participants are kindly asked to be excellent to each other: https://fsfe.org/about/codeofconduct
Re: to git or not to git
On 09/06/2018 02:46 PM, David Boddie wrote: > On Thursday 6. September 2018 12.21.17 Timothy Pearson wrote: > >> On the topic of history rewrite, I'd argue that allowing it on a private >> (read: development) repository provides better commits and less chance >> of losing work. It allows the developer to incrementally commit small, >> incomplete, possibly even wrong changes, then decide how they should be >> packaged and layered before attempting a merge. Without this >> capability, our programmers would tend to keep a massive chunk of >> unstaged changes locally, then submit the entire mess for review once it >> was working properly. History rewrite allows the developer to verify a >> multi-week, multi-layer, self-dependent modification and still be able >> to split it apart into logical, incremental chunks with relative ease. > > But are they sharing the changes they commit before rewriting the history > and sharing it with colleagues? No, and I should have pointed that out. When you start sharing, all bets are off and history should not be rewritten, however at the same time you're not likely to be sharing broken / nonfunctional code that's still in the middle of a rewrite. At the very least, it would be expected that you clean up your own mess a bit before trying to engage a colleague for assistance, to avoid wasting time all around, and even then it would be in some kind of WIP branch that would be deleted later on. >> I can't imagine working without this feature. The lack of that feature >> on other source control systems might explain the relatively poor commit >> quality we have observed on those systems (or from people trained on >> those systems) over time -- their commits to be very large, doing way >> too much and touching too many files. Needles to say this causes a >> massive headache if/when the patch introduces a regression. > > I think it depends more on the workflow more than the features of the > revision control system. Of course, those people used to non-distributed > systems may be in the habit of batching their commits for several unrelated > issues because they are used to a centralised model where committing a change > involves sharing it with everyone else. > > I think you could do something similar to git with Mercurial but it wouldn't > be exactly the same. As long as the general class of functionality is present, that's fine. No ability to stage and rework a commit stack though is going to push people more toward the monolithic / batched commit mode from what I've seen. > David > ___ > Discussion mailing list > Discussion@lists.fsfe.org > https://lists.fsfe.org/mailman/listinfo/discussion > > This mailing list is covered by the FSFE's Code of Conduct. All > participants are kindly asked to be excellent to each other: > https://fsfe.org/about/codeofconduct -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion This mailing list is covered by the FSFE's Code of Conduct. All participants are kindly asked to be excellent to each other: https://fsfe.org/about/codeofconduct
Re: to git or not to git
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 09/06/2018 06:42 AM, David Boddie wrote: > On Wed Sep 5 19:44:20 UTC 2018, Alessandro Rubini wrote: > >> Today I read some (most?) documents on the project's site, and I see >> that it's very similar, but on the flip side it looks like interactive >> rebases are not as easy as they are with git, and I really use them a >> lot (I write several features and test them all together, so I often >> squash my fixes in the original commit before pushing). > > Yes, I think there's a compromise between flexibility and simplicity. > Mercurial seems to be focused more on simplicity and ease of use, but that > might make certain tasks difficult to achieve depending on your workflow. > >> Also, I don't like much the data model (which is why, I think, changing >> the whole history is not as easy as with git). > > I think that is regarded as a feature in Mercurial. History rewriting may > be a useful feature in git but it could have limited use if your repositories > are already public. When Mercurial and git were evaluated at a former > employer the ability to rewrite the history was counted as an advantage for > git despite the problem that it would have been very difficult to justify > using it on the company's public repositories. > > Still, it's useful to have the option to do it, especially for private repos. > >> Thank you none the less, it was interesting reading. > > You're welcome. > > David On the topic of history rewrite, I'd argue that allowing it on a private (read: development) repository provides better commits and less chance of losing work. It allows the developer to incrementally commit small, incomplete, possibly even wrong changes, then decide how they should be packaged and layered before attempting a merge. Without this capability, our programmers would tend to keep a massive chunk of unstaged changes locally, then submit the entire mess for review once it was working properly. History rewrite allows the developer to verify a multi-week, multi-layer, self-dependent modification and still be able to split it apart into logical, incremental chunks with relative ease. I can't imagine working without this feature. The lack of that feature on other source control systems might explain the relatively poor commit quality we have observed on those systems (or from people trained on those systems) over time -- their commits to be very large, doing way too much and touching too many files. Needles to say this causes a massive headache if/when the patch introduces a regression. - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBCAAGBQJbkWIJAAoJEK+E3vEXDOFbkyYH/2f5zIeAB5Quiqqjmy8sR4Le whtegBYPW0sYZikbN9xpC+hkzcA8RCSPMpUBspuOkDwlFgNrOvDmbHsz5gkAKNIW AuXoe5fctaV/88iVBOsXt0OtEP+N6/7F7BsvIvYvRbKk3eQK4uMbjwfyYWYX4hV8 vTQh1hVcUhAJwW2WEzOsKid0tN0/x05+GHADriZa8ksxoWmOg8XOxa3bzuhLyCM8 BtZC5aAxomI4pzPOXra2LkGUYcVHQQTqVtE4h/DleidqjX1LXEr7kgQwVpETtO3h /Yz/z1IjKlpAr1Bl8u5fioP+D0P+8ekRTlap/7EPTksHyjAlpLB51hPh4PN/odE= =5khl -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion This mailing list is covered by the FSFE's Code of Conduct. All participants are kindly asked to be excellent to each other: https://fsfe.org/about/codeofconduct
Re: Silent majority
On 09/06/2018 12:25 AM, b...@gnu.org wrote: > Hi all, > > I don't know nothing about what's been talked about in this thread. > > This is just a reminder that there are probably many subscribers like > me who don't have a clue of what is at stake here. > > Perhaps you should gather in a field, organize a tournament and come > back when someone wins -- or have a good discussion somewhere IRL? > > In any case, please keep in mind that some readers may be completely > lost and partially fed up with the spectacle. > > Thanks, > You can even have a tournament with libre software if desired: https://www.xonotic.org/faq/#how-do-i-start-a-server Last man standing gets control of the organization? All jesting aside, I'm also tired of seeing this flood of internal politics and bickering. It makes the entire FSFe and membership look bad. -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion This mailing list is covered by the FSFE's Code of Conduct. All participants are kindly asked to be excellent to each other: https://fsfe.org/about/codeofconduct
Re: CPU as a service // MINIX in Intel ME
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/29/2017 11:16 AM, Florian Snow wrote: > Hi, > > > Timothy Pearson writes: >> Giving up privacy and control to waste time in front of a *game*. > > I agree with you that freedom is more important than games. But in the > long run, we need to find other solutions than telling people not to use > things. Phones are bad because they all come with proprietary blobs, so > don't use them. New technology: Often bad, better wait till it's old > and better understood. Online services that you don't host yourself: Bad, > dont' use them. Games: Usually bad, don't use them. I understand that > freedom is important but to most people, giving up games they really > enjoy is also giving up some of their freedom and people who use > services other people host also feel increased freedom because they can > spend their time doing something other than managing a server. So what > I'm saying is that we need to be careful not to tell people we want them > to lead a live of deprivation. > > Happy hacking! > Florian Yes, I agree. The question is, in a society where any new features / ways of doing things are expected at no cost or well below the real cost of creating things, how does society as a whole move away from the resultant need to "monetise" the resulting products in unethical ways? I guess this is really a variation on the age-old practice of "loss leaders", but taken to such an extreme that it's now expected of every tech product. Combined with 120+ year copyright it's rather hard to come up with a solution other than to just not use the unethical products in the first place, sadly. - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJaHwmSAAoJEK+E3vEXDOFbmMYH/0RGmRlEXbmENvQ7n5Ow+Gdb niXAwE3GvzK/R1IN6eGRZkpdmtDOmP3YiXNayhbtKz99ZGk6RfaM91LiSLVZqI/E 6lvyaJXpnlAAvs1poQ2hWvl5F8tOO6fEp46DaMREOw/3siSw8gmA1nsCyxIuIJC5 1fRtBjtmeDd3crz6daSDlX6SMdEGpXznGE7WzX/xsv9BLy+/xU6tI5bQyegBS/BS JybDL76mpKLBwA/8CL2i2emDoWaQAfk+Qyxtyn6H7mZRLCWzCSVVaicFV5Knwi9P 0AJQ0vA0SYETAKjifzrHMelwTfwCKrlYpOBNCzORdy2tQ+/s2sKvDIFgW2K/Pfo= =qbG/ -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion
Re: CPU as a service // MINIX in Intel ME
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/28/2017 04:47 PM, White_Rabbit wrote: > Il 28 novembre 2017 22:33:06 CET, Timothy Pearson > ha scritto: >> […] Think about that: *games*. Giving >> up >> privacy and control to waste time in front of a *game*. […] > (I'm sorry, I know this is not a reasonable use of the list) > You've never played "Metal Gear Solid", have you? I might have drunk the > koolaid, but I really believe videogames can be a revolutionary medium of > expression, much like books, paintings, sculptures, movies, comics... > To dismiss them like you did, if it's not hyperbole, is wrong. > I value freedom more than videogames, but they can be much more than you make > them sound. Oh, I agree they are a valuable artistic medium, and I have a few myself that I greatly enjoy. However, not only do I disagree with the onerous EULA for many of the larger titles, but I strongly object to the game copyright extending beyond 20 years or so, especially when the manufacturer won't update or sell the game any more after only a year or two post release. I only object to people giving up their privacy, control, etc. over other aspects of their life because the game is considered more important. That is the wrong attitude; the game may be valuable, but is it really more valuable than anything the individual might ever create (or want to create) using a computer? Locked-down x86 boxes are practically a dime a dozen; gaming can be easily done on one of those while real work is done elsewhere. But trying to get people to understand this has yielded unexpected resistance, largely due to the costs of then having to maintain two separate computers. I really don't know what to do to fix this, as I don't think it *can* be fixed given the issues of the x86 platform. Personally, I keep all of the DRM boxes separate and isolated. Amazon streaming goes through a dedicated "garbage" PC that never sees any personal data, etc. No idea if others are willing adopt this model or will just surrender the last shreds of their personal life to keep up with games and streaming video... - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJaHeszAAoJEK+E3vEXDOFb2C8H/iY9OpjP8OE3MdCdbHLF3yfl gth28MyaZf0HEYhrcwq/xqfB5iZVBfQHxE238E29ehGmdBm9vhFtYu/cFCG53ZjE kT3mDWFJhg78qXvbcBAMYSfptN7FY1t9EIqd/GYNOeN68jlmKCnHN2rzRHMAtQtu HCDxjjWzaqt8tkR5tiGDKKMYfPzdVCKkGjsyhEcra1VB7URe4QIjCUcZWeYTQ72n X1Me5fxlCqEAh6KBHZwCZqzhu8UhhZyugVkO0f1rmKcNrTWwBtJsCEYMb3/qdpNI MYUFORxqPEvANSugLjbDQL8NmjcDypq9ZlO2h3KAjXWeLRwAMGMJe5MB5cG1b/g= =PFG3 -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion
Re: CPU as a service // MINIX in Intel ME
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was using "unlicensed" somewhat facetiously from a large content provider perspective; specifically, in the common usage of "not paying a license fee back to the vendor on a continuous basis". The general idea was that the machine vendor wants to see a financial kickback after sale in return for leasing the hardware to the end user at or near cost -- this is what motivates the preinstalled bloatware and things like SuperFish. Sorry for the confusion! On 11/28/2017 03:45 PM, Adonay Felipe Nogueira wrote: > Jost to note that not all copies of Linux are unlicensed. > > The unlicensed ones are those shipped or provided by non-free system > distributions that happen to break the terms of the license (currently: > 99%). > > Besides, the Linux project itself seems to currently put non-free parts > inside it so, one always has to do some cleanup even if getting a copy > from Linux project itself. > > 2017-11-28T15:33:06-0600 Timothy Pearson wrote: >> On 11/28/2017 03:23 PM, Jann KRUSE wrote: >>> In short: >>> We are essentially being forced, without even being told, to run buggy >>> proprietary code in a very powerful and very capable hyper-hyper-visor >>> of our OS, which can (benign or maliciously) control both the (free) >>> software we run and the hardware we "own", without our knowledge. >>> (See also in-line comment below..) >>> >>> Greetings, >>> Jann >>> PGP 0xE7A47A578A30148A >> >> As before, though, you're only forced into this you need to stay on x86. >> >> IMHO part of the reasoning for this lockdown is that the majority of x86 >> sales by volume are still to consumers. Therefore, there is strong call >> to prevent the machine lessee (hesitate to call anyone bound by an EULA >> an "owner") from doing anything that might be considered unacceptable >> (e.g. breaking DRM, posting restricted content, using unlicensed >> software like Linux, possibly even depending on region criticising the >> authorities). We're already seeing some of this in the wild in that the >> 4k streaming services require the ME and its DRM in order to run. >> >> It's still early enough to at least forcibly split "production", >> owner-controlled hardware from the "consumption" leased hardware. >> However this only happens if people support the vendors that are still >> making owner controlled hardware by selecting their products over the >> competing leased x86 systems. >> >> Anecdotally, I have personally seen way too many people supposedly >> interested in libre software that are literally locking themselves into >> the x86 walled garden over games. Think about that: *games*. Giving up >> privacy and control to waste time in front of a *game*. This is the >> mentality that needs to be fixed, that somehow consuming content is more >> important than being able to create it. No idea how to do that right now. >> >> As always, just my $0.02. > - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJaHdn9AAoJEK+E3vEXDOFbTesH/iM1Pq9XbFMQxTrlGOcMMUMj NIjGlYbngAhU7YHv+mD2p2tscLLQjo3WTUci7UQHx1JR4PXl188yQv/YAPbnxopc HJv/iPDFOGr1zEJRSFKdLYQTwczgpwP2DOG9SJZHM6GSsSpoiejv8jSUzMmUtNPl 3jiMMFy8XEkHGzJNJ5/WAYJ7sXAlB2mMCj1DsG3bA4mrDS6i8XopVxD63slOLDcq TDb/CbeEAeV+nJeheC3ihYVdJBlheahwlVEgOcugsk4Vzp6+OWkso+ta650Oy+iQ Gf6fCIkPGx1vrtVCsqiS6nRId7rL4TM/IYjrFm507gXre98ZoqAcAVD66XctO5c= =C6d3 -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion
Re: CPU as a service // MINIX in Intel ME
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/28/2017 03:23 PM, Jann KRUSE wrote: > In short: > We are essentially being forced, without even being told, to run buggy > proprietary code in a very powerful and very capable hyper-hyper-visor > of our OS, which can (benign or maliciously) control both the (free) > software we run and the hardware we "own", without our knowledge. > (See also in-line comment below..) > > Greetings, > Jann > PGP 0xE7A47A578A30148A As before, though, you're only forced into this you need to stay on x86. IMHO part of the reasoning for this lockdown is that the majority of x86 sales by volume are still to consumers. Therefore, there is strong call to prevent the machine lessee (hesitate to call anyone bound by an EULA an "owner") from doing anything that might be considered unacceptable (e.g. breaking DRM, posting restricted content, using unlicensed software like Linux, possibly even depending on region criticising the authorities). We're already seeing some of this in the wild in that the 4k streaming services require the ME and its DRM in order to run. It's still early enough to at least forcibly split "production", owner-controlled hardware from the "consumption" leased hardware. However this only happens if people support the vendors that are still making owner controlled hardware by selecting their products over the competing leased x86 systems. Anecdotally, I have personally seen way too many people supposedly interested in libre software that are literally locking themselves into the x86 walled garden over games. Think about that: *games*. Giving up privacy and control to waste time in front of a *game*. This is the mentality that needs to be fixed, that somehow consuming content is more important than being able to create it. No idea how to do that right now. As always, just my $0.02. - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJaHdYMAAoJEK+E3vEXDOFbGZ4H/3a9W/NzuaVlB2TcywMfJRzx A9Ap9adHOLuvsfQwAxHv93GNoJ8g8LOhjwNPV1YUoERgJaYKEtD0SZYjpIVLYmwU xpImdBbaX5g9PGgeKRF4+I6Ixr/kq9V+EpcyaNvOWVt2U7F0Qlv68CCFsG/Tmg8Q kO3wY4tvc5BzKv5aeaVadU//XPs9rD1DFNqerBYLk4Z2qxkYCM5EMPfbcR97dEJC +ljwtsyVQouWKoppPRcjznDKPR6G9Dpd/s8Em23V4RU+Ky0VFpS9Y+p7XOR6L6EG Gz3UoeHh+87JFew5UHG07GLj4PO6fPjZkt2KLp3j7p6S3qsTFSIQPKOktVKnQ98= =lIKQ -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion
Re: Black Friday Last Minute: CPU as a service has come!
x-intels-hidden-in-chip-operating-system/ > I used this for my executive summary ;-) > > the issue is **not** new (known since 2016, at least) and presented many > times also in FSF/FSFE "circles", eg. here > https://www.fsf.org/blogs/licensing/intel-me-and-why-we-should-get-rid-of-me > > and here https://lists.fsfe.org/pipermail/discussion/2016-April/010912.html > > EFF and Matthew Garrett where more specific about the nature of the > issue on > May 8 2017 here > https://www.eff.org/deeplinks/2017/05/intels-management-engine-security-hazard-and-users-need-way-disable-it > > and here > https://mjg59.dreamwidth.org/48429.html > > so: what's new now?!? > > since October 25 (save the date!) what **is** new is that we have a > scientific proof of the real nature of this _mess_ > > ...and we know that Google *is* _desperately_ trying to get rid of this > issue from their systems *but* they are failing to fully do this > > please enjoy the full Garrett's talk in this video > https://www.youtube.com/watch?v=iffTJ1vPCSo > > he said: "always use coreboot if you can, but if you are stuck with a > situation..." > (29:21 of the video) ... libreboot is maybe better, IMHO > > so, ladies and gentlemen I'll introduce you "CPU as a service" > > do we have to accept an EULA?!? > > ciao > Giovanni > > > [1] https://en.wikipedia.org/wiki/Protection_ring >what the hell is ring -3 ?!?! who "invented" it? >where is it documented? >should we expect to see "ring -9" in the future? >how we could even allow anyone in the world to implement such a >perverted environment? > > > > ___ > Discussion mailing list > Discussion@lists.fsfe.org > https://lists.fsfe.org/mailman/listinfo/discussion - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJaGIdyAAoJEK+E3vEXDOFby5wH/iT+ODsKzA24jW4O3c4jEDZS M5UXYuyxiaE8j3S0gMCvepzwAQeBqphFjXV/UGGqQLYCn8Dv6+Ns5hcXSHChwKCp aMW7TBIJDVR/+cn46Y5moOGsJssXmBA2C9+102rYI3uUxE5i23dcgefW+7UeMA3t OHCeoDwzIlfpV67g0ZZwFStixvpH/lsgwo4tFeoaRvd7esq3pz9KLERwtLcmOUJo MYbJF03zxEP3cAe1izuCjqt1prlhR3+eRh12QRykmT3Vhp1T/v6pek4dZhDs7dAc M5P57IOm6BBx+OD5/BCbeqNQeEnL4qOOhQiWQep7zJhJdPPzR3hWJujd0jcGpKE= =8XS3 -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion
Talos II (FSF RYF candidate)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just wanted to pass this along from the FSF on this side of the pond in case you haven't seen it yet: https://www.fsf.org/blogs/licensing/support-the-talos-ii-a-candidate-for-respects-your-freedom-certification-by-pre-ordering-by-september-15 - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJZuEx+AAoJEK+E3vEXDOFbEI4H/ii1wPQbq6xhZF0F5hcS3Kfi 03oE0E1Xaj5IV2FM30sExO/Lf8I5jl+VQnVdrsiCoIIqBev4DcfxA/vfJ4SUY24y hmbwzafi8g2zffaLSICIChiAEEcDHlaQniTU4S6wxNWv4RyIUrkEYvqUvwRNnpUv g69V8VxYUqcjnHtZVpu9gwAmPgc1TXNW508i4fnMP3EHX1DEmW5pBLmRvPvGsRor 9th3F/ezacfqkPlkuWmL2YLb7wRvTzTJw6CMXInpKDyK+kQCMvL3Tgyp2HFZcCm7 skpS+uconvRQhpp/InVYYCh/e6CrHznpxyEhvug0elX0lZDpqvmv1Hv0sTY3mEU= =WEgY -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion
Re: What's so important about the ethics of free software?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/19/2016 02:14 PM, Charles Cossé wrote: > If I write a 2 line program that prints "hello world" and don't license > it under a FLOSS license, the user is still free to use it or not use > it. According to FSF(E) doctrine, however, I am "unjust" and > "immoral". Read the links you sent some posts back. FSF(E) makes no > exclusion for asymptotic or trivial cases. If I may jump in with a perspective from "across the pond", I would argue that the only case in which libre software takes on a moral imperative is when said software becomes critical for business or life in general; i.e when using the proprietary package becomes largely unavoidable or a choice is presented to either use the proprietary package or to e.g. stay out of a particular field of study or business. For many of these smaller cases, there is no moral imperative simply because one is not forcing other people to use the package in violation of their personal beliefs and views on libre software / software freedom in general. What would handle this quite nicely is something we already have in place for trademarks; specifically the concept of a "genericized trademark". Just as trademarks can be handed into the public domain if they become the primary public descriptor for a specific class of products, it might work well if the source code / rights for an application are handed into the public domain once that application becomes completely unavoidable for business and/or life. The bar for this would obviously be set fairly high, but it would seem to protect against the situation we see now where only one specific, proprietary software package is supported for tasks like tax filings or even life support; cases where a true moral imperative can be widely agreed exists. - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJYWELeAAoJEK+E3vEXDOFbElYIAIxzq+mSYmZklxSkknmxQDKJ s2SyeiB+n68XzAJg/Z06++5HpI3cP1RqO1aCA17iGTKOVa4z2vxMEF/QIpBcQ5GJ F9HAeN2r2Oilz+hriX1gRnXmtIN4AJWAlgDtFIH6QGa7cJLFiRBKwWwpwHo2kIdC g6BbjklL2DJTHvf02pd4bGy5urGg7l7J0OsvMTUj8UgmMcUr4o5260q/Pt7zt9L2 ApbBN570LkTgQaqAZQLwfI8a1MThY1U8Gj+nCpt/aQd4Db3lS89HYmY3FBn+i3Vv 0EpZPQqcRM3iLL57z4zZAP1zqz2LSgwESXWr5au6uv7jjbbmDh+14tG3XgPM31c= =annE -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion
Re: Talos Secure Workstation crowdfunding (was Re: Uncorrectable freedom and security issues on x86 platforms)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/24/2016 05:38 PM, Paul Boddie wrote: > On Monday 4. April 2016 17.06.23 Timothy Pearson wrote: >> >> === POWER === >> >> IBM has recently released their high-performance POWER8 architecture for >> third party licensing, and has also released a small treasure trove of >> firmware and documentation for these devices. POWER is the only >> architecture currently competitive with Intel in terms of raw >> performance, and boots using a fully FOSS firmware with no DRM >> antifeatures embedded. The primary disadvantage of power is cost, as it >> is currently targeted at the server and datacenter markets. We are >> attempting to bring POWER to the high-end workstation market in a >> FOSS-friendly form via the Talos™ Secure Workstation, but need >> additional interest to make this a reality: >> https://raptorengineeringinc.com/TALOS/prerelease.php > > Having seen the EOMA68 crowdfunding campaign get funded on Crowd Supply, it > was interesting to see you proceed with a rather more ambitious campaign for > Talos: > > https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstation > > It's notable that you've raised as much in pledges in about ten days as the > EOMA68 campaign raised within its entire funding window, but then again, > you're attempting to raise twenty times that amount or so. > > What you're offering is largely beyond my computing budget, but I hope you > manage to meet your target. Looking at the product pledges, it's clear that > some demand is there, particularly when four- and five-figure dollar amounts > are involved! Thank you for the encouragement! We would really like to get these powerful development tools into the hands of people working on developing next-generation libre software, as that is really where they are needed. I would also like to briefly highlight the SSH access pledge levels for this campaign. If you can't afford this first generation Talos™ machine, but still want to try out POWER8, this is a good way to both get direct experience with the POWER architecture and help define the future of powerful libre-friendly computing in the process. - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJYDpeKAAoJEK+E3vEXDOFbFRsIAKG0TDW8qyWJmy2QhbgEpeOx CIYeYwHVSeMm9C+8v4YvyAGcplQpjG/MmsjeH05VUPQxgrwXaHX5vgA4uakhHCQ3 2PqnYVF2Ufzu53uzJizbWzG4YMGNSWMP0439gRjFsp0IstEYeRpAgtNjfeHb88Vx UaYn72h/Hsy/VSM759HInvYFO8ZSvS69cFOqx8n7gLkX07REU92rqN63WdXr6bar 3I7RxOoGQCKw9Hu9gTIkACTO39KYMvW8h11SGkIz1hpZfL+ABRFfVYTvaq0zuZ3I rdlzoHPvPatYJ+dtLrMZITkCb6Mj+qC9gC7hu2AEPjTdHiL4RR37NswBwbQr9bw= =/0fO -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion
Re: Is there a small hacker friendly firewall for home use?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/07/2016 02:20 AM, Miguel Tavares wrote: > > Getting any electronic device that doesn't require binary blobs is > becoming impossible.. Being able to find devices that you can actually > own (like being able to run your own code on it) is rather hard already. :( > > I guess the only way this would improve is if vendors of devices with > closed implementations would be held responsible for security of the > devices. I've been saying this exact thing for some time now. Here in the US I don't think it's possible, but I wonder if there are any other countries willing to entertain this idea? Personally, if you "purchase" a device that you have no control over, no ability to modify, no ability to re-purpose, that can be upgraded / deactivated remotely, and that has to be thrown away when it no longer works, it should be legally treated as a leased item and the manufacturer should be held fully responsible when it no longer functions as intended. If it quacks like a duck, let's not call it a goose, OK? :-) - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJX0DyCAAoJEK+E3vEXDOFbokgIALHcHKFd6u053TtPHuxWyQMf GvCxWVlVMyQfZFUBPHC0p5XuB1y9vOLI25gBz+/rXJWfNR/jWN4CUuzVlk5uepJ7 3DwQlSCctVsK8B9kv8SNAxma9k4nrLn4l536nYV5ZRML7oPcKGZ2oB50nD18XDWQ GA6v/Nfc+Hi4oSLsb9M/NbkN+XkXkc48QnQnV4a6nkbSR15fd9Ehp8Q4Ohxwjtbp tTO2KVOJZpWq8dMijpSKhJSRWVlyyurVNAeuOa6NZ+srCVZwO9rsGIcZm4w7U5lQ LKMI7hOfl0N6QFXAgDu0dWvyIN1r065RN7WUVBYyv4jRevRPG3NWsgb1wxo2lag= =+cp2 -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion
Re: Is there a small hacker friendly firewall for home use?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/05/2016 04:45 PM, Max Mehl wrote: > Hi Miguel, > > Recently I heard the state of the art is using for example the APU2 > system by PC Engines, which is a fully Free Software compatible network > device. For WiFi, PC Engines also sells compatible antennas. You can > install a network firewall OS like IPFire or pfSense on it which should > provide all features you mentioned (and lots more!). > > Never used it but heard a few good reports about it. > > Best, > Max Just to make sure this is known, the APU2 currently requires the AGESA binary to boot. It is not (yet?) fully libre: https://review.coreboot.org/#/c/14138/10/src/mainboard/pcengines/apu2/Kconfig See in particular the USE_BLOBS select line. The APU1 does not require blobs to boot and may be a better choice depending on application. - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJXzuRFAAoJEK+E3vEXDOFb9m8H/AhCb4Mfhcpp9OMJpyRcI5Hp fe9owRpvjxhuP4Ek5xX1tm4BuOwo6mVsGJAjfjR5BmW9li8KjYgmw0my3e0YluGr Edj5+Yh0dhNNpnRso3QPiti0moSg0X2qExGNOMwcuQovn6UuuYqId/Cq6uZNUhRx LO6b9+/ywhvDJfI9riEwxw3ulufXV8qXQM4UA/CqhNrphem+hVlxb3RaoH1uozkT jrSjft0wlrA49KClTPCJVjdd0bRPymthKdbiNhbctm5Kd8XLws65Y4tmYpHCdIBB WAEfV3CfV43LPMi1exVjq59DuSDox0cjhUFq0+qnsvut3VWm2CI2adn4lhWS2Fc= =cEnh -END PGP SIGNATURE- ___ Discussion mailing list Discussion@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/discussion