Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
Elsewhere in this thread, there's been mention of the dire threat to system security from Intel Management Engine (ME) (every Intel CPU since 2008) and the equivalent AMD Platform Security Processor (PSP). Noted in the current Linux Weekly News: discovery of a way to shoot Intel ME version 11 in the head: https://lwn.net/Articles/732291/ Coolness. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
Quoting Enrico Weigelt, metux IT consult (enrico.weig...@gr13.net): > In essence, moz folks only want to add new fancy brave new world > features (seems they're totally in the post-humanist ideology), > and tend to hostile reaction against all critics. > > Just try to submit a patch that eg, allows build-time opt-out of > geoloc, motion/ambient sensors, etc, and see what happens. I really do think Iceweasel, Mark II is the real route forward: When all is said and done, Mozilla, Inc. are a commercial entity inherently beholden to their funders. They is absolutely _nothing_ like a public utility or charity. We should thank them for a basic codebase that can be used as the basis for better things, and carefully not trust them overmuch. > >>Most of it should still be in their mail archives - and I could publish > >>the personal mails when applicable. > > > >(Which archives, BTW?) > > mozilla.org. > IIRC, it should also be synced to the newsgroups. I honestly cannot find it, FWIW. > In that case it was 'just' banning me completely from all mozilla > communication channels (all maillists, bugzilla, newsgroups, > forums, wikis, etc). One last time: What specifically do you mean by 'threatened'? What, and by whom? I ask mostly because, as I mentioned, I really do believe in 'Fiat justitia ruat cælum' (let justice be done, though the heavens fall) -- including citing the relevant names. If you read the National Transportation Safety Board report on the Pan American World Airways flight 799 disaster that killed my father in December '68, the crucial error (among several) was by an _unnamed_ engineer in Pan Am service engineering who 'decided that [a recommended hardware] modification was not necessary', despite having carte blanche to do any fix costing less than US $50 per airframe and just expense it. An equally unnamed supervisor reviewed this decision and 'decided, after coordination with flight operations, that the bulletin was not applicable to Pan Am aircraft, and no further action was taken. The reason for this decision was not fully documented.' And no names. Names. Accountability. I rather like them. (Som faren går fyre, kjem sonen etter. I am very much my father's son.) ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 01.09.2017 01:25, Rick Moen wrote: https://github.com/orgs/Librezilla/ Thank you for working on that. I haven't taken the time to find the crux of your objection to the upstream code, though. In essence, moz folks only want to add new fancy brave new world features (seems they're totally in the post-humanist ideology), and tend to hostile reaction against all critics. Just try to submit a patch that eg, allows build-time opt-out of geoloc, motion/ambient sensors, etc, and see what happens. Most of it should still be in their mail archives - and I could publish the personal mails when applicable. (Which archives, BTW?) mozilla.org. IIRC, it should also be synced to the newsgroups. But you haven't said what this was, and, FWIW, I did spend a few minutes looking for it. In that case it was 'just' banning me completely from all mozilla communication channels (all maillists, bugzilla, newsgroups, forums, wikis, etc). --mtx ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
Quoting Enrico Weigelt, metux IT consult (enrico.weig...@gr13.net): > >Have you written this up, somewhere? > > yet incomplete and hackish (due lack of time) > > https://github.com/orgs/Librezilla/ Thank you for working on that. I haven't taken the time to find the crux of your objection to the upstream code, though. > >>MSF has already made it perfectly clear they'll never accept any patches > >>for that and continue their path (already threatened me personally) > > > >And have you written up the details of this? > > Most of it should still be in their mail archives - and I could publish > the personal mails when applicable. (Which archives, BTW?) I didn't mean to suggest that I disbelieved you, only that oddly vague claims of 'threats' have a generally wretched history on the Internet. For starters, the author's notion of what qualifies as threatening and the reader's, and what rises to the level of being worthy of notice, tend to differ. This situation is worsened by many Internet denizens' (and many businesses') assumption that talk is cheap on the Internet, that they can get away with darkly hinting at harm of various sorts (semi-threatened litigation for business torts and libel, or alleged trademark violation, being the most common) without consequence. In my experience, the only way to restore accountability is to put the facts out in public without editorial commentary, including names and full texts. This has been my own policy: E.g., when Prof. Daniel J. Bernstein semi-threatened litigation because I dared to maintain a FAQ saying why I preferred not to use his software, I politely referred him to my attorney and then put the correspondence up on the Web for public amusement.[1] Later, when an officer of a LUG in Davis, California sent me an (it was later claimed) unauthorised lawsuit threat letter because I documented on my Web site abusive conduct by the then-listadmin, I published it plus my response letter.[2] And when one of my fellow Board members of my local sysadmin guild, BayLISA, bizarrely and in error claimed _I'd_ threatened litigation against BayLISA (my _own_ organisation), I published all of that, too.[3] Last, when the operator of standalone newsgroup threatened me with copyright litigation for Web-archiving public postings from the newsgroup, I Web-published that as an addition to my Web archive.[4] In each case, the supposed legal threat was obvious bullshit except of the type people feel free to hurl around because they might get their way if the recipient is timid and/or stupid, _and_ because they see no downside to trying. As I happen to have a reasonably high PageRanked Web site, as it turns out, there _is_ a downside to trying this dumb Internet trick on me -- and I don't take lawsuits lightly, having lived through my mother's suit against a Fortune 50 corporation (Boeing) over the wrongful death of my father, Pan Am Captain Arthur Moen. Even though we won, it was an ordeal, so I do not regard bogus legal threats as a matter to take lightly, but rather one to punish with sunlight. If the 'threat' you speak of was substantive _and unmerited_, then IMO you should do likewise. But you haven't said what this was, and, FWIW, I did spend a few minutes looking for it. [1] http://linuxmafia.com/~rick/faq/dan-brandishing-legal-threats [2] http://linuxmafia.com/~rick/linux-info/lugod.html [3] http://linuxmafia.com/~rick/litigious2.html [4] http://linuxmafia.com/~rick/linux-info2/astcomm.html ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31.08.2017 22:38, Rick Moen wrote: I think you're missing that point that a baseband chipset integrated > with a smartphone has total control over anything and everything the> smartphone does, Depends on how it is connected to the rest of the system. If it eg. has a direct link to the mic, it can be easily abused, of course. Nevertheless we should have an open one. --mtx ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31.08.2017 22:26, Rick Moen wrote: They say it's going to be either i.MX6 or i.MX8. whenever mx8 will be actually available ... :o They haven't yet decided. (This further underlines my point that it's definitely nothing like a finished product, yet.) ack. I don't want to be unduly cynical about Puri.sm, but they have had a history of overselling and being just a bit reticent about the secret proprietary bits they've not addressed at all in their 'open' designs. well, never heared about these guys, let's see how it finally plays out. They suggest firefox ... recent versions (at least since 52) have built-in malware. I've already removed larged parts of it (yet very experimental and untested) - still need a strategy to align w/ upstream. Have you written this up, somewhere? yet incomplete and hackish (due lack of time) https://github.com/orgs/Librezilla/ MSF has already made it perfectly clear they'll never accept any patches for that and continue their path (already threatened me personally) And have you written up the details of this? Most of it should still be in their mail archives - and I could publish the personal mails when applicable. I've just contacted the waterfox guy, let's see whether we can agree on an alliance. --mtx ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31.08.2017 22:05, zap wrote: Try Waterfox that is libre by default at least. eme can be disabled and that is waterfox's only problem. Cool, didn't know that yet. We should support it in dng. --mtx ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
Quoting Enrico Weigelt, metux IT consult (enrico.weig...@gr13.net): > They suggest firefox ... recent versions (at least since 52) have > built-in malware. I've already removed larged parts of it (yet > very experimental and untested) - still need a strategy to align > w/ upstream. To be very specific, decades ago I learned to distrust the word 'malware', especially when it gets hurled about with a notable and utter absence of specifics. In my experience, it gets used to mean anything and everything in software the author doesn't like. If you mean, for example 'code that opens outbound sockets to a remote corporate IP address for reasons I [either] don't understand [or] consider insufficient', you really ought to say so rather than erring on the side of vague melodrama. Mozilla Foundation's relationship with users cannot help but be problematic on account of its (and its for-profit subsidiary Mozilla Corporation's) funding model, a matter I discussed in passing in my Feb. 2011 Silicon Valley Linux User Group talk 'The Wild, Wild Web: Web Browser Security, Performance, and Privacy'. Slides and lecture notes in the SVLUG News column, here, http://www.svlug.org/ , but I really covered the funding-model problem in full only in my talk itself: In short, you/we/I simply aren't Mozilla Corporation's customer. IMO, the best way to address that and several other problems would be via an Iceweasel Mark II. And likewise: > MSF has already made it perfectly clear they'll never accept any patches > for that and continue their path (already threatened me personally) I've noticed that many people on the Internet use the term 'threaten' at the drop of a hat, and (likewise) the underlying reality, if any, can be anything at all. By the way, what's an MSF? Mozilla Foundation? ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31.08.2017 21:53, Daniel Abrecht wrote: While all android phones technically use a linux kernel, they have > nothing else in common with a normal Linux system. Android has it's> own libc: bionic. One of my goals in the gnudroid project (which is currently stalled due lack of time) is porting it to glibc or uclibc. It also has special IPC mechanisms enabled in the > linux kernel, Binder already is mainlined. Not sure whether it's properly namespace'd yet, but that shouldn't be the big deal. and it uses gralloc instead of fbdev or DRM. IIRC, gralloc is used to allocate intermediate surface buffers, for both GPUs and other image/video processing devices, and allows passing them between processes (similar to gem or prime). Not checked, but they probably have something that finally bridges to GEMs, so GPUs drivers can consume the buffers (if not, shouldn't be such a hard job to add that). I'd guess sooner or later will come up with something similar, as a complete video processing pipe (involving dri and v4l devices) is an ongoing topic for quite some time. I Really hope the Librem 5 will get fbdev support, so I can see boot > messages on a framebuffer console, and optionally DRM support for> things like OpenGL and Vulkan. plain fbdev shouldn't be the big deal as soon as basic KMS stuff is implemented. in embedded world it's usally just a matter of properly enabling the ipu (for most SOCs should be mainlined) and backlight (usually some dumb pwm controller, either in the SoC or behind I2C). When bringing up an own custom board, that's one of the early steps (and beyond the SOC-stuff usually board specific). --mtx ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
FYI just so everyone knows the 6.5K price is the prebuilt cost, you can get the board and CPU for around 2K then you just need DDR4 memory. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
Quoting Arnt Gulbrandsen (a...@gulbrandsen.priv.no): [snip a bunch of stuff I'm not going to spend time on] > Back to the phones. > > If you have proper control over your phones's baseband, you're > relying on the telco as a proprietary black box to forward your > packets and calls. If your baseband's a blob, but you do have a > proper DMZ between your hardware and the baseband, then you're > relying on two black boxes. IMO: Much of a muchness. I think you're missing that point that a baseband chipset integrated with a smartphone has total control over anything and everything the smartphone does, and is an intelligent, autonomous agent that infamously is subject to subversion by both state actors and well-funded private actors from cell towers (or cheap simulations thereof). In other words, you do _not_ have proper control over your phone's baseband, but remote, undetectable, hostile parties may, and are known to have done so routinely. A baseband chipset _not_ integrated with the smartphone is a lesser threat, The Tor Project article describes how this (current-best) ideal can be simulated by USB-connecting a Wifi-only tablet with a cell modem and battery pack. This reduces the threat exposure to remote, hostile control over the modem functions. Maybe the planned future Puri.sm product will come close to that degree of isolation -- or not. Anyway, I've now explained this matter twice and provided links for experts' assessments. If you don't agree, feel free to go argue with them. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
Quoting Enrico Weigelt, metux IT consult (enrico.weig...@gr13.net): > On 31.08.2017 20:07, Rick Moen wrote: > > >Having the i.MX6 ori.MX8 CPU 'separate' from the baseband > >controller > > Does it have to be an mx6 ? okay, open gpu drivers, but perhaps a little > bit expensive and produces a lot heat. They say it's going to be either i.MX6 or i.MX8. They haven't yet decided. (This further underlines my point that it's definitely nothing like a finished product, yet.) > #1: isolate them as much as we can, power on only if required, no direct > connections to other vital devices, eg. main memory, storage, ports, > mic, etc - for some interfaces eg. i2s we could even add an extra > tamper detection (when baseband attempts to read audio stream) > or just inject fake data when no actual call is running (w/ > cell calls you can safely assume being wiretapped) This would be the opimal approch given the existing baseband situation, but please note that Puri.sm haven't specified yet what they mean by 'separate'. The Tor Project hardened-Android articles has some good thoughts about the baseband problem and how to isolate it as best can be achieved under current circumstances. I don't want to be unduly cynical about Puri.sm, but they have had a history of overselling and being just a bit reticent about the secret proprietary bits they've not addressed at all in their 'open' designs. > They suggest firefox ... recent versions (at least since 52) have > built-in malware. I've already removed larged parts of it (yet > very experimental and untested) - still need a strategy to align > w/ upstream. Have you written this up, somewhere? > MSF has already made it perfectly clear they'll never accept any patches > for that and continue their path (already threatened me personally) And have you written up the details of this? ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
> >> https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy >> > > They suggest firefox ... recent versions (at least since 52) have > built-in malware. I've already removed larged parts of it (yet > very experimental and untested) - still need a strategy to align > w/ upstream. > > MSF has already made it perfectly clear they'll never accept any patches > for that and continue their path (already threatened me personally) > Try Waterfox that is libre by default at least. eme can be disabled and that is waterfox's only problem. > > --mtx > ___ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng <>___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
Rick Moen writes: Having the i.MX6 ori.MX8 CPU 'separate' from the baseband controller (a term on which they have not yet elaborated), but the latter remains deeply problematic, being a proprietary black box with proprietary, opaque firmware. Really? I suppose you've dealt with as many ISPs as I have... some of them give you a cable of some sort, some of them send you a router to put on customer premises. In the latter case, some people just connect the ISP CPE to their network, but you and I make a tiny DMZ and route everything via a router of our own. Once I used the exact same kind of Cisco as the ISP, which looked a little superfluous. But that's really a small thing. A few watts, a power cable. Back to the phones. If you have proper control over your phones's baseband, you're relying on the telco as a proprietary black box to forward your packets and calls. If your baseband's a blob, but you do have a proper DMZ between your hardware and the baseband, then you're relying on two black boxes. IMO: Much of a muchness. Arnt ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 While all android phones technically use a linux kernel, they have nothing else in common with a normal Linux system. Android has it's own libc: bionic. It also has special IPC mechanisms enabled in the linux kernel, and it uses gralloc instead of fbdev or DRM. I think gralloc is the biggest problem with android phones, it's absolutely useless for everything except for androids SurfaceFlinger and canonicals Mir. I Really hope the Librem 5 will get fbdev support, so I can see boot messages on a framebuffer console, and optionally DRM support for things like OpenGL and Vulkan. On 2017-08-31 15:01, info at smallinnovations dot nl wrote: > On 31-08-17 16:14, Narcis Garcia wrote: >> El 31/08/17 a les 15:24, info at smallinnovations dot nl ha >> escrit: >>> >>> As a owner of a BQ Aquaris E45 Ubuntu version i fully support >>> this kind of free smartphone development. But i doubt of a >>> linux smartphone will be functional comparable with Android or >>> iOS within 3 to 4 years. They should use the efforts of >>> Meego/Maemo development or work together wit Jolla. And trying >>> to get support from one or more large smartphone makers. Until >>> then when i have to replace my current BQ it will be a iPhone >>> as one of the lesser evil. >>> >> All Androids run Linux. > > Sure as far as it the kernel concerns that is true. As soon as you > want hardware support for a specific SOC you depend on the > hardware manufacturer. Which are not interested in open source and > you are already lucky if they even want to deliver a binary blob. -BEGIN PGP SIGNATURE- iQFIBAEBCAAyFiEEZT8xKpcJ1eXNKSM1cASjafdLVoEFAlmoaSUUHG1lQGRhbmll bGFicmVjaHQuY2gACgkQcASjafdLVoH5WAf/cZtmCtR9fKNl14IUqCjf8VIZh77p hcZeBYopuu7hXgMatlHY3R2GrczQbeOSFUJziMtYfcI3FOrARRmbvm6QM1FkvCEF d9bmcFTlxRJgV9fspU6XzAjvbW4L6CRip+C94ENjtpnIzjuiLcOZfkonknTfZV9N gddRKKu/jGf8BgD9Uxuxtq4Nm6ZQagROplwzl8qetlg3G/IXMYeWxKq5wYLQR3Br A1+vN4Pk1mGauHMpqZC5yyy6mIyxii/iGNMCuQBmkk1IjpX7T5dxAu/mG58LPIuK XO4Yobb73jjLXZDB4GJS9W8ltGjqORBIC0RcS3nPkNkBCPVkLUbhI8Ntew== =c/NO -END PGP SIGNATURE- ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On Thu, Aug 31, 2017 at 10:40:58AM -0400, taii...@gmx.com wrote: > I doubt it will be owner controlled, as their laptops aren't - they still > haven't even gotten a blobbed version of coreboot working (blobbed init code > + ME enabled as they insisted on a crappy intel soc) > Purism isn't a trustworthy company. You might be interested in Pinebook. While this is on the opposite end to Talos 2 (costs $89 instead of $6.5k), mainline u-boot+ATF+kernel are completely blob-free: the initial bootloader in ROM is really minimal and hands off full control over the hardware to user-controlled code. The BSP (vendor u-boot+kernel) do have sourceless blobs, but the mainline is mostly there. At least, drivers are functional (display has only simplefb rather than proper DRM but that's being worked on), what's missing is a proper DT. Device tree code for this and related hardware is done mostly by Icenowy Zheng; alas she hasn't fully upstreamed the work yet and using her WIP tree requires more u-boot skills than I have. Meow! -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢰⠒⠀⣿⡁ Vat kind uf sufficiently advanced technology iz dis!? ⢿⡄⠘⠷⠚⠋⠀ -- Genghis Ht'rok'din ⠈⠳⣄ ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On Thu, Aug 31, 2017 at 07:35:49PM +0200, Enrico Weigelt, metux IT consult wrote: > On 31.08.2017 16:40, taii...@gmx.com wrote: > > >I doubt it will be owner controlled, as their laptops aren't - they still > >haven't even gotten a blobbed version of coreboot working (blobbed init > >code + ME enabled as they insisted on a crappy intel soc) > >Purism isn't a trustworthy company. > > Don't know anything about that company, but in general x86 boards > are much harder to bring up than ARMs. I only know very few completely > custom x86 boards with open firmware - in ARM world that's daily > business. > > The actually hard part w/ phones is creating a very small and power > efficient board, that's a much bigger challenge than the usual > embedded boards. > > There're several parties out there creating an open phone hw, lets > see how that plays out. > > IMHO, we should now concentrate on the OS, maybe port the android > runtime to GNU platform. That should give us an GUI and applet > framework. Or we start afresh with a plan9-inspired approach. Like Inferno? -- hendrik ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31.08.2017 20:07, Rick Moen wrote: Having the i.MX6 ori.MX8 CPU 'separate' from the baseband controller Does it have to be an mx6 ? okay, open gpu drivers, but perhaps a little bit expensive and produces a lot heat. (a term on which they have not yet elaborated), but the latter remains deeply problematic, being a proprietary black box with proprietary, opaque firmware. #1: isolate them as much as we can, power on only if required, no direct connections to other vital devices, eg. main memory, storage, ports, mic, etc - for some interfaces eg. i2s we could even add an extra tamper detection (when baseband attempts to read audio stream) or just inject fake data when no actual call is running (w/ cell calls you can safely assume being wiretapped) #2: reverse engineer the firmware and find leaks for the time we need to strike #3: write our own open firmware (that might also be useful for existing phones out in the wild - maybe even roll out via a virus) The WiFi and Bluetooth chips and firmware are apparently also black boxes. Don't let them do the encryption part, just let them be dumb switches, until we have our own firmware. https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy They suggest firefox ... recent versions (at least since 52) have built-in malware. I've already removed larged parts of it (yet very experimental and untested) - still need a strategy to align w/ upstream. MSF has already made it perfectly clear they'll never accept any patches for that and continue their path (already threatened me personally) --mtx ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
Quoting Alessandro Selli (alessandrose...@linux.com): > Good news indeed! The second one this week, after this worthy attempt > by puri.sm to finally produce a smartphone designed to be 100% > evil-software free and GNU/Linux compatible (scheduled for release in > 2019, though): > > https://puri.sm/shop/librem-5/ Having the i.MX6 ori.MX8 CPU 'separate' from the baseband controller (a term on which they have not yet elaborated), but the latter remains deeply problematic, being a proprietary black box with proprietary, opaque firmware. (See: http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone) The WiFi and Bluetooth chips and firmware are apparently also black boxes. One notices, also that they say there aren't yet detailed specifications for the simple reason that the choices of hardware components are still up in the air. The secret-sauce baseband controllers are a tough problem, and will continue to cripple any real chance at smartphone security until there's a credible open-design alternative. But fully isolating the main board and CPU from the baseband modem subassembly -- if that's actually what Puri.sm are going to do -- is at least half a loaf. More at: https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy https://blog.torproject.org/blog/mission-improbable-hardening-android-security-and-privacy (If you look closely, you'll see those are two slightly different URLs.) ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31.08.2017 15:48, Edward Bartolo wrote: The devil's advocate in me tells me, since making money is involved, in the end, history will repeat itself as with what happened with 'user-centredness' in GNU/Linux! Those who have used GNU/Linux for some long time know pretty well with the shoving down our throats of systemd what remains of 'user-centredness'. systemd isn't a major threat anymore. we just need some detergences and maybe a few surgical PR hit men here and there. maybe a few PR visible attacks pointing to systemd as the primary weakness would be fine. --mtx ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31.08.2017 17:01, info at smallinnovations dot nl wrote: Sure as far as it the kernel concerns that is true. As soon as you want hardware support for a specific SOC you depend on the hardware manufacturer. Which are not interested in open source and you are already lucky if they even want to deliver a binary blob. We could pick a few suitable models (that are widely available for several years, even as cheap used ones) and crack the blobs. This approach already worked for several GPUs, starting w/ NVidia. Perhaps we should try to bundle the resources, perhaps even create a foundation which primary purpose is crack and disclose all blob drivers and firmware of general computers and destroying vendor lockins (including despotic restriction malware) --mtx ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31.08.2017 16:40, taii...@gmx.com wrote: I doubt it will be owner controlled, as their laptops aren't - they still haven't even gotten a blobbed version of coreboot working (blobbed init code + ME enabled as they insisted on a crappy intel soc) Purism isn't a trustworthy company. Don't know anything about that company, but in general x86 boards are much harder to bring up than ARMs. I only know very few completely custom x86 boards with open firmware - in ARM world that's daily business. The actually hard part w/ phones is creating a very small and power efficient board, that's a much bigger challenge than the usual embedded boards. There're several parties out there creating an open phone hw, lets see how that plays out. IMHO, we should now concentrate on the OS, maybe port the android runtime to GNU platform. That should give us an GUI and applet framework. Or we start afresh with a plan9-inspired approach. --mtx ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31-08-17 16:14, Narcis Garcia wrote: El 31/08/17 a les 15:24, info at smallinnovations dot nl ha escrit: As a owner of a BQ Aquaris E45 Ubuntu version i fully support this kind of free smartphone development. But i doubt of a linux smartphone will be functional comparable with Android or iOS within 3 to 4 years. They should use the efforts of Meego/Maemo development or work together wit Jolla. And trying to get support from one or more large smartphone makers. Until then when i have to replace my current BQ it will be a iPhone as one of the lesser evil. All Androids run Linux. Sure as far as it the kernel concerns that is true. As soon as you want hardware support for a specific SOC you depend on the hardware manufacturer. Which are not interested in open source and you are already lucky if they even want to deliver a binary blob. Grtz. Nick ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 08/31/2017 04:14 AM, Alessandro Selli wrote: On Wed, 30 Aug 2017 at 18:25:07 -0400 "taii...@gmx.com"wrote: Thought I would share this! After what happened with TALOS 1 I can't believe they actually pulled it off this time. This is truly a historic moment for computing freedom lovers - an owner controlled open source ultra high performance workstation/server for only a few thousand dollars. https://secure.raptorcs.com/ Note: For the non sysadmin crowd this is what dual socket performance server/workstation hardware costs - it is designed for the power user market - there are already many crappy owner controlled SOC's going for a few hundred, now the performance segment has a device too. Good news indeed! The second one this week, after this worthy attempt by puri.sm to finally produce a smartphone designed to be 100% evil-software free and GNU/Linux compatible (scheduled for release in 2019, though): https://puri.sm/shop/librem-5/ I doubt it will be owner controlled, as their laptops aren't - they still haven't even gotten a blobbed version of coreboot working (blobbed init code + ME enabled as they insisted on a crappy intel soc) Purism isn't a trustworthy company. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
El 31/08/17 a les 15:24, info at smallinnovations dot nl ha escrit: > On 31-08-17 10:14, Alessandro Selli wrote: >> >>Good news indeed! The second one this week, after this worthy >> attempt by >> puri.sm to finally produce a smartphone designed to be 100% >> evil-software free >> and GNU/Linux compatible (scheduled for release in 2019, though): >> >> https://puri.sm/shop/librem-5/ >> >> >> Alessandro > As a owner of a BQ Aquaris E45 Ubuntu version i fully support this kind > of free smartphone development. But i doubt of a linux smartphone will > be functional comparable with Android or iOS within 3 to 4 years. They > should use the efforts of Meego/Maemo development or work together wit > Jolla. And trying to get support from one or more large smartphone > makers. Until then when i have to replace my current BQ it will be a > iPhone as one of the lesser evil. > All Androids run Linux. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
The devil's advocate in me tells me, since making money is involved, in the end, history will repeat itself as with what happened with 'user-centredness' in GNU/Linux! Those who have used GNU/Linux for some long time know pretty well with the shoving down our throats of systemd what remains of 'user-centredness'. Financial gain is too strong a temptation to always win irrespective of circumstances. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31-08-17 10:14, Alessandro Selli wrote: Good news indeed! The second one this week, after this worthy attempt by puri.sm to finally produce a smartphone designed to be 100% evil-software free and GNU/Linux compatible (scheduled for release in 2019, though): https://puri.sm/shop/librem-5/ Alessandro As a owner of a BQ Aquaris E45 Ubuntu version i fully support this kind of free smartphone development. But i doubt of a linux smartphone will be functional comparable with Android or iOS within 3 to 4 years. They should use the efforts of Meego/Maemo development or work together wit Jolla. And trying to get support from one or more large smartphone makers. Until then when i have to replace my current BQ it will be a iPhone as one of the lesser evil. Grtz. Nick ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On Thu, Aug 31, 2017 at 04:03:57AM +0200, mdn wrote: > I wonder how many packages already work on power compared to X86 ? Since this is little-endian, old "power" (ie, powerpc and ppc64) won't work. Thus, you need ppc64el packages only. Binary packages in ppc64el unstable main: 53512 Binary packages in amd64 unstable main: 55586 There are probably some packages that compile but don't run but that's a tiny minority as most software is sane. The biggest exception I know is GNOME (at least as of jessie, no idea if they fixed it since) but good riddance. GNOME programs still work from a sane WM, it's only GNOME's window manager part that requires either a mid-end GPU with specific capabilities or slow software emulation, the latter working only on amd64 and i386. Meow! -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢰⠒⠀⣿⡁ Vat kind uf sufficiently advanced technology iz dis!? ⢿⡄⠘⠷⠚⠋⠀ -- Genghis Ht'rok'din ⠈⠳⣄ ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On Wed, 30 Aug 2017 at 18:25:07 -0400 "taii...@gmx.com"wrote: > Thought I would share this! > > After what happened with TALOS 1 I can't believe they actually pulled it > off this time. > > This is truly a historic moment for computing freedom lovers - an owner > controlled open source ultra high performance workstation/server for > only a few thousand dollars. > > https://secure.raptorcs.com/ > > Note: For the non sysadmin crowd this is what dual socket performance > server/workstation hardware costs - it is designed for the power user > market - there are already many crappy owner controlled SOC's going for > a few hundred, now the performance segment has a device too. Good news indeed! The second one this week, after this worthy attempt by puri.sm to finally produce a smartphone designed to be 100% evil-software free and GNU/Linux compatible (scheduled for release in 2019, though): https://puri.sm/shop/librem-5/ Alessandro ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] journalctl and Unix groups
I've discovered that for journalctl only exist user(s) and others: no group permissions. Example: exim4 sets read+write permissions to root for logs, and read-only for group "adm". If you are member of "adm", you can read EXIM4 logs. Depending on distribution, journalctl allows you to read recorded logs depending only on you being root or not: In some distros (eg. Ubuntu) any user can read any journal, and (eg. Debian) only root can read journals (nobody else can read anything else). ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng