---------- Forwarded message ---------- From: Radoslaw Szkodzinski <astralstorm@gmail.com> Date: Sun, 27 Sep 2015 02:01:58 +0200 Subject: Re: [qubes-devel] Purism Librem 13 and Qubes On Fri, Sep 25, 2015 at 7:32 PM, Jeremias E. <j.eppler@openmailbox.org> wrote:
Am Freitag, 25. September 2015 16:33:39 UTC+2 schrieb Radosław Szkodziński:
On Mon, Sep 21, 2015 at 10:48 PM, Fredrik Strömberg <stro...@mullvad.net> wrote:
I love the Purism initiative. I really hope they succeed.
They cannot truly succeed until Intel opens Management Engine code, SINIT blob, microcode, memory initialization code and more... Coreboot on its own is not enough. http://www.coreboot.org/Binary_situation
They can succeed starting a movement, which has an economical impact. If Intel sees their is a marked they want to be part of it, because they want to make money.
Actually, this is not the first laptop based on open firmware and software. Glugglug/Minifree did that quite a bit of time ago with their Libreboot, even FSF certified. Nobody cares, sadly. Librem likely will fail too for the same reasons - ideology is not enough, and they are even worse at it technically-wise. On the other hand, having a more secure laptop is a tangible benefit. Without backdoors, with fewer bugs, audited firmware, perhaps even partially audited hardware. Maybe even make it easier on the designers, produce a server platform matching those requirements - there's more of a market. Google might even get in, as they are known to use a lot of customized firmware and even hardware. I think they used to support Coreboot itself. They might have stopped caring about this though.
A good example for such a movement is the Fairphone. The first Fairphone was for enthusiasts, but not a real competitor on the mobile phone marked. The Fairphone 2 is a real competitor to other mobile phones.
Having competitive hardware or design is not the same as being a competitor. Try this argument again when it's actually a competitor to, say, any iPhone. At least in top 10. By the way, Fairphone 2 is a nice story for uninformed people, about on par with Librem. I approve of their other efforts, but it's nowhere near enough or close to what's necessary. The critical component, Qualcomm 801 chipset, will be running a proprietary microkernel with proprietary RF firmware, proprietary DSP code and more. Good luck getting Qualcomm to open that - they are quite hostile to any of those efforts. Again, poor choice of an architecture and a very tough nut to crack. (For instance, Marvell is way more open and much less hostile.)
That would probably open a whole can of worms related to security which then would have to be patched, of course.
For now, the best solution would be to try to get Librem to make an AMD-based laptop and test Qubes on it.
Is a nice technical and economical idea, because AMD will maybe help to build such a platform.
I wouldn't quite count on it, though they seem to be expanding their open source drivers effort which bodes somewhat well. That said, their GPUs still require a few fat, complex firmware blobs - fortunately Qubes is pretty good at scraping GUI and enforcing separation thereof. P.S. If we're talking about pie in the sky designs: Probably the best design for an OS like Qubes would be to have separate small CPUs instead of many cores, with separate RAM and memory controller. Maybe even an integrated GPU each to run OpenGL. Multiple USB controllers and hubs to simplify hardware redirection. Multiple small flash drives or even chips. Expensive, power intensive, hard to cool and large though. Think a tiny cluster of mostly separate PCs, connected via an extremely fast bus, such as HyperTransport. NUMA considerations would be less important here as the CPUs with their associated memory would be dedicated to a VM and the support exists in both Xen and Linux anyway. -- Radosław Szkodziński