In Short... You're Fucked, Intentionally, By Design, By Demons... https://events.ccc.de/congress/2014/Fahrplan/system/attachments/2503/origina... https://github.com/corna/me_cleaner/wiki/How-does-it-work%3F https://01.org/linuxgraphics/downloads/firmware https://coreboot.org/ http://librecore.info/ https://libreboot.org/faq.html Why is the latest Intel hardware unsupported in libreboot? It is unlikely that any post-2008 Intel hardware will ever be supported in libreboot, due to severe security and freedom issues; so severe, that the libreboot project recommends avoiding all modern Intel hardware. If you have an Intel based system affected by the problems described below, then you should get rid of it as soon as possible. The main issues are as follows... Why is the latest AMD hardware unsupported in libreboot? It is extremely unlikely that any post-2013 AMD hardware will ever be supported in libreboot, due to severe security and freedom issues; so severe, that the libreboot project recommends avoiding all modern AMD hardware. If you have an AMD based system affected by the problems described below, then you should get rid of it as soon as possible. The main issues are as follows... HDDs and SSDs are quite complex, and these days contain quite complex hardware which is even capable of running an entire operating system (by this, we mean that the drive itself is capable of running its own embedded OS), even GNU+Linux or BusyBox/Linux. SSDs and HDDs are a special case, since they are persistent storage devices as well as computers. Example attack that malicious firmware could do: substitute your SSH keys, allowing unauthorized remote access by an unknown adversary. Or maybe substitute your GPG keys. SATA drives can also have DMA (through the controller), which means that they could read from system memory; the drive can have its own hidden storage, theoretically, where it could read your LUKS keys and store them unencrypted for future retrieval by an adversary. Billions of undocumented transistors... Summary: Given the current state of Intel hardware with the Management Engine, it is our opinion that all performant x86 hardware newer than the AMD Family 15h CPUs (on AMD’s side) or anything post-2009 on Intel’s side is defective by design and cannot safely be used to store, transmit, or process sensitive data. Sensitive data is any data in which a data breach would cause significant economic harm to the entity which created or was responsible for storing said data, so this would include banks, credit card companies, or retailers (customer account records), in addition to the “usual” engineering and software development firms. This also affects whistleblowers, or anyone who needs actual privacy and security. Unless you do something about it...... https://libreboot.org/amd-libre.html We call on AMD to release source code and specs for Ryzen platform Recently in the Libreboot project, we’ve been informed about the new Ryzen platforms being released and sold by AMD. They are currently taking input from the community. Here are ways you can contact AMD to tell them that you demand libre hardware: https://www.reddit.com/r/Amd/comments/5x4hxu/we_are_amd_creators_of_athlon_r... https://twitter.com/amd?lang=en https://www.facebook.com/AMD/ https://community.amd.com/places?filterID=all%7Eobjecttype%7Espace https://www.amd.com/en-us/who-we-are/contact (has contact links for multiple countries) AMD’s CEO, Lisa Su, can be contacted directly via email. Tell her that you demand libre hardware: lisa.su@amd.com Libreboot aims to provide fully free software initialization firmware on Intel, AMD, ARM, POWER and RISC-V platforms, and already does so on some older platforms. As documented in the Libreboot FAQ section, AMD is currently uncooperative in the libre software movement. Specifically, it releases non-free binary-only firmware for its platforms, along with tyrant technologies like the AMD Platform Security Processor. We in the Libreboot project call on AMD to release source code and start cooperating with our upstream, coreboot (and librecore) for its new Ryzen platform and existing Zen platforms. This includes source code for all initialization firmware (typically referred to as the BIOS or UEFI firmware, by some members of the community), and in particular, the AMD Platform Security Processor, to allow the free/libre software community to use AMD hardware that is entirely freedom-respecting. If it’s not too much to ask, we also would like source code and signing keys, including for the PSP and microcode for the CPU. We would also like to have board design guides, datasheets and footprints for CPUs/southbridges and so on. We especially need the signing keys to be released, for those components which are signed (PSP, CPU microcode, SMU, etc). This will make utilising any released source code possible (at present, some components will not run unless the firmware is signed by a certain signature, usually under lock and key by the hardware manufacturer). We in the community need freedom-respecting hardware! We call on AMD to work with us in the Libreboot, Coreboot and Librecore projects on bringing about a world where computing technology is no longer under lock and key from the manufacturer, and instead in the control and ownership of users. This has several benefits for AMD. There is currently a huge demand in the market for libre hardware. At present, the only companies providing it are ones like libreboot suppliers where systems are sold with entirely free software, including the boot firmware and operating system, without any signed firmware for which no keys are available to the public. The problem? These companies are selling much older systems that are made libre mostly through reverse engineering. At present, the systems sold by such companies are using older hardware designs from 5-10 years ago, which means that most people who wish to use all libre software cannot do so, due to practicality concerns. There are some people who will use these older systems, but that is not without a huge sacrifice to their convenience since they end up using older, obsolete hardware and certain tasks (especially serious software development) becomes impractical for a lot of people. AMD has the power to reverse this trend, and there is a potential for a great amount of profit to be made. The free/libre and open source software communities would jump head over heels to support such a move. In other words, AMD can make money from investing in the libre software community. There is even a precedent already set. AMD previously did release source code for all of their newer platforms, to the coreboot project, but then they stopped. We’re calling for this to resume, and to expand further than before. Here are some examples of popular campaigns, some of which were successful: https://www.crowdsupply.com/sutajio-kosagi/novena https://www.crowdsupply.com/eoma68/micro-desktop https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstatio... In all of these cases, the campaigns were popular and this was despite the hardware either being low-end and unsuitable for most people, or too expensive for most people to afford. Then look at the popularity of the Libreboot project. Just imagine what would happen if AMD started to produce cheap, affordable libre hardware, to the point where Libreboot could start supporting newer systems from AMD. The possibilities are endless! People would jump towards AMD and AMD’s sales would go through the roof, while we in the libre hardware community would finally have systems from a manufacturer that cares for our freedoms to use our computers without proprietary software. Even low-end hardware like the BeagleBone or Raspberry Pi (which can be liberated) shows that libre technology is profitable, and desired by the community. Then look at the Google Chromebooks. These devices come with coreboot preinstalled by default! There are even some ARM chromebooks that we support in Libreboot, which are still produced and sold brand new by resellers (e.g. Amazon, Newegg, etc). These devices are sold in the millions! This just shows that it’s not only possible, but profitable, for AMD to start releasing systems which respect the freedom of users. It’s not just commercial benefits that are made possible. There are all kinds of possibilities for scientific research if systems are libre at the hardware/firmware level. For instance, at present, universities do not teach BIOS / boot firmware development in their computer science courses, because this technology is currently restricted by manufacturers and available only to a privileged few. AMD has the power to do the right thing. We in Libreboot call on AMD to work with us in building a world where users of technology can use their computers without relying on any proprietary software. We want - need - a world of highly secure, libre, owner-controlled hardware, from companies that care about software freedom. We in the Libreboot project are available to contact, using the details on the homepage. We look forward to working with AMD :)