[coreboot] [liberationtech] Fwd: Firefox OS with built in support for OpenPGP encryption
Eugen Leitl
eugen@leitl.org
Fri Sep 20 05:02:51 PDT 2013
----- Forwarded message from Patrick Georgi <patrick@georgi-clan.de> -----
Date: Fri, 20 Sep 2013 13:49:49 +0200
From: Patrick Georgi <patrick@georgi-clan.de>
To: coreboot@coreboot.org
Subject: Re: [coreboot] [liberationtech] Fwd: Firefox OS with built in support for OpenPGP encryption
User-Agent: Roundcube Webmail/0.9.2
Am 2013-09-20 11:51, schrieb Eugen Leitl:
> The Intel Atom-based MinnowBoard is a new UEFI dev platform, and it's
> Linux-based, and targets hackers; it uses Intel's definition of "Open
> Hardware", mainly meaning no NDAs involved. It is much cheaper and
> smaller than the above box.
> http://minnowboard.org/
> http://uefidk.intel.com/content/minnowboard-uefi-firmware
To wit, its download page is guarded by a long, non-free EULA:
http://uefidk.intel.com/content/minnowboard-uefi-firmware-eula
Some of the components also seem to be binary-only.
> Both of these boxes let you reflash your system firmware with your
> custom build of BSD-licensed TianoCore UEFI.
BSD-licensed TianoCore + heaps of binary modules that are currently
only available under NDA.
They'd also require some additional code (probably binary only?) to
make Tiano resembling something like a complete and secure
implementation.
> <soapbox>
> There is a large OEM/ODM/IBV/IHV/ISV ecosystem that currently runs the
> hardware, and it is UEFI-centric. IMO, focusing only on fringe
> Lemote/Coreboot technology is not a good bet.
coreboot is your only bet on x86 if you aim for open source firmware.
It can be combined with TianoCore to provide the UEFI APIs to the user
(read: Operating System), but TianoCore alone won't do since it lacks
hardware initialization drivers (that coreboot provides).
> Personally, I wish EFF/FSF and other open/free tech groups would form
> a Linaro-like firmware group and produce their own UEFI firmware
> image, as an option for OEMs.
Personally, I wish people wouldn't wish for someone else to start
groups, but do it themselves for a change.
However that brings the risk of seeing that things aren't quite as
simple and might ultimately fail.
Of course, soapboxes and arm chairs are much more comfortable and
comparably risk-free.
> There needs to be some Free Boot alternative to Secure Boot, with
> certs from EFF/FSF/etc and the open source distro vendors, not just
> OEMs/MSFT in the firmware, and it needs to target booting from a
> handful of main open source distros, not just 1 commercial OS. Else,
> UEFI will turn Personal Computers into Windows PCs, ending the era of
> General Purpose computing.
"main open source distros" is not enough since it creates a gatekeeper
model. "Secure Boot" (which is really a Verified Boot) without
physical user override doesn't cut it.
ChromeBooks, using coreboot, provide a mostly* Open Source Verified
Boot model with physical user override (with two override modes: safe
via dev mode switch, and complete via jumper).
* (blame Intel)
tl;dr: Comparing coreboot, Lemote, UEFI and Tianocore isn't as easy as
people seem to believe.
Regards,
Patrick
--
coreboot mailing list: coreboot@coreboot.org
http://www.coreboot.org/mailman/listinfo/coreboot
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20130920/24f23bcb/attachment.sig>
More information about the cypherpunks
mailing list