Privacy Respecting Laptops

Travis Biehn tbiehn at gmail.com
Mon Sep 14 08:54:16 PDT 2015 

Agree that 'open source software' may very well be a prerequisite. My point
being that a laptop put together to 'minimize blob use' is not necessarily
the same as one put together to respect privacy. Without some evidence to
the fact it should not be endorsed as such.

Can someone dig up the motherboard design documents, should Librem publish
them & the transparent process by which components were selected to
'respect liberty'?

-Travis

OT aside - If someone were to ask what laptop they should use for 'privacy'
I'd personally direct them to buy a chromebook with cash at a brick and
mortar, wipe & install Qubes (the pixel 2 has some outstanding specs) TAILS
and so on.

On Mon, Sep 14, 2015 at 11:43 AM, Cathal Garvey <
cathalgarvey at cathalgarvey.me> wrote:

> Absolutely, yes; If you ask first for privacy, and there is a good option
> for privacy, then that's the correct answer.
>
> Privacy without free software is a total joke.
>
> Ergo, given a potentially spyware rich platform that *markets* itself as
> Private, as Google, Apple and Microsoft for example *all do*, or a free
> software platform which can be trivially and fairly-well rewritten to not
> be spyware-rich, you choose the latter.
>
> It follows that for a privacy respecting laptop, you must necessarily
> begin with a laptop that can, to some degree of certainty, be wiped clean
> and installed with trustworthy software.
>
> There are many options here; the FSF certify hardware that can be as
> blob-free as possible. There are also lots of pitfalls, because the Linux
> architecture in many places implicitly trusts the intentions of device
> firmwares; it's likely that memory checks aren't implemented well enough on
> so many layers that you can never be sure without literally CMOSing your
> own device control hardware.
>
> Given all these options and pitfalls, draw a "sanity line" somewhere and
> pick some hardware that lets you do modern stuff without torturously long
> waits. In that short-list, the Librem still ranks quite well, I feel.
>
> On 14/09/15 16:32, Travis Biehn wrote:
>
>> What does 'privacy respecting' even mean?
>>
>> It's certainly a win for the FOSS crowd but FOSS isn't synonymous with
>> 'Privacy and Security'.
>>
>> If a product markets itself as 'privacy respecting' (is the Librem
>> /actually/ marketed this way) then it had better back up it's claims.
>>
>> If someone on cpunks asks if it's a reasonable 'privacy laptop' and the
>> answer isn't a bet-your-life on it yes, then the response should be
>> clearly no, even if it's 'a nice /n/th step'.
>>
>> -Travis
>>
>> On Mon, Sep 14, 2015 at 11:15 AM, Cathal Garvey
>> <cathalgarvey at cathalgarvey.me <mailto:cathalgarvey at cathalgarvey.me>>
>> wrote:
>>
>>     TBF, nobody's going to make that Privacy-Respecting laptop if people
>>     reject the "most privacy respecting laptop so far" for not being
>>     good enough. Because, we can keep moving the goalposts, here.
>>
>>     Librem isn't perfect, and its BIOS isn't fully free. But it's
>>     free-er than almost any other laptop being sold that's worth owning,
>>     and it even comes with a hardware switch for some key sensors.
>>
>>     I could ask for more, but bitching and rejecting the Librem because
>>     it's not-good-enough, and buying a laptop with NO respect for me on
>>     the basis that "I can just roll my own", continues to send the
>>     market the message that:
>>
>>     1) Free software doesn't sell
>>     2) Privacy doesn't sell
>>
>>     On 14/09/15 13:37, Travis Biehn wrote:
>>
>>         Oshwm: Seems reasonable. It would be cool if consumers started
>>         valuing
>>         privacy-oriented products, now the whole plot is lost once a
>> company
>>         uses a 3rd party load balancer? Nice.
>>
>>         "Every hardware chip individually selected for being
>>         freedom-respecting"
>>         Is that in the datasheet for each chip "no backdoors & 100%
>>         certified
>>         vulnerability free"? Does an Intel chipset laptop manufactured in
>>         Shenzen really count as 'thoughtful and freedom respecting'?
>>
>>         “Getting rid of the signature checking is an important step.
>>         While it
>>         doesn’t give us free code for the firmware, it means that users
>> will
>>         really have control of the firmware once we get free code for
>>         it.” - Dr.
>>         Richard M. Stallman
>>
>>         And without signature checks how will we prevent un-solicited BIOS
>>         modification?
>>
>>         Securing their Trisquel derived distro?
>>
>>         RMS doesn't have 'robust against nation state attackers' on his
>>         platform
>>         for GNU. They're still just trying to get people to comply with
>> the
>>         license & refer to it as 'gnu / linux'.
>>
>>         Don't mistake a 'FOSS' laptop for a 'Privacy Laptop' just
>>         because they
>>         installed a switch for the webcam. The privacy stuff is just the
>>         work of
>>         marketing.
>>
>>         -Travis
>>
>>         On Mon, Sep 14, 2015 at 1:36 AM, Oshwm <oshwm at openmailbox.org
>>         <mailto:oshwm at openmailbox.org>
>>         <mailto:oshwm at openmailbox.org <mailto:oshwm at openmailbox.org>>>
>>         wrote:
>>
>>              Links go via cloudflare so privacy already abused before even
>>              purchasing.
>>
>>
>>              On 14 September 2015 03:11:12 BST, Alfie John
>>         <alfiej at fastmail.fm <mailto:alfiej at fastmail.fm>
>>              <mailto:alfiej at fastmail.fm <mailto:alfiej at fastmail.fm>>>
>> wrote:
>>
>>                  Just saw these this morning:
>>
>>         https://www.crowdsupply.com/purism
>>         https://puri.sm/
>>
>>                  Although a physical switch to kill the webcam and mic
>>         seems obvious,
>>                  this is the first laptop I've seen with them built in.
>>
>>                  Overall thoughts?
>>
>>                  Alfie
>>
>>
>>
>>
>>         --
>>         Twitter <https://twitter.com/tbiehn> | LinkedIn
>>         <http://www.linkedin.com/in/travisbiehn> | GitHub
>>         <http://github.com/tbiehn> | TravisBiehn.com
>>         <http://www.travisbiehn.com> | Google Plus
>>         <https://plus.google.com/+TravisBiehn>
>>
>>
>>     --
>>     Scientific Director, IndieBio EU Programme
>>       Now running in Cork, Ireland May->July
>>       Learn more at indie.bio and follow along!
>>     Twitter:  @onetruecathal
>>     Phone: +353876363185 <tel:%2B353876363185>
>>     miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
>>     peerio.com <http://peerio.com>: cathalgarvey
>>
>>
>>
>>
>> --
>> Twitter <https://twitter.com/tbiehn> | LinkedIn
>> <http://www.linkedin.com/in/travisbiehn> | GitHub
>> <http://github.com/tbiehn> | TravisBiehn.com
>> <http://www.travisbiehn.com> | Google Plus
>> <https://plus.google.com/+TravisBiehn>
>>
>
> --
> Scientific Director, IndieBio EU Programme
>  Now running in Cork, Ireland May->July
>  Learn more at indie.bio and follow along!
> Twitter:  @onetruecathal
> Phone: +353876363185
> miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
> peerio.com: cathalgarvey
>



-- 
Twitter <https://twitter.com/tbiehn> | LinkedIn
<http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn>
| TravisBiehn.com <http://www.travisbiehn.com> | Google Plus
<https://plus.google.com/+TravisBiehn>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 11061 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20150914/fe7844fa/attachment-0002.txt>

More information about the cypherpunks mailing list