eugen at leitl.org
Sun Sep 8 10:40:48 PDT 2013
On Sun, Sep 08, 2013 at 09:52:38AM -0700, Greg KH wrote:
> > A particular brand of notebook that takes coreboot, and where
> > the proprietary blob-needing parts are physically removed, and
> > only hardware added that is supported by purely open source
> > drivers.
> > I'm sorry to be so vague, but have my reasons.
> I don't believe you. Seriously, I don't. You really have a way to
> "remove" the keyboard controller? What about your USB host controller?
> Oh, you are using PS/2? What about the firmware in that controller
> chip? The microcode in the processor?
Obviously the modifications are not quite as radical, and are an attempt
to reduce the attack surface, especially one for remote exploits.
> Open drivers aren't the real issue. Hardware you can "trust" is.
I agree we need open, trustable hardware. But we're not yet there yet.
Meanwhile, we can reduce the number of weak points that are exploitable.
Worse is better works.
> > There is another project which attempts to design an almost
> > completely open (with the exception of the CPU) board. I cannot
> > give you any more details, see above.
> That's the same as saying, "I have a pink elephant, but I can't show
> you, you'll just have to trust me."
The hardware is real and it's running Linux already.
When/if it's ready to ship there will be an announcement.
> As you don't trust anyone, why should I trust you?
Sorry, I can't disclose any further details on a
public mailing list. Can I use 0x6092693E or
do you have a better key I can reach you with?
> > An unrelated project that also attempts to be quite open and
> > is already public is the Parallella Epiphany. They should be
> > shipping very soon, and will be also available for nonbackers.
> Those boards have some open HDL, which is great, but not all of it is
> open, you still have to rely on blobs from companies that you may, or
> may not, trust.
Yes. I never claimed that Epiphany is completely open hardware.
It is a step in the right direction, though.
> > > big problem), and even things as "simple" as a keyboard controller and
> > > mouse controller (I got started in Linux by writing keyboard and mice
> > > firmware, you can do a lot in those little things). All of which could,
> > > and probably should, not be "trusted". There's no way for anyone to
> > > "validate" all of those.
More information about the linux-elitists