Backdoors in the CPU microcode, backdoors in the proprietary firmware of your motherboard / hard drives, backdoor through Intel Management Engine / AMD PSP. They’re all hardware level backdoors that can’t easily be disabled / replaced on newer systems.
There are only a select few of systems out their that can run a fully free BIOS with no IME, but those systems are about 15+ years old. In terms of freedom, we’re fucked. Even if you do switch to GNU/Linux, you’re still not entirely free.
That is all true. The way to fix this is by always being pro-active, it can mean:
Voting with our wallets. Show that you will always spend on the more privacy-respecting option, even if no perfect option exists.
Raising our voices, to family and friends. Elaborate why we need open tech.
Lobbying for open hardware and software initiatives. The goal is to make openness and freedom more profitable than closed tech.
Pro-activeness is important. Assume that our generation was perfectly privacy-demanding, that this was truly a core value that everybody held. If the next generation became lax on this issue, and didn’t care as much, things would start to deteriorate. Totalitarianism would creep in. So the current generation are always the torchbearers of freedom, we have to do our part.
Debian uses its own version of the Linux kernel with proprietary parts removed; however, if you want to install it on a machine that does have hardware for which there are no free drivers (which is to say almost any machine out there in the market), you’ll have to install proprietary parts; in the last version, Debian 12, system does that by default.
Intel Management Engine is a CPU-level microprogram that runs with highest priority and does not have open code, so essentially every PC with Intel CPU runs some arbitrary code we cannot verify. Same for AMD Platform Security Processor by the way, so there is no simple escape.
Oh and BIOS is proprietary too, and only a few select machines can have a fully libre BIOS successfully installed on them.
Thereby even if you go to essentially libre version of Linux, there will, almost universally, be pieces of obfuscated code with no disclosure on what they’re doing there.
Isn’t that a hardware problem though? At some point you want your software to work, and years of reverse engineering for it to do so is a long time for it isn’t it?
Well, it’s obviously dictated by hardware and the software that manufacturers release for it. I’m not calling enthusiasts to reverse engineer every single driver, that’s impossible.
The point is, there is a lot of proprietary blobs in everyone’s systems, and it’s not cool. If you ask me, we should obviously shift policies to force manufacturers to open source drivers and management systems.
Didn’t knew about the Debian part I thought they said that they will ship an installer with non-free by default and another installer which you can configure.
Btw I’m on my way to build a new x220 with libreboot and GUIX can we get more free than that? Xd
IME is even worse than that. It runs on a supervisor processor in the chipset that has privileged access to the memory, peripherals, and CPU, and can run when the rest of the system is powered off. IME is how Intel AMT can serve as a KVM-over-IP, and just because you don’t have a CPU with Vpro doesn’t mean all the components aren’t there for an exploited or backdoored ME firmware to remotely log your console or inject keystrokes.
I was never a fan of SystemD for that reason. As much as I’m a Windows person, I always admired Linux for its simplicity of “everything is a file”, “keep things in text where possible” and “a program does one thing and one thing only”, and between the binary logs and monolithic chunks it just threw that out the window.
Honestly Arm and Risc-V are under rated. Not all are libre compatible but there are a few that work well with exclusively free software and have much less power draw.
All even half-way relevant architectures but x86 and z/Architecture are RISC nowadays: ARM, Power, MIPS (The Chinese tried to revitalise it but they seem to be switching to RISC-V), Atmel AVR. Oh speaking of microcontrollers: Z80 (CISC) still lives though arguably it’s genetically an x86. And then of course RISC-V which most of all is an open standard, and a clean slate. Also, the first vector insn set that also runs on hardware that isn’t a supercomputer.
Not only will ARM and Risc-V likely not save Linux it will most likely harm it. I doubt there will be many Linux computers running Arm and Risc-V and the few computers that use those architectures won’t run Linux well. M series Apple computers only run with reverse engineering and even then many basic features don’t work.
Most software doesn’t work on arm and despite many distros supporting arm there aren’t many arm computer manufacturers supporting Linux. There is a small possibility that Qualcomm could announce that their desktop CPUs support Linux but I’m not so sure.
Walk up to a random person and say “yeah recompile this software for a different architecture while having no support as the architecture is unsupported”
Yeah I could personally do that with minimal effort but keep in mind the vast majority of people aren’t willing to. Most new Linux users get scared when they see a terminal, how are we supposed to convince people to give up tons of basic hardware features and tell them recompile software when they can keep using a proprietary operating system?
The proprietary video drivers for ARM SoCs have definitely been a problem for years and we can’t rely on third party alternatives or first party support from linux popularity.
As far as software supporting arm, there are translation layers that can run x86 binaries on it and I am confident with more development and more powerful chipsets that won’t be much of an issue for most applications.
That’s the problem, right now arm development boards for Linux are limited which limits development of arm software on Linux which decreased the incentive to run Linux on an arm device. What computer manufacturer that uses arm processors that are comparable to standard Intel/AMD CPUs also supports Linux?
If you want to talk about underrated look into POWER CPUs.
Motherboards like the tallos 2 are completely open source( except for an nvme storage controller) and they already offer x86_64 levels of performance. The only con right now is software support and the cost.
It’s great for the price, but it’s got plenty of issues.
The gpu is worse than useless most of the time, the cpu is perma throttled on Linux, split battery issues and you can’t choose which one to use or when to stop discharging, the keyboard is worse than on the xx20 models, USBC can’t be replaced
Also, you missed the point of the joke. T480 most certainly does have IME, and it can’t be corebooted.
Add comment