Among other things. My first question was, is the hardware open? Couldn't find an answer to that.
Edit: Apparently revision 2 of Purism will possibly have Coreboot.
Doctorow's Law: "Anytime someone puts a lock on something you own, against your wishes, and doesn't give you the key, they're not doing it for your benefit."
Bull Mountain, Bullrun, Bullsh
http://cdn.arstechnica.net/wp-content/uploads/sites/3/2015/1...
The graphics chip needs proprietary, binary firmware blobs.
The ethernet chip needs proprietary, binary firmware blobs.
The BIOS is a proprietary, binary firmware blob.
"Respects your freedom" my ass. The only difference to a whitebox laptop is marketing. Dell's or Lenovo's linux offerings are just as "free".
(And chromebooks with Coreboot are, technically, more free than both.)
You're essentially paying a premium to have someone else install an OS for you - color me unimpressed.
Until they can get get an oss version of all the firmware it's just as secure as any off the shelf laptop with a clean install of the OS of your choosing.
If you want more security get an old Lenovo/IBM think pad mod the bios chip and get libreboot.
The cpu, graphics card, hdd, Ethernet and more have more lines of code in them than your OS kernel most likely and that code rarely gets audited even internally.
It's a tradeoff, it depends on what you're protecting against. AFAIK none of the libreboot-supported boards have VT-d, so you lose a lot of qubes's isolation features.
It'll be a great day when we can have a fully free machine (firmware-wise) with IOMMU and some auditable form of DRTM. But we're a long way from that still.
EDIT: I also doubt the markup is steep. Software people always underestimate the cost of making hardware in small quantities. These guys don't have economy of scale on their side. You could say it's expensive compared to the competition, and you'd be right, but it's not because of greedy businessmen at purism.
The figures were about 1500 CPU-seconds for the desktop and 3000 CPU-seconds for the Chromebook. Of course, wall-clock time was significantly less for the desktop due to having many more cores, but that's showing that per-core, the high-end Intel was only about twice as fast as the ARM.
I do development work on the Chromebook, via a Debian chroot inside Crouton. And you know what? It's fine. It's probably the fastest laptop I've ever owned. The filesystem's a little slow, but compilation speeds are perfectly adequate.
I wonder why Purism didn't simply commission such a machine with the right 3D chip instead of going with a non-free and expensive option.
I would also love similar initiatives in the mobile space, but I reckon it is more challenging. Neo900 and Pyra are kind of cool though. And I'm hoping Jolla open sources Sailfish OS later this month or early new year.
I hoped it would support 32GB RAM in 13" laptop, but maximum is 16GB RAM. Only option seems to be Portege R30 Skylake version (not yet announced), which has two DDR slots.
Because they can sell the "expensive" option (which, for the OEM itself, isn't even too expensive) at a much higher premium.
> I would also love similar initiatives in the mobile space, but I reckon it is more challenging.
In the mobile space it would be an even bigger exercise in futility: There is no, and will never be, a baseband chip with a free firmware. The FCC made that pretty clear back in the OpenMoko days – use our NSA-approved proprietary blob or you'll never sell in the developed world.
You can get a decent core i7/i5 OEM laptop made for about 500$ these days http://www.alibaba.com/product-detail/Quad-core-ultrabook-i7...
Add to that some case customization and build in their specific features like wireless "kill switches" (AKA that switch all laptops used to have when wireless used to cut your battery time by half and you needed to use them on planes) and you can still get it made well under 600$, 250-300% markup is very steep in the current hardware industry.
I some how doubt small shops like PCSpecialist in the UK sell large volumes https://www.pcspecialist.co.uk/notebooks/lafiteII/
Only after enough users is involved in freedom seeking, it can be possible to demand large companies to provide something we need. In my opinion, Purism do a lot in this direction.
Render Time:
Photon Time: 0 hours 0 minutes 1 seconds (1.256 seconds)
using 11 thread(s) with 1.456 CPU-seconds total
Radiosity Time: No radiosity
Trace Time: 0 hours 2 minutes 18 seconds (138.426 seconds)
using 8 thread(s) with 1099.214 CPU-seconds total
I would be very surprised if the Chromebook's 1.8GHz Cortex-A17 was only 3x slower. Googling around, I see people mentioning numbers like 10,000 CPU-seconds.
I've wanted for years to run Windows and Linux on one laptop simultaneously via hypervisors -- not dual-booting, not not-OS-is-host, etc. -- but was of the impression that hardware/IO would not be feasible.
Would it make a difference if the chipset being used was already used for a cellphone that was FCC certified? If I put DD-WRT on my router, do I need to re-apply for FCC certification? (Wondering)
Well, also the wifi requires a blob, but one can use small usb adapters sanctioned by FSF, and blobfree.
And as far as QubesOS goes well it is still quite immature and has not received as much security scrutiny as say Linux. As some one who've used QubesOS for some times it's biggest downfall is the limitations of Xen in regards hardware utilization such as 3D acceleration.
QubeOS does not offer a share virtualized hardware layer which can support acceleration which means that things like 3D acceleration are done through passthrough(this to some extent is a limitation of Xen, and it's portrayed as a security feature in QOS).
Since it uses passthrough you can only assign a single AppVM to benefit from the acceleration and by default your physical GPU is assigned to Dom0 (it's actually a bit tricky to assign it to an AppVM). This leads to 3D acceleration being pretty much non existent in your actual applications and this is needed today for everything from browsing to even office use (MS Office 2013 and onward requires DX9/10 compatible GPU).
So in day to day use you end up having pretty much all of your activity either done in Dom0 or if you decide to tweak (which reduces performance considerably since your main desktop loses 3D acc.) your system in a a single AppVM which some what defeats the benefit of QOS.
And even if you have a multi GPU desktop any one who played around with multi-player single host gaming rigs using Xen and multiple GPU's knows just how much of a pain it is to do the passthrough properly, you have to ensure that the UEFI does not initializes the GPU's and once they are assigned to a guest that guest needs to be kept alive, you can't reassign those GPU's without a system reboot, and even suspending the guest might cause some issues as the GPU's are initialized.
QubesOS is great in concept but it's still a far cry from a usable general purpose OS and until they either decide to do proper hardware virtualization and reduce the amount of isolation between individual AppVM's or the hardware industry needs to build a new standard for shared passthrough (necro IRQ's!). Considering that passthrough is actually becoming more and more limited in the consumer space to prevent cheap personal computing parts from being used in the data center space I don't think that the latter very likely.
For Wifi it's surprisingly strict:
• Every antenna+transmitter configuration has to be certified separately (that's why Lenovo and other laptop vendors have Wifi card whitelists and refuse booting with uncertified chips installed).
• The software that directly drives the hardware must be certified to conform to the transmission power limits etc.
For DD-WRT and others neither is a problem, because the hardware combination has been certified by the router vendor, and DD-WRT uses the wifi chip vendor's firmware blob to drive the hardware, which is certified by the vendor.
Since they're not at all transparent on the details about how they will actually achieve true Freedom on modern hardware, and since modern hardware IP is deeply entangled in patent and licensing issues, it's reasonable to be high skeptical of what's going on here.
Then again it can all be a scam which would render anything I just said irrelevant anyway.
With the right (supported) hardware and BIOS, it works. Hence the benefit of this pre-validated bundle. Hopefully more OEMs move to support concurrent Windows & Linux, since manufacturers can use the open-source software to evaluate the compatibiilty of pre-release hardware like the upcoming Skylake Xeon laptops.
Purism (and the vendors that preceded them) deserve credit for prioritizing security and privacy, despite current opaqueness of Intel platform implementations. Intel's customers are OEMs, not end-users. To influence Intel's multi-year roadmaps, more OEMs will need to make similar security/privacy requests to Intel. OEMs can benefit from upstream contributions that integrated with their unique hardware improvements, like kill switches for sensors.
I think the 32GB in a laptop is a power user type group, and that kind of market segmentation makes sense.
Well this is the theory. You'd better be a Unix guru if you want to make it work, they have some questions about it on their Google group and it looks shaky.
It widens the attack surface too.
Try a native install on the Flip, it is nice: http://kmkeen.com/c100p-tweaks/
Yes, the attack surface is widened to include the GPU, with isolation theoretically provided by the VT-d IOMMU. Some recent Intel CPUs support hardware virtualization of the integrated GPU, which likely further widens the attack surface, but enables multiple VMs to have hardware-accelerated graphics. This supports KVM and Xen, but is not (yet?) supported by Qubes, https://01.org/igvt-g/blogs/wangbo85/2015/intel-gvt-g-xengt-.... If the guest workload is OpenGL, http://www.virtualgl.org/About/Introduction could be an alternative.
https://news.ycombinator.com/item?id=10471912
https://raw.githubusercontent.com/QubesOS/qubes-secpack/mast...
Because there have been, of course, many more security bugs found in Xen over the last years (as the numbering of this XSA suggests). True, majority of these didn't affect Qubes OS, sometimes by pure luck, sometimes because of the extra prudence we applied, many other times because of the architectural decisions we made.
Are you sure about that? The fact that not every vendor has such a lock suggests to me that there is no legal requirement for it.
E.g., If you're worried about the police monitoring your communications, giving them a perfectly legal reason to detain you is likely not your preferred course of action.
Qubes OS is very useable, as long as you don't need 3D acceleration. My solution to this is to have a seperate gaming PC that's completely untrusted.
The Qubes devs will not sacrifice the fundamental security properties of the system in the way you suggest to better service gamers.
If you're a person of interest, the police can come up with a better reason to detain you than this.
Running YouTube at anything above 720p is difficult, 60fps isn't functional same goes for 1440/2160p.
Other applications like graphical applications, video editing, CAD etc are also non functional.
I don't know why have you brought up gaming I never did, but please don't even attempt to deny the fact that 3D acceleration is required for many many day to day use cases today that have nothing to do with gaming.
If you use MS Office for work, if you do any sort of content creation, and if you just want to enjoy HD media QubesOS is not for you and those aren't some edge cases.
Yes if you only use VIM ,Libre Doc's (And even Libre Office is using OpenCL these days for spreadsheets and many other things) and Gmail you can use QubesOS without any restrictions but if you need other thinks like for example even basic 3D modeling/slicing software for your 3D printer, Sketchup or Ligthroom well then sorry my dear.
Fortunately, GenodeOS is improving nicely and follows right principles much like what I suggested for Qubes.
Most don't so your analysis fits majority of time. ;)
However it may be that other, less Constitutionally-constrained parties would have the ability to dragnet for nonstandard firmware to highlight people for more intense scrutiny. The police could use a parallel construction based on that. Then they could say that unauthorized firmware on a seized phone establishes some sort of criminal intent.
So, all or nothing is wrong way to look at INFOSEC. I mean, if it's nation states, best to avoid computers in favor of trusted people, paper, and memory. ;) However, many methods provide a meaningful increase of security or just recoverability. Worth remembering.
This particular product: too much risk in it for me to say if it does. People are probably safer with OpenBSD or hardened Linux/BSD on high-end embedded board or old workstation.
DRTM?
* OsmocomBB (http://bb.osmocom.org/trac/)
* An old HN discussion: https://news.ycombinator.com/item?id=7064187
* OKL4, a hypervisor, is used widely in basebands. AFAICT It was developed by Open Kernel Labs and was open. It seems to have been acquired by General Dynamics and I don't know it's current status (does anyone know more about it?) (https://gdmissionsystems.com/cyber/products/trusted-computin...)
* GTA04 by OpenPhoenux (http://projects.goldelico.com/p/gta04-main/)
* Neo900 (http://neo900.org/)
* QTMoko (http://qtmoko.sourceforge.net/)
* SHR (http://shr-project.org/)
Your complaints about lack of 3D acceleration seem to reflect your personal preferences, and are not an actual requirement for making use of MS Office or many other software packages. My six months of production level use provides simple proof by existence. There are some things - games included - that do need something like GPU passthrough, but your view of the situation is either outdated or simply wrong.
Until Purism has actually shipped a working alternative to the management engine firmware, their laptop is hardly any better than most commercial components. If you buy the laptop, you're purchasing hope.
You would be better off getting a Libreboot. http://minifree.org/product/libreboot-x200/
I think you are confusing the topic here. No one denying (ate least as far as I can tell) the isolation mechanism is good, and beyond any other approach we have seen already.
But the main problem is there . They just switched the topic for people who consider their privacy.
For example if you use windows let say it is filled with zero-day backdoors which can be useful for invading your privacy .
But when you use this laptop , yes if even your application has backdoor maybe they cannot go beyond the application layer. But for highly technical people this is non-sense (not visualization , no it is good idea, the idea of running whole system on closed source blobs) . Why ? because they have access to your data via low level backdoors.Maybe they have another level to circumvent (XEN), but it is there and adversary is in your laptop already.Effectively it is there.(It sounds for me like extremely secure environment on closed source blob, which ruins whole design)
But when we are talking about FSF approved laptop (the ones which run whole system on fsf approved software) there is no backdoor. Yes, maybe it is simpler to hack such device , but it is technical problem which should we work on, not a decision problem.
(Personally I think running secure microkernel on fsf approved laptop would be much better, but it is my opinion and since I don't have fact I am saying it in parenthesis)
So practically talking you are not improving privacy . You are improving security.
I hope I was clear enough , though I don't think so.
cmiiw
Intel's TXT framework is quite nifty not fully utilized and I'm still it's not sure if it's as good as ARM's trust zone approach. The problem is that this is/will be a very important factor in any trusted computing in the future and currently it's utterly unaudited at least publicly (and from hearsay also wasn't internally audited).
Intel is pretty much mandating AMI/AMT support within the UEFI, support for TXT/TPM/NGSCB will be also mandatory soon unless Intel open sources all of this there will never be an open source UEFI BIOS which will functional with Intel going forward. Coreboot is shipped with proprietary parts which cover it, you can use Libre but then you are stuck with a decade old hardware and there is very little hope for it to ever support modern hardware the skill set way too demanding for an OSS project without a major corporate support and without full cooperation with Intel this wont be supported. If AMD was smart they would jump on this train, but as BIOS is quite a tricky business these days (probably even more complicated than OS internals with the exception of maybe really low level kernel stuff) I just don't think they want to take that risk considering their financial state.
There are more advanced security features, such as isolation of network adapters from the rest of the system, offered with a system that properly supports VT-d (aka IOMMU). Between having a CPU that supports VT-d, BIOS correctly configuring VT-d, and ACPI tables being correct as well, finding such a machine can be a little more challenging than you expect. I suppose that is where some value is offered by the idea of a "Qubes certified" laptop.
The OEM vendors don't make this in some basement in Shenzhen it is done very professionally and the level of customization that those laptop give the user is unparalleled today.
The PCSpec laptop's I've seen are about the same quality as my Dell XPS 15 (2014 model), some of the Macbook Air style laptop's (https://www.pcspecialist.co.uk/notebooks/lafiteII/ a UK startup that my friend works in bought this for the 20 or so hires they got once they got out of the incubator they are pretty flawless) I've seen are almost indistinguishable from Apple (with the exception that they are usually not unibody) and if you stick an Acer logo in the front and call them the C97somthing I would not be able to tell that this wasn't a brand product.
Now don't get me wrong if you pay peanuts you'll get monkeys but if you are paying 500-600$ for an OEM laptop you will get good quality including IPS screens and capacitive trackpads with large enough orders (10-20+).
> The C100P Flip is the best netbook I have seen in eight years.
That's quite the praise! This thing must be really good.
> The default ALSA config was completely silent. Enabling Right Speaker Mixer Right/Left DAC fixed that. Supposedly there is a risk of burning out the amp if you thoughtlessly enable every option.
Uhh... wow. Well, OK.
> After suspend/resume, wifi will not work if the btsdio module was automatically loaded.
The best netbook in eight years, yet it can't even suspend/resume properly? What?
> The best video output mode is X11 video output. Despite what everyone says about being slow, this is the only driver that doesn't have major desync problems.
> Stellarium would run at a buttery smooth 60 FPS for a few minutes and then everything would die.
> Chromium will not run on this hardware.
> Screen rotation through xrandr doesn't work at all...
Then under "Things to Fix":
> - HMDI output. Very wonky, usually crashes X11 after a few minutes.
> - USB ethernet. The cdc_ether module will load but nothing happens.
> - Webcam. Crazy bucket of fail here. Maybe 25% of the time fswebcam can grab a single frame. Good luck with video.
> - Multitouch on the panel. No idea how to get that working.
To me, —even with the fixes and workarounds you describe— that device sounds like a nightmare to use.
8x i7-3770K: 1123 cpu-seconds (wall-clock: 144 seconds)
4x Cortex A17: 3196 cpu-seconds (wall-clock: 963 seconds)
I just wish it had more cores, but I suspect that Rockchip are raking in money from these things, and I expect we'll get more cores next year.
The 12x Xeon was my work machine. I might have to have a word with them about it.
And then if I want to use a real OS, I switch to my fullscreen Debian installation running awesome and all my xterms and it all just seamlessly interoperates. Except I don't need NetworkManager or PulseAudio or any of that nonsense because ChromeOS does it all for me. The brightness buttons work! The audio volume buttons work! Suspend and resume works! Everything works! There's even two-way clipboard support! Which works!
I've been using Linux for years, and I think this is the first time I have ever had a Linux-based laptop where all this stuff wasn't a total PITA.
Everything else comes down to software. Some of the difficulties were because I prefer to do things a difficult way. Eg, Arch is going to require more configuration and sound Just Works if you use Pulse. Having ALSA correctly autoconfigure everything except a single boolean flag is pretty good in my book. The warning about burning out hardware is just me passing on the advice from an engineer who actually works on these boards.
Suspend/resume is in fact flawless. It has never failed to come out of suspend, unlike quite a few thinkpads I've used. However linux does the wrong thing here with the bluetooth module. Trivial to fix, and it happens on other hardware too. Not the fault of the Flip.
Chromium doesn't run on Arch Linux ARM at all. Any hardware, regardless. So you can't hold that against the Flip. And I don't use Chromium, so this is a non-factor.
Almost everything else is the usual crap you have to put up with using garbage closed source video drivers and a kernel hacked out of ChromeOS. But I spend the majority of my time in the terminal, so the graphics are nothing I am concerned about. Similarly, I don't care about the webcam or multitouch, or HDMI because I don't own an HDMI monitor. I feel they are irrelevant details hardly worth mention, but they sound like dealbreakers to you.
Literally all I do is typing, reading, listening to music. I wanted fanless, all-day battery life, that weighs under a kilogram and is under $300. The Flip delivers and overall it has been a better experience than running Linux on a thinkpad. There are very few netbooks that could meet those requirements, and none that do it as elegantly as the Flip does. Therefor it is the best in my regard. If you disagree, it is up to you to name something superior according to the given criteria.
Linux boots in 6 seconds. Caps is mapped to Mod4/super, you already have a GIANT control key. Linux does not need NM or Pulse either. And the operating system is not in the middle of being axed by Google, so while updates are not automatic I don't have to worry about them stopping.
But the two biggest points: Linux gets you an extra five hours of battery life, and lets you configure charge limits so that the non-replacable battery won't rot away in three years.
I wonder if MSFT would ever let OEM's lock the devices to their bloatware spec and if so how long until we get laws similar to SIM unlocks passed to give us customers some control back.
And yes, it might be a scam. But might be not.
[0] (1) is being already done by FSF, but to me it looks like it's not enough.
Not the sort of behavior I would classify as "trustworthy".
I spend about 10 hours a day on my main computer. If I upgrade every 18 months, even a $1500 machine only costs 28 cents per hour. Set aside frustration with drivers or software bugs; expensive laptops win for purely economic reasons. If a $1500 laptop makes me even 10% more productive, it's worth buying. This is the case for practically anyone who works in tech.
My current laptop is a base model 12" MacBook. It is, without a doubt, my favorite computer ever. It's small. It's light. The screen is gorgeous. It resumes before I'm done opening the lid. It has an amazing trackpad, excellent battery life, and a wonderful keyboard. With current technology, it could scarcely be improved upon. I wish there was a combination of hardware and software that could compete with it, but so far, nothing I've seen has come close.
With regards to being able to buy more equipment: I do have a powerful rack-mount server in addition to my MacBook. But being able to buy five ordinary laptops for the price of an amazing one? That's not very relevant. I can only type on one keyboard at a time. If anything, more laptops would slow me down. I'd have to keep all of their software up-to-date, sync data between them, ensure their batteries were charged, etc.
Imagine making the same argument in other domains. For the price of one plane ticket, I could buy five Greyhound bus tickets to the same destination. For the price of one quality memory-foam mattress, I could buy five innerspring mattresses. For the price of one Aeron chair, I could buy five AmazonBasics office chairs. So what? I don't want more. I want better.
It is irresponsible to always buy the "best" when you should be looking for the best value per dollar. Your own bank account is zero-sum, be more effective with it.
But on every single other laptop I have ever used Linux on, there has always been something that hasn't worked properly, whether it's audio not waking up properly after a suspend, or occasionally suspend not actually working and I discover a red hot laptop in my bag spinning at 100% CPU, or some such issue.
Having a machine which I don't have to fiddle with to make work is a totally new experience for me.
We think that once you actually see and touch the Librem, hands on, you will find the hardware is even better than a MacBook in many ways.
The Librem is definitely much faster, and the screen quality is amazing. The feel is very sturdy.
The usability, look/feel of the amazing Mac OSX is harder to exceed but we are working on the UI and ease of use in our Linux-kernel-based PureOS. It's all a work in progress.
And one more thing -- we are structured more like an Open Source project than a traditional corporation, so we are able to iterate very very rapidly.
The Librem is really created with the feedback of the backers and the community. This is what makes it at the core, very different than any other computer.
"What is my data worth?"
What is your privacy worth?
What is it worth if even one time you have your identity stolen or tax return hacked, or your company's reputation is ruined by a data breach?