Announcement

Collapse
No announcement yet.

System76 Is Making Progress On Open-Source Firmware For Their Laptops

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • System76 Is Making Progress On Open-Source Firmware For Their Laptops

    Phoronix: System76 Is Making Progress On Open-Source Firmware For Their Laptops

    For the past number of months Linux PC maker System76 has been beginning to work on Coreboot support for their products and over the course of May they addressed more obstacles in order to begin having this open-source firmware implementation work on some of their laptops...

    http://www.phoronix.com/scan.php?pag...mware-Progress

  • #2
    Be sure to follow "This Week in Pop" if you want weekly updates on progress made in Pop!_OS. They're more detailed than the monthly blog posts from System76.

    Comment


    • #3
      I applaud their efforts at making a fairly open stack of software starting from the firmware.

      However, there's certain nightmare scenarios here I can't get entirely away from. We all know, or should know by now, that free/open source software is only as secure as the number of eyes that regularly, skillfully, and thoughtfully review it. It's not enough for it to simply be open to scrutiny. It has to be actively scrutinized by enough people to both keep up with the new code being written and to have the skill set necessary to know what they're looking at.

      Now, let's look at this particular scenario. Let's say System76 completes their open firmware stack, and let's ignore for the moment that it's built on a fairly shoddy hardware house of cards (the x86_64 platform which was never designed to be a secure hardware platform). So they have probably two or three people coding this firmware stack and others working on their particular flavor of Linux. Now let's suppose they actually convince some high value targets to purchase their products. Say for example a couple of US senators, some higher level bureaucrats in a corporation or government. Suddenly they now have the direct interest of state level operations interested in surveillance. Now the number of people in the general population that have the skills to review and discover defects in very low level firmware are extremely rare. In fact, most of them are already employed in those jobs which reduces the number of people who are going to be looking at System76's customized firmware stack to those upstream, plus the few customers they have that can actually do this for themselves. Pit those against the near unlimited resources of a nation state... Suddenly open firmware is not so very much more secure than an off-the-shelf Dell or HP.

      My point is that even though it's laudable that System76 is doing this, I'm not convinced that it actually is going to increase the security of their products against any attacks actually targeting their customers any more than it would against Dell or HP or other OEM where it's much more likely that if they opened their firmware there would be magnitudes higher number of eyes combing it for flaws simply because there would be massively more numbers of people that have direct interest in auditing their particular flavor of open firmware.
      Last edited by stormcrow; 05-31-2019, 05:15 PM.

      Comment


      • #4
        Let's repeat the question one more time, maybe they get to read it this time around: When will you provide AMD options in your laptops?

        Comment


        • #5
          Originally posted by sarmad View Post
          Let's repeat the question one more time, maybe they get to read it this time around: When will you provide AMD options in your laptops?
          When Clevo adds them.

          Comment


          • #6
            Originally posted by sarmad View Post
            Let's repeat the question one more time, maybe they get to read it this time around: When will you provide AMD options in your laptops?
            Probably when/if they actually start selling their own main board designs instead of just rebranding other company's products. Industry OEMs have a massive love affair going on with Intel and it doesn't matter that the Intel house of cards is shaky.

            Comment


            • #7
              Originally posted by Britoid View Post

              When Clevo adds them.
              System76 is not using Clevo anymore.

              Comment


              • #8
                Originally posted by RahulSundaram View Post

                System76 is not using Clevo anymore.
                Do you have a link for this? Even if they are putting laptops together in Colorado, that doesn't mean they didn't OEM them through Clevo

                Comment


                • #9
                  So this "open source" firmware doesn't fix the signed, locked ME. Or replace the FSP, in all likelihood.

                  How is it much better than using open source GRUB or similar on the proprietary firmware? A bit faster loading time maybe, but calling it "open source firmware" is a bit of a stretch with all those mandatory blobs, no?

                  And before someone says it, AMD won't fix this. PSP + AGESA blobs.

                  Comment


                  • #10
                    "A new BIOS setup menu is also being designed for our open firmware"

                    Cool, it'd be nice to see a clean, readable, well-organized board firmware interface which doesn't look like a Macromedia Shockwave website landing page. I wouldn't mind a non-crappy character-based one though.

                    Comment

                    Working...
                    X