You are not logged in.
It should boot into Linux or BSD WITHOUT any single BLOB
and following ports should work: USB, SATA, Ethernet, any display
PCI port if present would be desirable too
I do NOT need multimedia like sound, 3D video, etc.
It is a security console for remote administration of servers via SSH and VNC.
Only for work, not for games.
Offline
Raspberry seems requires a BLOB to boot which is bad from security point of view.
I need a hardware 100% free of active BLOBs which are missing public source code.
Someone thinks that Allwinner, STM32, LPC and OMAP can boot 100% free of BLOBs, is it correct?
Offline
As a start:
โโท https://wiki.debian.org/FreedomBox/Hardware
*๐๐๐๐๐๐!*
Offline
Please suggest a netbook (tablet with a keyboard)
Cortex A7 preferably AllWinner A20/A23/A31/A33
Thank you very much for your help!
Offline
Please suggest a netbook (tablet with a keyboard)
Oh yes!
An ARMish tablet/netbook is missing in my collection too!
I'd prefer long runtime per charge over computing power.
I confess not having tried Devuan on my Nokia N900 yet and am dreaming of at least 5"..7" because the N900 (3ยฝ") is far too tiny for these old eyes.
*๐๐๐๐๐๐!*
Offline
Please note a few features of a laptop/tablet I am looking for:
1) Spectre free CPU with "in order" execution and not very modern to avoid backdoors like Cortex A7.
2) Open source drivers in a Linux mainline like for AllWinner A20 realization.
3) Able to boot into FreeBSD/OpenBSD
4) May be it can be a custom made laptop from Olimex Olinuxino A20 like this:
https://wot.lv/my-take-on-a-custom-laptop.html
5) USB port able to connect to USB hub with several devices like external USB keyboard, mouse, HDD, etc.
6) BLOB free boot to avoid hardware trojans managing ARM worlds in TrusZone
Offline
So I think I have to make a custom Laptop based on a CortexA7 AllWinner board compatible with OpenBSD.
You can see an example of such DIY:
https://web.archive.org/web/20190209180 โฆ aptop.html
They use a special adapter to convert a general Thinkpad Keyboard to USB channel.
I think such adapter can be found in different Android ARM based smartbooks (not sure about Windows Atom smartbooks). Does anyone know which smartbook have a USB keyboard which could be reused in a custom made Laptop?
Offline
Offline
What do you think about how secure is MIPS hardware of a router like WNDR3800 with 128Mb RAM?
This router can boot into fully free open source LibreCMC.
It can be managed from text terminal via SSH or serial console.
Can I add SWAP on LibreCMC located on a USB flash by swapon command?
Can I then chroot from LibreCMC into another distro like Debian v8/v9 located on a USB flash drive?
Only text mode is needed, NO graphical desktop is needed.
Offline
Can I then chroot from LibreCMC into another distro like Debian v8/v9 located on a USB flash drive?
Only text mode is needed, NO graphical desktop is needed.
I don't know LibreCMC but it smells a bit like OpenWrt.
Search for "kexec" which would even allow booting a different kernel from an already running one: https://openwrt.org/docs/guide-user/advanced/kexec
Last edited by yeti (2019-02-11 18:32:44)
*๐๐๐๐๐๐!*
Offline
Please let me know, what do you think about a new very affordable Freescale board:
https://web.archive.org/web/20190716053 โฆ 6605s.html
AliExpress:
https://web.archive.org/web/20190716054 โฆ 81658.html
TaoBao (two times cheaper):
https://web.archive.org/save/https://it โฆ 6322544984
May it have less backdoors and miss CPU God mode for rooting?
Last edited by alupoj (2019-07-16 06:00:41)
Offline
I would recommend to search for NXP i.MX based boards. However, in general ARM is just a pain. x86 based boards are much more "open source" than any ARM based board.
Offline
I would recommend to search for NXP i.MX based boards. However, in general ARM is just a pain. x86 based boards are much more "open source" than any ARM based board.
In regards to x86 vs ARM you are right, but the issue is there is not enough ARM developer pc's as Linus Torvald mentioned not long ago. x86 just corners the market now until some clever so and so's put together powerful ARM computers not raspberry pi hobby boards.
Offline
I would recommend to search for NXP i.MX based boards. However, in general ARM is just a pain. x86 based boards are much more "open source" than any ARM based board.
Please explain how X86 is more open source than ARM?
ARM is almost a pure hardware RISC processor executing supplied instructions directly on its hardware at once.
But X86 is a virtual machine like a Bochs X86 VM generally run on a very high performance hardware RISC processor for which we do not have any documentation at all, look at VIA C3 as an example,
Intel and AMD are the same idea but significantly more optimized for high performance.
Even modern Intel and AMD processors are "RISC" under the hood - they decompose CISC x86 instructions into RISC micro-ops, this isn't a VIA phenomenon
Everything is TOP secret about X86 CPUs actual hardware internals, its hardware implementation, its native RISC like assembly instructions, implementation of X86 virtual machine and backdoors injected into this VM yet on the factory and even BIOS initialization procedure at the very beginning of the boot time has so little documentation that only a few boards have unofficial Libreboot firmware for them from hackers who somehow reversed BIOS fragments and/or schematics and initialization sequences.
A few more boards have been made compatible with Coreboot and the most of them are too old and most likely some docs just leaked from laboratories to help coreboot developers to reverse engineer the boards boot process (initialization of RAM modules, etc.).
And ARM initialization process is almost completely open source for some boards, though a few code is still unknown too which is executed before uboot just after getting a reset signal. Can it include some trojan running in a TrustZone isolated and undetectable from OS, may be, who knows.
Uboot needs to be customized for each board, but a few boards have it open source even officially.
For a few boards like AllWinner A20 we have all software parts open source: Uboot unlike proprietary BIOS or UEFI for X86 and even mainline Linux kernel like for X86, even open source 3D driver is being under development and already works.
X86 looks very versatile, has outstanding performance, compatibility with huge amount of add on parts, with fully open source OSes like Linux and BSD supported forever, tens of years after hardware release, it still can run the most recent modern up to date OSes like BSD. For example the most up to date BSD 2019 at least in text mode still runs fine on 20 years old Pentium 1/2 1997 and even X works well enough if the board has enough RAM like 200-300 Mbytes.
X86 completely hides its initialization code and most likely virtualization spying invisible trojans in negative and/or zero rings of CPU booted before any OS code and fully undetectable from OS level.
Last edited by alupoj (2019-07-18 06:22:13)
Offline
raspberry pi hobby boards.
Btw, Raspberry PI is not a good example of open source board at least because its boot loader is proprietary and even includes initialization for video output to prevent booting another way.
I think better examples of open source single boards would be Olinuxino, Beagleboard Black and OrangePI, at least they run open source UBoot and main line Linux kernels, some of them can run even OpenBSD !
Last edited by alupoj (2019-07-18 05:04:12)
Offline
I would recommend to search for NXP i.MX based boards. However, in general ARM is just a pain.
Please suggest why are they good in terms of being more open source?
Please let me know, what do you think about a new very affordable Freescale board:
https://web.archive.org/web/20190716053 โฆ 6605s.html
AliExpress:
https://web.archive.org/web/20190716054 โฆ 81658.htmlTaoBao (two times cheaper):
https://web.archive.org/save/https://it โฆ 6322544984May it have less backdoors and miss CPU God mode for rooting?
It seems to be Freescale/NXP M*Core, is not it?
Last edited by alupoj (2019-07-18 06:09:54)
Offline
ToxicExMachina wrote:I would recommend to search for NXP i.MX based boards. However, in general ARM is just a pain. x86 based boards are much more "open source" than any ARM based board.
In regards to x86 vs ARM you are right, but the issue is there is not enough ARM developer pc's as Linus Torvald mentioned not long ago. x86 just corners the market now until some clever so and so's put together powerful ARM computers not raspberry pi hobby boards.
x86 has own firmware standard. Initially it was BIOS. Now it's UEFI instead of BIOS. There are mostly same hotkeys, 99% same boot mechanism for motherboards from totally different vendors. At the same time every ARM board (even development boards) has own uboot fork, own bugs, own BSP kit incompatible with others, etc. There are enough powerful ARM workstations even today - see ThunderX based computers. The result is still same: proprietary platform. The only advantage is a lot of devices with ultra low power consumption. That's all ARM has. Some terrible things came to x86 from ARM. For example, AMD PSP is just an ARM TrustZone implementation.
Offline
ToxicExMachina wrote:I would recommend to search for NXP i.MX based boards. However, in general ARM is just a pain. x86 based boards are much more "open source" than any ARM based board.
Please explain how X86 is more open source than ARM?
First of all all of boards you mentioned here are not open source boards.
ARM is almost a pure hardware RISC processor executing supplied instructions directly on its hardware at once.
But X86 is a virtual machine like a Bochs X86 VM generally run on a very high performance hardware RISC processor for which we do not have any documentation at all, look at VIA C3 as an example,
Intel and AMD are the same idea but significantly more optimized for high performance.
It's not criteria of open source. Microcode is conception from the middle of XX century.
Even modern Intel and AMD processors are "RISC" under the hood - they decompose CISC x86 instructions into RISC micro-ops, this isn't a VIA phenomenon
Everything is TOP secret about X86 CPUs actual hardware internals, its hardware implementation, its native RISC like assembly instructions, implementation of X86 virtual machine and backdoors injected into this VM yet on the factory and even BIOS initialization procedure at the very beginning of the boot time has so little documentation that only a few boards have unofficial Libreboot firmware for them from hackers who somehow reversed BIOS fragments and/or schematics and initialization sequences.
It's still doesn't mean open source.
A few more boards have been made compatible with Coreboot and the most of them are too old and most likely some docs just leaked from laboratories to help coreboot developers to reverse engineer the boards boot process (initialization of RAM modules, etc.).
And ARM initialization process is almost completely open source for some boards, though a few code is still unknown too which is executed before uboot just after getting a reset signal. Can it include some trojan running in a TrustZone isolated and undetectable from OS, may be, who knows.
It's also not open source.
Uboot needs to be customized for each board, but a few boards have it open source even officially.
For a few boards like AllWinner A20 we have all software parts open source: Uboot unlike proprietary BIOS or UEFI for X86 and even mainline Linux kernel like for X86, even open source 3D driver is being under development and already works.
In your terms,
BIOS is opensource: https://www.seabios.org/
UEFI is also opensource: https://www.tianocore.org/
And, of course, those pseudo-open-source boards aren't better than any x86 motherboard as an opensource board.
X86 looks very versatile, has outstanding performance, compatibility with huge amount of add on parts, with fully open source OSes like Linux and BSD supported forever, tens of years after hardware release, it still can run the most recent modern up to date OSes like BSD. For example the most up to date BSD 2019 at least in text mode still runs fine on 20 years old Pentium 1/2 1997 and even X works well enough if the board has enough RAM like 200-300 Mbytes.
X86 completely hides its initialization code and most likely virtualization spying invisible trojans in negative and/or zero rings of CPU booted before any OS code and fully undetectable from OS level.
The situation with ARM is much worse. However, if you consider proprietary solutions as opensource, your words has some sense.
If you want REALLY opensource board - find one with RISC-V CPU based on opensource core, and vendor must provide full docs under libre license. You can also try to flash FPGA.
P.S.
I recommend to learn terms first because your delusions leading you destructive way.
Offline
If you want REALLY opensource board - find one with RISC-V CPU based on opensource core, and vendor must provide full docs under libre license. You can also try to flash FPGA.
\o/ ย RISC-V ย \o/
And there is the J-Core Open Processor.
โโถ https://www.youtube.com/watch?v=o0milqmt4ao
โโถ http://0pf.org/j-core.html
I think we need to keep an eye on this one too...
Last edited by yeti (2019-07-18 08:57:22)
*๐๐๐๐๐๐!*
Offline
ToxicExMachina wrote:If you want REALLY opensource board - find one with RISC-V CPU based on opensource core, and vendor must provide full docs under libre license. You can also try to flash FPGA.
\o/ ย RISC-V ย \o/
And there is the J-Core Open Processor.
โโถ https://www.youtube.com/watch?v=o0milqmt4aoI think we need to keep an eye on this one too...
OpenRISC, RISC-V, old ARM versions implementation, different MIPS cores, etc. You can check some of them at opencores.org
RISC-V is promising project because large organizations decided to support it.
This core is also much more interesting than J-Core: https://github.com/riscv-boom/riscv-boom
Offline
OpenRISC, RISC-V, old ARM versions implementation, different MIPS cores, etc. You can check some of them at opencores.org
RISC-V is promising project because large organizations decided to support it.
I would be glad to try RISC-V, but where to get an affordable board?
What do you mean under old ARM version? Is Cortex A7 old enough to be secure enough?
I was looking for a board with open source boot loader when it would be difficult to inject an invisible and undetectable virtualization trojan on the factory or by a third party blobbed software which could reflash firmwares silently.
Last edited by alupoj (2019-07-18 11:14:44)
Offline
different MIPS cores
Can routers running LibreCMC be treated more secure in terms of my control over their boot loader?
Last edited by alupoj (2019-07-18 11:16:41)
Offline
BIOS is opensource: https://www.seabios.org/
UEFI is also opensource: https://www.tianocore.org/
SeaBIOS originally looks like a BIOS for virtual machine guests.
Can SeaBIOS be used directly on any physical motherboard without Coreboot hack which I already mentioned?
Is not SeaBIOS just one of many other possible payloads like GRUB or KEXEC, etc. for Coreboot/Libreboot?
Where would be SeaBIOS without Coreboot/Libreboot projects which actually are apposite of what was intended for "openness" (actually lack of openness) of X86 boot loader?
Last edited by alupoj (2019-07-18 11:23:01)
Offline
It's not criteria of open source. Microcode is conception from the middle of XX century.
I primarily was looking for an affordable board with an open source boot loader.
And preferably if its CPU would not have backdoors or at least a virtualized spying trojan.
I thought PSP is an additional processor out of user control but with complete access to user's computer including RAM. While TrustZone is just a CPU feature able to create highly isolated execution environment for some earlier loaded program (spying trojan too, but on the same CPU)?
And who knows how long ago PSP appeared in AMD CPUs? May be since Duron?
How TrustZone is related to AMD PSP?
Though according to this article, they are similar, need to read it yet.
Well, though PSP is a dedicated ARM processor, it does not make a sense to compare TrustZone itself to a dedicated spying ARM coCPU (which lets has its own TrustZone, but who cares).
Last edited by alupoj (2019-07-18 23:09:24)
Offline
x86 has own firmware standard. Initially it was BIOS. Now it's UEFI instead of BIOS. There are mostly same hotkeys, 99% same boot mechanism for motherboards from totally different vendors. At the same time every ARM board (even development boards) has own uboot fork, own bugs, own BSP kit incompatible with others, etc. There are enough powerful ARM workstations even today - see ThunderX based computers. The result is still same: proprietary platform. The only advantage is a lot of devices with ultra low power consumption. That's all ARM has. Some terrible things came to x86 from ARM. For example, AMD PSP is just an ARM TrustZone implementation.
I agree with you that X86 standard is versatile and open for vendors to produce X86 hardware, but is the most unfriendly for people who would like to write their own open source boot loader, that is what I primary meant under open source. And Olinuxino makers provide even open source schematics, do not they?
Last edited by alupoj (2019-07-18 13:02:53)
Offline