SoylentNews is people
SoylentNews
How better to work on Open Source projects than to use a Libre computing device? But that's a hard goal to accomplish. If you're using a desktop computer, Libre software is easily achievable, though keeping your entire software stack free of closed source binary blobs might require a little extra work. But if you want a laptop, your options are few indeed. Lucky for us, there may be another device in the mix soon, because [Lukas Hartmann] has just about finalized the MNT Reform.
Since we started eagerly watching the Reform a couple years ago the hardware world has kept turning, and the Reform has improved accordingly. The i.MX6 series CPU is looking a little peaky now that it's approaching end of life, and the device has switched to a considerably more capable – but no less free – i.MX8M paired with 4 GB of DDR4 on a SODIMM-shaped System-On-Module. This particular SOM is notable because the manufacturer freely provides the module schematics, making it easy to upgrade or replace in the future. The screen has been bumped up to a 12.5″ 1080p panel and steps have been taken to make sure it can be driven without blobs in the graphics pipeline.
What has Soylentils' experience with open hardware been?
(Score: 3, Interesting) by DannyB on Wednesday January 22 2020, @03:39PM (4 children)
Secure boot. Only signed firmware, then bootloader can run. End user can control certificates used for verification.
Ability to have a firmware password required in order to boot. (Independent of any drive unlock password in the OS.)
Ability to lock out firmware changes without credentials / certificate. The point here is to guarantee that the machine is bricked if you want it bricked.
A USB kill-cord. If disconnected, (1) all sessions are logged out, and (2) OS is shut down. Item 1 is intended to ensure that nobody can get logged back in without credentials. Item 2 is to ensure that nobody can get the OS booted back up (presuming drive is encrypted and a different drive unlock password is needed). Enough failed attempts to unlock the drive should scramble critical parts of the drive (partition tables, key areas of filesystems, etc) so that even if drive could be decrypted it is useless. The previous two paragraphs ensure that nobody can install another OS, making the device useless.
One may argue that the device still was stolen, which was an economic loss. One very important way to prevent future thefts is if there is no economic value in stealing a laptop. Current laptops which still have economic value after theft are to blame for why laptops are valuable to steal. Think car radios that have little economic value once stolen. Or think prey animal that is poisonous. If you are poisonous doesn't prevent YOU from getting eaten, unfortunately. But does have a gradual effect on future predators who will stop eating poisonous laptops.
The lower I set my standards the more accomplishments I have.
(Score: 0) by Anonymous Coward on Wednesday January 22 2020, @04:18PM (1 child)
I presume this is your general security wishlist and not related to the hardware described in TFA?
(Score: 2) by DannyB on Wednesday January 22 2020, @07:36PM
Yes. Everyone wishes they could enter three passwords to start working.
1. firmware / bios
2. os disk unlocking / decrypting
3. login
Now if you can think of a way that more passwords might be needed, I'm listening.
The lower I set my standards the more accomplishments I have.
(Score: 1, Interesting) by Anonymous Coward on Wednesday January 22 2020, @06:56PM (1 child)
Even a bricked laptop has plenty of economic value to make it worth stealing. RAM, drives, screen, heck even ribbon cables, chassis and buttons. See what happens with smartphones, a quick check on ebay for "bad IMEI" or "locked" will show tons of results for any model imaginable. All bricking does is add to "e-waste".
(Score: 2) by DannyB on Wednesday January 22 2020, @07:34PM
So you're saying we need thermite, or something much worser?
The lower I set my standards the more accomplishments I have.