starkwether

  • Posts

    6
  • Joined

  • Last visited

starkwether's Achievements

  1. Yup. There's always going to be a sacrifice to some extent I reckon. I would correct myself here, actually a formal definition of open hardware exists. Also the Free Software Foundation has a ton of resources on open hardware as well a a certification they bestow on products they free respect your freedom. However- That little silk-screened open hardware gear logo isn't a get out of jail free card per se: I think the takeaway is that open hardware does not automatically mean backdoor-free hardware; but because absolute security in computation is impossible you have to decide how far you are willing to go. If you're concerned, get to know your hardware/firmware and you can make an informed decision. Otherwise there may be a risk of getting ambushed by things similar to Active Management Technology... worst case scenario, admittedly. For the really cautious, non-branch prediction ARM (check Spectre/Meltdown vulnerablity per CPU) on open hardware boards running blob-less GNU/Linux is pretty great security for the price at the time of this post. RISC V is likely better but likely a year or so off. /soapbox Side note: Rowhammer is also pretty nasty if you haven't heard Thanks you guys again for all the knowledge; rather than prattle on here I'll go check out Open Cores. I really don't expect to build a working X86 desktop from a grid of programmable gates but dang that sounds cool, and certainly a learning experience.
  2. Right you are, I neglected to notice that many of the original designers of RISC V are founders of SiFive. Looks like the age of RISC V Linux is upon us, as of this week in fact. Too bad it's not at a very accessible price but I'd guess being the first to fabricate a small batch of novel single board computers isn't cheap. Exciting stuff. So for whatever reason implementing an open source CPU on an FPGA never occurred to me. That is really, really cool. This thread sure has evolved off topic, but: I'm wondering how usable a soft-core CPU would be on an FPGA. I've no illusions that it could compete watt for watt with an ASIC (not the point in this case IMHO) but could you actually get a basic desktop GUI with USB and Ethernet and all of the basics? I kind of want to try regardless, just to learn. However (tin-foil on, shiny side out ) hardware rootkits have in fact been found in FPGAs (PDF). If you're like me, you're going to insist on open hardware and software for FPGA development. That really only leaves a few choices for platforms, namely the ICE40 family which can be programmed using a fully open toolchain called Icestorm. How much of the hardware and firmware of ICE40s is open? I don't know. Can anyone weigh in on that? Looks like Olimex has some ICE40 boards plus peripherals. What would be nifty is to use one of their other open hardware boards as a programmer. How would one estimate the requirements needed to burn an Open RISC or RISC V cpu to ICE40? Is it just a matter of having enough logic cells?
  3. Actually we should be able to get our hands dirty on RISC V stuff very soon, check this out: there is a 32bit Arduino compatible RISC V board available now called the HiFive1. But even more exciting to me is that same manufacturer should be releasing a single board quad core RISC V (youtube) the first quarter of this year. This chip is 1.5 GHz, allegedly equivalent to the A35 so desktop Linux would certainly be do-able. Someone will correct me here but it looks like these chips from SiFive are fully open hardware? Again, that can be a slippery definition. And of course there will always be issues similar to BROM. I have read just yesterday about how processors require an auxiliary program in order to prepare for restart; I incorrectly assumed that when restarting a computer system everything just "reboots somehow" but it turns out all the registers etc in a CPU need to be set to a state where a restart can happen from first. Point is, something has to do that of course, and surprise, it's design is opaque. I would guess ARM has this? I'm not losing sleep over that, it's just interesting though. There also seems to be a lot of talk of RISC V being intrinsically faster per watt than other instruction sets but honestly I don't know enough to tell if this is just manufacturer hype or not... Yeah, good point. The truth is that there's just a lot of boards to research! And I want one that has solid support from Armbian as it's my favorite distro (best compromise of usability, stability and security IMHO) and I lack the skills to develop new stuff for unsupported boards. I'm really trying to learn more so I can contribute. Too bad Novena uses the A9 Sorry for the wall of text, hopefully that's useful info and not just speculation haha
  4. Ahh hahaha, nope, I'm new to ARM but still had no illusions that it was magically free of propriety. That's why I'm asking you guys and gals; this is what I want to hear about. Check out what LIbreboot is working on with ASUS ARM based Chromebooks. Maybe a Libreboot payload could be developed and delivered to BROM? No idea. Also I know 3D acceleration is impossible without proprietary drivers but what about 2D/CLI Lima? I'm not currently running 3D. Yup, Trust Zone/Secure World and DRAM stuff are a problem. No ideas there. Yes, hard drive firmware malware does exist, no seriously, you're totally correct about that. Don't leave home without one! I know, I know all this stuff is extreme and absolute security is entirely fallacious. I'm not trying to preach any ideology either. I'm just personally concerned about Intel's Active Management Technology and AMD Platform Security Processor as well as the general trend toward lower and lower level malware. Call me paranoid but a totally "free" computational platform is a just a warped interest of mine and I'm looking to get my hands dirty before EOMA 68 comes out... though EOMA would have similar issues with Trusted World, DRAM init, etc, huh? Anyway an actually free computer seems a way off yet. Maybe RISC V is our best shot? I must disagree about Spectre and Meltdown though. That's not tin hat status haha; it's a big deal not to be vulnerable to those and ARM has not listed the A7 or A53 as vulnerable so that's cool. Thanks for the info!
  5. Excellent, thank you chrisf. Clearly I was misunderstanding Device Tree. Cool. I will look up and read licensing next time too, but thanks for the info on iozone as well. Part of the difficulty is defining "free"....
  6. Hello- I'm looking to marry free and open (as possible) software and hardware into one inexpensive system. I'm in over my head so apologies in advance if I'm asking silly stuff. I did check the basics on here and have been lurking. At any rate I've been messing around with the Lime 2 and haven't had much luck getting Parabola to boot into LXDE... or any GUI at all actually. I thought I'd try Armbian as the Debian Kernel has been blob-less for a while now. I really, really like it so far. I am using Mainline, just want to make sure I'm running all free software if possible. I have checked for non-free stuff via: dpkg-query -W -f='${Section}\t${Package}\n' | grep ^non-free and aptitude search '~i ?section(non-free)' I found a single non-free package, iozone (if I'm remembering right?) and removed that guy as it's for monitoring and (hopefully? lol) non-essential. My question is: am I good now or am I overlooking stuff? Debian won't deliberately install non-free packages unless you explicitly make it, correct? I have been reading up on device tree as it's supposedly been loaded as a blob on bootup. Is this in fact a proprietary binary? What else do I need to read up on? I'm looking to upgrade to a CubieTruck; I want to stick with A20 because as far as I've read it's not vulnerable to Spectre or Meltdown. Thanks much.