gnu-linux-libre
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNU-linux-libre] PureOS non-free repo


From: Denis 'GNUtoo' Carikli
Subject: Re: [GNU-linux-libre] PureOS non-free repo
Date: Mon, 22 Jan 2018 13:43:11 +0100

On Sat, 20 Jan 2018 06:34:21 +0100
Jean Louis <address@hidden> wrote:
> Free GNU operating system can be free on one
> domain while other domain selling laptops
> requiring some proprietary software.
> 
> Then again, such laptop sales shall not be
> promoted as having operating system endorsed by
> FSF if such is not fully free.
I don't see the issue here. Shipping Trisquel or PureOS on laptops is
good. However Trisquel or PureOS should not promote non-free software.
Being able to run an FSDG (Free Software Distribution Guidelines)
compliant distribution is not enough for freedom though, but there a
certification for full systems: The RYF (Respect Your Freedom)
certification. See fsf.org/ryf for more details.

> That is proprietary software within the CPU.
That proprietary software runs on a separate processor, and unlike the
BIOS/UEFI, it is not run by the main CPU.
When you buy a "discrete Intel CPU", nowadays, it also contains a GPU,
and also the management engine processor. They are all in the same
physical chip, but the management engine processor runs its own OS
and tries to prevent the main CPU from taking control of it.

> it further means that majority of Intel run computers are
> running non-free software on the CPU itself.
Not on the main CPU.

> The question is does the update of the Intel
> Management Engine constitute part of the operating
> system or not?
No, it's not. The flash chip that holds the BIOS/UEFI is partitioned
and has a partition for the management engine, and a partition for the
BIOS/UEFI.

> If such update is distributed by the operating
> system, then is the distribution free?
I guess that they do not distribute "BIOS updates" that as part of the
operating system, but if they did, they would need to remove it to keep
being FSDG compliant.

> Even those computers using Libreboot are still
> using the Intel Management Engine.
Not all are. The Thinkpad X200 has a management engine but it is
deactivated by removing the code it's supposed to load.

> That is different branch of the fight for privacy. Best
> would be replacing Intel with free CPU. But does
> it exist?
Computers that works with only free software would be enough, with the
additional requirement of having also free software microcode.
Free systems can work without shipping or using non-free microcode
updates, but then years later issues you end up with issues like
Spectre and Meltdown that you cannot fix.
See this link for more details:
https://libreplanet.org/wiki/Group:Hardware/ReverseEngineering#CPU_Microcode

> Intel processors already contain inside Intel
> Management Engine, isn't that modified MINIX
> inside?
[...]
> It means there is no current solution to have Intel
> Management Engine as free software,
[...]

See my article about the management engine here for more details:
https://www.fsf.org/blogs/sysadmin/the-management-engine-an-attack-on-computer-users-freedom

Denis.

Attachment: pgpudbGnleFe7.pgp
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]