I am curious as to if there is a point when the major OEM's simply give up providing security updates for the latest CPU issues or if they will start doing it in batches as there are just so many of them.
I hope that the security world will also test AMD_x64, POWER, RiscV, ARM and ARM64 for these issues, and that there will be security updates for those. I believe 7 years is a reasonable timeframe for CPU security updates with 10 for server CPU's and 15 for embedded - this is how long they are realistically used. While intel not providing security updates for their pre-sandy bridge server CPUs is I believe somewhat an issue it isn't as bad as they are pretty much useless due to not having a real IOMMU (Pre-sandy bridge intel IOMMU does not support Interrupt Remapping making it trivially easy to bypass and one can simply buy a D8/D16 board for a much better and more secure x86 server platform) On 05/04/2018 06:35 PM, Alessandro Selli wrote: > On Fri, 4 May 2018 at 17:29:24 -0400 > "taii...@gmx.com" <taii...@gmx.com> wrote: > >> Purism is a very dishonest company and their >> phone is yet another example of faux-freedom hardware like their >> laptops, they do absolutely nothing to address the real issues like the >> baseband problem. > Not in the least as dishonest as you are. First off, what does Purism have > to do with the thread's subject? Someone replied talking about their phones and I wanted to provide information. > Nothing at all, but you feel compelled at > disparaging them at every turn of the road. Like bashing the librem5, a > smartphone in the design stage, which hardware is not yet finalised yet you > keep stating it is not going to have a modem and WiFi unit separated from > the CPU. How do you know? Because that is a mandatory feature on any secure phone, as evidenced by many competing products such as the free replicant and the costly GSMK CryptoPhone from ESD America which is currently sold to government agencies marketed with a "Baseband Firewall" If it had that they would mention it as it is a core feature. > How could one accept your Talos' obsessive advertizing I have a lot of free time with nothing better to do than to provide free information and help people get the best stuff for their money as others did for me - I don't get paid for anything as not everyone is a paid shill. By those same standards I also work for lenovo, asus (my also "obsessive advertising" of the last and best x86 choices) and several arms of the federal government (my telling people they should take amtrak as it is much nicer than the bus and of course my defense of the CIA's spying programs) > when you proved yourself over and over a compulsive liar and an emotionally > driven idiot? Do us and yourself a big favour, please shut your mouth up. I am providing information about the best current options and I will continue to do so until I am banned. All my facts are cited and anyone can look them up. I am only one person who is going up against companies with million dollar marketing departments and I don't see why people like you and so many others are so intent on shutting down protest and constructive criticis. On 05/04/2018 05:52 PM, Daniel Abrecht wrote: > On 2018-05-04 20:03, Rick Moen wrote: > >> Librem 5 phone coming next year for me. > > Ah, Librem. Let's see: > > https://web.archive.org/web/20161010040458/https://blogs.coreboot.org/ > blog/2015/02/23/the-truth-about-purism-why-librem-is-not-the-same-as-lib > re/ > > > https://web.archive.org/web/20161010100959/https://blogs.coreboot.org/bl > og/2015/08/09/the-truth-about-purism-behind-the-coreboot-scenes/ > > > Internet Archive links because someone (guess who?) raised a stink, > > and Alex Gagniuc's comments were then taken down. > > I've ordered a librem 5 phone too. I'm really annoyed by the very few > people that go to great lengths just to badmouth those who give their > best to make products as good, libre, and user respecting as possible > for them, just over some minor details. The thing is that they are not doing their best and the problems are not minor details. My issue with purism isn't their selling products not 100% free it is their dishonest marketing that equates a computer with an entirely blobbed hardware initiation process to be "running libre open source firmware" "all chips hand selected to protect your privacy and freedom" and implying endorsement from the FSF and RMS which is very dishonest. There are various other companies selling actually libre hardware and its not as though it is impossible to do, purism could have released an owner controlled FT3 platform laptop which despite claims to the contrary is only slightly slower than their devices, was faster than the first two they released and already had a functional coreboot port that is mostly free. > There is no such thing as aperfect system after all There are various other brand new owner controlled systems out there which have entirely open source firmware. Right now I am playing the DRM free Witcher 3 at max settings on my blob free KGPE-D16 while hosting various servers at the same time managed by OpenBMC, how is that not perfect? I have feature parity with a non-free system and I still receive security updates. We must not accept half baked products as "the best we can get" - better is always possible. > and there are a lot of companies that are actually evil, to which > raising awareness would help much more than > complaining about those that do make a step in the right direction. > > Also, as far as I know, there is no other phone which: > * Doesn't use gralloc and allows me to install any normal linux > distro I want, not just ones for phones > * Does care at all about privacy, for example by including physical > kill switches > * Provides development kits & documentation > > I can't speak for other people, but I prefer to do have a somewhat > good and libre phone that I can control over no phone or phones I > can't use the way I want them to. I would instead suggest a Galaxy S3 running the blob-free replicant, it has libre baseband firmware which is very important moreso than simply being able to install any linux distro with binary blobbed firmware. The "purists" have again refused to accept input from the community and have either a platform with an IOMMU or one that has libre baseband firmware, without one or the other their phone is just security theater. Hardware kill switches are pointless with an un-accountable blobbed baseband firmware which can easily be recording your location, audio, etc without you knowing and storing it for later transmission. I have no issue with purism selling what they are selling, my problem has and will continue to be only with their dishonest marketing.
0xDF372A17.asc
Description: application/pgp-keys
_______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng