Hello. Lots of cool hardware news that folks are bringing to the list, but I'm afraid I have a few bits of hardware paranoia to bring to the party. It's this gift I have.
First, since there have been cases of hardware shipping with "phone home" and physical tracking programs hidden in the BIOS or otherwise concealed, shouldn't we be concerned about being able to audit the entire system, starting with hardware? It probably wouldn't be too early to start up a list of "trusted vendors", if such an audit could be accomplished. I mean, most of the computer hardware that I'm aware of is made in China these days, and they might not be so friendly towards the FrBx project. Certain companies also might have an interest in tracking capabilities. How many of us really, truly KNOW what is in the hardware? If we don't, it should be on our list of things to learn, or at least to learn to test for. It also occurs to me that a very small tracking chip (RFID) might be added at any point between manufacture and delivery, and some of those are very tiny, nearly invisible. The problem is that ten seconds in the microwave probably wouldn't do the Freedom Box a world of good, either. Again, is there any Q&D way to test for RFIDs? -And how do you remove them intact so you can feed them to various rodents? -"The dissidents are hiding in the sewers!!!" Of course, this also leads to the question of what might be in firmware, or software. I read somebody's opinion here that Open BSD might be a better OS choice, as it was audited. I don't know what that might mean in relation to an OS, but if it means to check that it is the OS and nothing else but, then that would be a plus. Also, it seems that we should definitely narrow the FrBx hardware down to one, or very few, platform(s). This would make the software easier to maintain, and thus to keep rock-solid stability. More importantly, it would make the hardware audits that I'm talking about MUCH easier. IMO, if a company fails us on the "don't be evil" front, they should be off the "trusted provider" list for permanent. But then I'm a bit of a hard-ass when it comes to trusting giant multinationals. I know there's a roadmap for the software. Maybe we need a check-list for the hardware, as well. I promise I'll try to post something more upbeat and happy about hardware and UX, soon. Just not tonight. _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
