Hello,
Next week is T-dose, a FOSS-event in Eindhoven, the Netherlands. I will have a stand with laptops and other devices. I can show Libreboot and coreboot. I also have phones with Replicant. I also have a Lime2, an alternative for the Raspberry Pi and Chromebooks with Linux.
When there are people who like to see it, Kevin Keijzer will show at Saturday afternoon how to flash a Thinkpad with Libreboot. That's not very easy, because you have to put a clamp on the bios-chip and flash it from another device.
Maybe I will show Intel AMT. That's a dangerous feature in Intel CPU's. You can completely control a machine with it, bypassing the operating system. Even when the machine is "off".
With regards, Paul van der Vlis.
Hi Paul,
Am 2015-11-22 15:22, schrieb Paul van der Vlis:
Maybe I will show Intel AMT. That's a dangerous feature in Intel CPU's. You can completely control a machine with it, bypassing the operating system. Even when the machine is "off".
Great show! There is nothing you can do against that one, right (short from buying hardware not featuring it)?
Best wishes Michael
Op 23-11-15 om 10:47 schreef mkesper:
Hi Paul,
Am 2015-11-22 15:22, schrieb Paul van der Vlis:
Maybe I will show Intel AMT. That's a dangerous feature in Intel CPU's. You can completely control a machine with it, bypassing the operating system. Even when the machine is "off".
Great show! There is nothing you can do against that one, right
On some older machines it's possible, e.g. by using libreboot. But in newer machines it's in the processor itself.
It's not sure you can turn the “provisioning” mechanisms really off. There are mechanisms to configure devices from remote.
And there are public bugs in it, see e.g. this: https://support.lenovo.com/us/en/product_security/len_3556
(short from buying hardware not featuring it)?
How do you know for sure the hardware does not feature it? I do not trust Intel processors anymore.
And I've heard AMD is also working on something like this (but maybe better). Some names: SIMFIRE, DASH, DMTF.
But I also think this is unacceptable for many organisations, so maybe it will open eyes for the dangers of closed hardware. In hardware you can do everything what you can do in software.
With regards, Paul van der Vlis.
Paul,
I'm very interested, as I've now mostly consumed the resulting freedom from the consumers side: Chromebook actually flashed by Kevin, and a Lime2 at the office running Domotiga home automation software.
Still planning for flashing LibreCMC in the future though (any change for that topic?). Also I'd like to get a more practical insight in the Intel shackles and back-doors.
Regards, Nico
On zo, 2015-11-22 at 15:22 +0100, Paul van der Vlis wrote:
Hello,
Next week is T-dose, a FOSS-event in Eindhoven, the Netherlands. I will have a stand with laptops and other devices. I can show Libreboot and coreboot. I also have phones with Replicant. I also have a Lime2, an alternative for the Raspberry Pi and Chromebooks with Linux.
When there are people who like to see it, Kevin Keijzer will show at Saturday afternoon how to flash a Thinkpad with Libreboot. That's not very easy, because you have to put a clamp on the bios-chip and flash it from another device.
Maybe I will show Intel AMT. That's a dangerous feature in Intel CPU's. You can completely control a machine with it, bypassing the operating system. Even when the machine is "off".
With regards, Paul van der Vlis.
Op 25-11-15 om 21:07 schreef Nico Rikken:
Still planning for flashing LibreCMC in the future though (any change for that topic?).
I would like to have something like that myself too, but not sure I have the time for it in the near future.
A problem is that I have many whishes, my router now does also the telephony, is a DECT access point, has a telephone book what I can access from my phones, and does logging of my phonecalls. And I need a DSL modem and VLAN tagging to get access to my ISP.
Another point is the "routerdwang". In the Netherlands you get "for free" a router with modem from your ISP. So people who would buy such a device have to pay double. Because of that, not many people will buy such a device, what makes it expensive.
But you are right, I would really like such a device.
With regards, Paul van der Vlis.
* Paul van der Vlis paul@vandervlis.nl [2015-11-25 22:32:21 +0100]:
Another point is the "routerdwang". In the Netherlands you get "for free" a router with modem from your ISP. So people who would buy such a device have to pay double. Because of that, not many people will buy such a device, what makes it expensive.
But you are allowed to use your own router instead, right?
Regards, Matthias
I know XS4ALL, a Dutch ISP, is quite liberal about this, giving configuration instructions:
https://www.xs4all.nl/service/diensten/internet/installeren/modem-instellen/...
I'm not familiar with the policies of other ISPs.
On do, 2015-11-26 at 09:29 +0100, Matthias Kirschner wrote:
- Paul van der Vlis paul@vandervlis.nl [2015-11-25 22:32:21 +0100]:
Another point is the "routerdwang". In the Netherlands you get "for free" a router with modem from your ISP. So people who would buy such a device have to pay double. Because of that, not many people will buy such a device, what makes it expensive.
But you are allowed to use your own router instead, right?
Regards, Matthias
Op 26-11-15 om 09:29 schreef Matthias Kirschner:
- Paul van der Vlis paul@vandervlis.nl [2015-11-25 22:32:21 +0100]:
Another point is the "routerdwang". In the Netherlands you get "for free" a router with modem from your ISP. So people who would buy such a device have to pay double. Because of that, not many people will buy such a device, what makes it expensive.
But you are allowed to use your own router instead, right?
Regards, Matthias
I am not a lawyer, but my ISP [1] de facto seems to forbid me [2]. So I didn't buy a free, second, router, altough I would, if it were legal.
Best regards,
Op 26-11-15 om 09:29 schreef Matthias Kirschner:
- Paul van der Vlis paul@vandervlis.nl [2015-11-25 22:32:21 +0100]:
Another point is the "routerdwang". In the Netherlands you get "for free" a router with modem from your ISP. So people who would buy such a device have to pay double. Because of that, not many people will buy such a device, what makes it expensive.
But you are allowed to use your own router instead, right?
Regards, Matthias
I contacted XS4ALL and it's legal to use your own router :-)
Best regards,
* André Ockers ao@fsfe.org [2015-11-27 09:16:36 +0100]:
Op 26-11-15 om 09:29 schreef Matthias Kirschner:
- Paul van der Vlis paul@vandervlis.nl [2015-11-25 22:32:21 +0100]:
Another point is the "routerdwang". In the Netherlands you get "for free" a router with modem from your ISP. So people who would buy such a device have to pay double. Because of that, not many people will buy such a device, what makes it expensive.
But you are allowed to use your own router instead, right?
Regards, Matthias
I contacted XS4ALL and it's legal to use your own router :-)
That's good. Thank you for checking. Matthias
Op 26-11-15 om 09:29 schreef Matthias Kirschner:
- Paul van der Vlis paul@vandervlis.nl [2015-11-25 22:32:21 +0100]:
Another point is the "routerdwang". In the Netherlands you get "for free" a router with modem from your ISP. So people who would buy such a device have to pay double. Because of that, not many people will buy such a device, what makes it expensive.
But you are allowed to use your own router instead, right?
Yes, it's allowed at my ISP (XS4all), and I know it's allowed at KPN too. Not sure about other providers.
So I have to pay for a non-free router in the monthly fees for DSL, but if I want I can use another one.
With regards, Paul van der Vlis.