What are the pro and cons of Librebooting your BIOS?

This. It wont work almost any hardware.

Can't use any processor made after 2008. So that leaves you with celron and Pentium processors

Bacon.

>(and others)

Stop slandering Lenovo.

Con:
require a very specific hardware to work (in some cases)
hard to install (in some cases (the x60 can be instated with software only, but for the X200 you need a external flasher))
Compatibility is not 100% depending in your hardware/software choices

Pro:
Freedom
nonbotnet
no wifi card whitelist (on notebooks)
Libreboot is more flexible over the original BIOS

Con:
Need correct hardware and time to understand what you are doing

Possibility of damaging your hardware if not properly handling the procedure

The Libreboot project will stagnate as new hardware on X86 is incompatible with it

Pro:
Most importantly, a freed BIOS with blobs disabled

Faster boot time

Removal of hardware whitelists if applicable

encrypted boot

>celron and Pentium
well, there are some C2D systems supported I think

you're trading one specific set of hardware and software for another (apple/apple or thinkpad + gnu/linux)

stupid question:

Is it still possible to dual boot GNU/Linux systems with Libreboot?

Windows+(gnu/linux) will not work, but 2 GNU/Linux install on a same system will probably work

Is coreboot as good? I might do it to my x220. I heard it's technically proprietary as it's nearly impossible to libreboot systems past 2008-2009

>Windows+(gnu/linux) will not work
that's by design obviously, no clue why anyone would want Windows after installing Libreboot

>but 2 GNU/Linux install on a same system will probably work
I'm almost sure it will too. Will write up a guide once I figure out how to configure the built in GRUB for 2 OSes

>I heard it's technically proprietary as it's nearly impossible to libreboot systems past 2008-2009
that's correct

based on that fact, imo coreboot misses the point and is not worth the trouble

Also, it's more difficult to install than Libreboot

Libreboot halved the boot time on my x200. The lenovo BIOS took a long time to load, libreboot puts the GRand Universal Bootloader right on the BIOS chip.

Libreboot removes backdoors in Intel chips newer than 2009(AMD newer than 2013). The main reason to install it is to have a completely libre computer, because you can know every single line of code that executes on it.

My boss says "eufi" as well.

It is "Unified Extensible Firmware Interface".

It should pull any grub.cfg you write just fine.

>Libreboot removes backdoors in Intel chips newer than 2009(AMD newer than 2013)
pretty sure everything after 2008 is not supported

I assumed so. Just wondering if someone has done it

Yes, but for example, the Core 2 Duo in the x200 comes with Intel ME, which Libreboot removes.

Doesn't Libreboot remove the ability to access bios settings though? How do I turn on shit like waking on charger plug and fn/ctrl swap?

Certain C2D series had an option to disable Intel ME. Later than that you have no option to, IIRC.

I think he meant "older", not "newer"

yeah
>How do I turn on shit like waking on charger plug and fn/ctrl swap?
chances are you are not going to care about the extra bios features if you're installing libreboot

Also, those things can be done in a good OS so there is no need to do them at the BIOS level

Tell me how wake on charger plug can be done within the OS?

I'm talking turning on the machine

a script based on ACPI events? never done it but this doesn't seem too hard on GNU/Linux

forgot to quote

would anyone be interested in a long picture filled novice-oriented guide for hardware flashing the X200?

Yup, i got one

yea, kinda

FREE AS IN FREEDOM MOTHERFUCKER

But the OS isn't even active when the machine is powered down. How can it run such a script to detect when the charger is plugged in like the BIOS chip can?

the same way your computer knows to wake from suspend on a button press

plugging in AC is an event just like a button press

But it's not from suspend, it's from fully powered down, full shutdown, that's not an OS running state

oh, you said waking so I assumed suspend

that would require a low level implementation that's probably not worth it

Libreboot is also pointless to install if you're going to use proprietary repos imo

It really is the final evolution of freedum

just a quick thought,Sup Forums being obsessed with freedom is really reminding me of gw and the patriots,you niggers are literally memeing mgs into reality

Sup Forums is mostly Sup Forums these days anyway

The freedom to not be able to turn on your laptop by plugging in the charger

You can change some BIOS settings using nvramtool in libreboot

It is all free software, so you can program that into the rom if you want. It would take a lot of time and effort though.

you're confusing freedom with freedum

also, I doubt a Thinkpad with support for that BIOS feature supports Libreboot in the first place

>Libreboot removes backdoors in Intel chips
This is interesting, how do you remove a hardware backdoor?

my laptop doesn't do this, why is this a big deal
if you're plugging it in, what's the extra effort of pressing a button as well?

Try adding it to a non libre laptop that doesn't support it. Beyond impossible.
With this, you could do it yourself if you wanted.

My understanding is that (at least on the x200), Intel ME required software in the BIOS to work, and libreboot removed that software. ME is basically lying dormant, because it can not be used without the proprietary BIOS.

Isn't the point of a hardware backdoor that it can't be alleviated through software?

How can you utilize the hardware backdoor without software?

It's not a direct hardwire from your laptop to Intel HQ. It has to communicate the info by using routines in the BIOS. With that gone, the backdoor is unusable.

anyone have a link or atleast the name of those amd soc serverboards with coreboot or libreboot.

everything is controlled by software to some extent so it's a matter of modifying the computer at a low level to make it properly function without that software

Libreboot does this with ME for certain versions by removing it entirely from the flash memory space

Shittel noticed that this was possible and decided to sign their ME firmware after giving it the power of hardware initialization. Because newer versions of ME are signed by Intel it's impossible to have a workaround for Libreboot

>How can you utilize the hardware backdoor without software?
The microcode in the actual hardware processor, right? Isn't that the point of the ME? That when your software gets fucked, you can still do damage control?
If there's microcode in the hardware to communicate with basic networking, it doesn't need any software to talk to "Intel HQ."

>It has to communicate the info by using routines in the BIOS
I thought BIOS basically just did some basic tests and loaded shit into memory for booting an OS.

Oh okay, that makes sense.

>I thought BIOS basically just did some basic tests and loaded shit into memory for booting an OS.
Shit into memory such as ME

If the microcode communicates with the Management Engine but with no means to do so since the functionality is nixed from BIOS, then it effectively does fuck all

in short, on newer versions of ME, if the ME boot ROM doesn't detect firmware on the SPI mem with a valid intel signature it tells the computer to shut down

I'm not exactly sure what makes it hopeless to have a workaround for this situation but I am pretty sure that it has to do with the difficulty of reverse engineering a free replacement

If someone could clarify why Libreboot can't work on newer ME versions please clarify

Because as you said yourself, it looks for an Intel-signed package in SPI flash and if it doesn't find it, the machine is power cycled. Since the Libreboot project, and no one else besides Intel for that matter, has access to the private keys, no one can sign anything that could be flashed. Libreboot is dead.

AMD drivers.

but what technical detail prevents libreboot from writing a complete free replacement to the Intel ME? Why can't you just overwrite anything written by Intel into the machine and start from scratch? Is it just too great of a labor effort?

forgive my technical ignorance

There are quite a few downfalls for librebooting. Why don't you look them up like someone that doesn't need to be spoonfed by people on the internet.

Signature, even if they are able to write a fully free replacement to all components, they need to get the same key from Intel to be able to make the processor accept the replacement software. Intel will probably never release this key.

Libreboot focuses in being a free BIOs replacement but also being simple. It's only start the devices them load grub. it is possible to add these option on Libreboot yourself (probably using the base libreboot + SeaBios), but right now it is not its focus (they are trying to fix bugs and find more hardware).

Man, there are some. depends on the board, the exact chipset used... try it on hardware that others already tried or prepare for many butthurt and broken boards.

I need to build a USB debug adapter "USB EHCI debug dongle", cause my laptop isnt hacked yet. chipset unsupported and no similiar configs. Im on my own.

BUT, I wont have a whitelist for wificards ;)

You have full controll of the system with libreboot, swap scancodes or whatever? either do it in OS or write your own code. probably someone already did that

For the X200: coreboot.org/pipermail/coreboot/2015-August/080281.html

So either coreboot/libreboot and you are probably a arch or gentoo user.

Pro: removes a potential avenue of attack
Con: is itself a potential avenue of attack, barring code-review

All software is a potential point of attack.