/hrt/ - Hardware Removal-of-botnet Thread

GIMP is fun edition
Last thread Findings so far
SBCs:
Beagle and some allwinners are free except for GPU accel
fsf.org/resources/hw/single-board-computers
LowRISC is an upcoming SOC running on RISC-V
lowrisc.org/
There's also SiFive, which is another RISC-V SOC
sifive.com/products/freedom/

Desktops: For x86 theres lots of C2Ds and atoms here, but there's also very nice opterons and an iMac
libreboot.org/docs/hardware/#desktops-amd-intel-x86
libreboot.org/docs/hardware/#serversworkstations-amd-x86
As an OpenPOWER option, there's TALOS II. It might get RYF, but it's quite expensive.
raptorcs.com/TALOSII/
PowerMac G5: OpenFirmware, powerpc architecture, Up to 2.7 GHz, up to 16GB DDR2 RAM.
Lemote is a chink company that sells MIPS-based computers with the libre PMON firmware.
lemote.com/html/product/

Laptops: For x86, you have the usual librebooted memepads
libreboot.org/docs/hardware/#laptops-intel-x86
Purism isn't libre, and may be bullshit artists according to this board, but they seem to have a roadmap that leads to Libreboot
puri.sm/learn/freedom-roadmap/
Here is a project for a Libre PowerPC laptop, shooting for RYF certification.
powerpc-notebook.org/faq/
2005 Powerbooks: OpenFirmware, powerpc architecture. Be warned: only 2GB of DDR2 ram max!
ARM Chromebooks. Open it up, unscrew a screw, flash coreboot internally, install loonix of choice.

Other urls found in this thread:

nxp.com/products/microcontrollers-and-processors/applications-processors/qoriq-platforms/t-series/qoriq-t2080-and-t2081-multicore-communications-processors:T2080
puri.sm/posts/purism-librem-laptops-completely-disable-intel-management-engine/
en.wikipedia.org/wiki/Freedreno#ARM
en.wikipedia.org/wiki/Open_Firmware
thenextweb.com/security/2017/11/09/researchers-find-almost-every-computer-intel-skylake-cpu-can-owned-via-usb/?amp=1
chromium.org/chromium-os/chromiumos-design-docs/disk-format
libreboot.org/docs/hardware/#desktops-amd-intel-x86
libreboot.org/docs/hardware/#serversworkstations-amd-x86
libreboot.org/docs/hardware/#laptops-intel-x86
puri.sm/learn/freedom-roadmap/
en.wikipedia.org/wiki/Free_and_open-source_graphics_device_driver#ARM
raptorcs.com/TALOSII/
powerpc-notebook.org/faq/
lemote.com/html/product/
sifive.com/products/freedom/
lowrisc.org/
kmandla.wordpress.com/
inconsolation.wordpress.com
github.com/altreact/archbk/issues/3
raspberrypi.org/blog/a-birthday-present-from-broadcom/
libreboot.org/faq.html#amd
twitter.com/NSFWRedditImage

to richfags here : just put all your money on purism if you want 100% libre and affordable x86 modern laptop to become a reality one day

Yeah they do seem to be actively attempting to debotnet modern hardware. That's why they're still in the list even though they haven't yet achieved it.

They should build MIPS based laptops.

I think their idea is to provide the familiar, Intel x86-based hardware that everyone's used to, but trying to make it into something libre.

That said, x86 as a whole might be a lost cause at this point. Other architectures are good to consider.

Thanks to this user for confirmation on Lemote.

Seriously though, why hasn't Sup Forums made their own laptop yet? Like a true successor to the thinkpads of old, built around a POWER9 or RISC-V. I mean fuck, how hard could it be? I imagine the only difficult part would be designing the motherboard, but then again I'm a fucking retard. Any EE fags willing to chip in?

Sup Forums is still trying to make a browser and a loonix distro.

So for that currently unnamed powerpc notebook project, I went ahead and found the processors they are considering.
nxp.com/products/microcontrollers-and-processors/applications-processors/qoriq-platforms/t-series/qoriq-t2080-and-t2081-multicore-communications-processors:T2080
Their site said T208X, so it's going to use one of these two.

Bump

Retard here. How ME firmware located on BIOS chip is related with ME co-processor on CPU die? Is disabling ME on BIOS with me_cleaner sufficient to block co-processor activity?

>hrt

>bloat getting so bad that my pre-botnet x86 PC is starting to struggle

What PC is that? You can get up to C2D for Intel.

A refurbished business model I got for $50 with a monitor a few years ago, it has a C2D but the motherboard shits its pants if you put more (or less, oddly) than 3GB of memory in it.

That's a bit odd. If you're thinking about replacing it, you can check out the desktops section in the OP. I just added 2 more to it based on researching suggestions from the last thread.

I'm going to be getting a laptop soon as I got a promotion that will mean work on the move, so when I get that I'm going to try LibreBoot-ing it, since it could just be some corporate anti-tamper bullshit.

How much of your computing tasks could be done on a microcontroller or over text-based networking? If you could do your botnet stuff on your botnet phone then a mcu could handle other stuff like printing and editing text documents and other simple stuff. The biggest reason for obsolescence in the the past decade is due to fucking atrocious web design, followed by "muh games". I have an old optiplex 745 that works fine with an ssd.

>how much could be done with low power hardware
>botnet stuff on separate device
I'm not an expert on microcontrollers, but these are some very interesting concepts. I personally do not own any of this libre hardware yet, although It will most definitely be a part of my next computer purchase. To try to answer your question about how much can be done with low resources, I have a virtual machine debian in virtualbox, which I gave like 1 or 2 cores, maybe 2-4 gigs of RAM, etc, and with a setup using a tiling window manager called bspwm, here are some results. keep in mind that this is actually with a screen resolution being outputed to 2560x1600:
200-250MB or so with only terminals, running htop, vim, and an upgrade in apt-get.
300-450MB when I add LibreOffice in to the mix, playing a 4-slide slideshow with overly-complicated transitions.
800MB-1GB when running Palememe browser with 2 imageboards open and a third tab playing a jewtube video (england is my city).

Based on this, admittedly somewhat unscientific, test, It would seem that the resource usage of a lot of this stuff is not very high. Granted this does not speak of what the actual experience would be on the real deal hardware, but It might give an idea.

as far as that idea having a device for stuff that unfortunately still needs botnet, and having your personal activities on a separate device, that is actually what I want to do. Buy one of these things we've been talking about, use it as a personal machine, and then keep a botnet device around solely to be used for work/school.

>using SJW Trannyboot

FUCKING CUKZ

I have a lenovo n22 as my "botnet device" and it is great for that. Thinking of flashing it and sticking galliumos on it, but I like containing all of the botnet on a single machine and being a """""good goy""""". Might get a Hifive1 and see what sort of things I can make it work with. There are a few arduino OSes and there are also RTOS options. I think a lot of people need to remember that they vote with their money, whether they like it or not.

Thankfully, for those who refuse trannyboot due to its creator, There are alternative options in the OP. Most of these are alternative architectures as well, which means they dodge the Intel ME shit altogether.

Nice! That sounds like a good plan. Be a good goy on your good goy machine, and have your libre machine for general use. For an SOC, I'm personally hoping the LowRISC succeeds.

Openfirmware isn't open retard, it's just an "open" IEEE specification with a closed-source implementation in ppc macs

Can anyone confirm? If this is 100% legit, I'll remove the ppc macs in the next thread

>he doesn't wear programming socks

puri.sm/posts/purism-librem-laptops-completely-disable-intel-management-engine/

Is Purism finally completely libre now? Wasn't this the only thing holding them back?

Arm chipsets:

1. Qualcomms w/ Adreno (Freedreno) are open.
2. Freescale i.MX6 w/ Vivante (Etnaviv) are open.
3. Marvell with Vivante (Etnaviv)

Broacom/Marvell are other options but the GPU is always a issue.

Avoid Mali GPUs like the plague. Lima is basically abandonded and only working on the 4xx series.

>x86

Nah.

>fell for the meme
>crossdressed as maid
>actually really enjoyed it
>constantly on the verge of hanging myself thinking about it
what has this board done to me

Ah so this clears up the GPU situation for ARM. I haven't researched it yet, but if some of these GPUs are used on Chromebooks, those might be the ideal ones to use. An user from another thread said he was able to make XFCE work smoothly without the Mali on Arch Linux on his Samsung chromebook plus, but obviously having the GPU is preferred.

Forgot to add VC4(videocore) is Broadcoms.

Freedreno and Etnaviv have had more progress though arguably.

Avoid MALI(ARM) and IT(PowerVR)

More information for various SoC GPUs
en.wikipedia.org/wiki/Freedreno#ARM

Don't forget, you're here forever

NICE!!! Enjoy it, user! True freedom awaits!

There's definately these SoCs within other devices like phones and routers and smart devices like televisions and set top boxes.

A nexus 6 for example which uses Snapdragon + Adreno (Qualcomm) can be 100% foss firmware top to bottom.
With something like Lineage on top of the firmware you will have a perfect software stack.

The GPU is the biggest issue generally.
Even today Mali 4xx series are still being used which are pre 2012 chips.

It's because ARM holdings themselves designs them.

en.wikipedia.org/wiki/Open_Firmware

Duh.

i want this so bad to do raytracing, but i'm too much of a poorfag to actually afford it
my best bet is bitcoin profits to make it affordable

Obviously the baseband radio would still be non foss but you could ditch the SIM card and flash u-boot and TWRP and use it as a WIFI phone with Whisper/Wire.

Forgive my babbyness, but what's the different between libreboot and GRUB

libreboot replaces the BIOS/UEFI that initialized your hardware.

Grub is a bootloader which is a second stage program.(loaded after freeboot/bios/uefi) this is what initializes the linux kernel and builds a temporary filesystem till the kernel is fully loaded and it hands the permissions off to the userspace and kernel

libreboot and coreboot still require a second stage loader ie the payload to initialize the kernel itself

grub can be used as a payload for example or Seabios

libreboot is bios-level replacement firmware, grub is a bootloader

>NICE!!! Enjoy it, user! True freedom awaits!

Will do! I'll probably run a bunch of VMs 24/7 to host shell accounts and SFTP for Sup Forums

The raptor engineering guys are badass dudes.
They are responsible for a majority of the work in Libreboot.

(the main dev of libreboot tried to not pay raptor for their contracting work and play it off as their own work)

this is what that huge contrversy was about not too long ago.
Since then the backlash helped them out and they were reimbursed.

It personally upset me though because it prevented them from launching their OpenPower systems but I'm glad to see that they are doing much better now.

Thanks for supporting the engineers who care deeply about freedom and privacy!

i would appreciate if you could test openmpt in wine in qemu-x86 user mode
music is the only thing that keeps me sane

Thinking of rewriting/reformatting the list to be subdivided by CPU architecture rather than by form factor, due to various little nuances about each one such as those ARM drivers.

Sigh... I remember the time when Intel had to bow down on all fours for putting unique ids in their pentiums and remove them asap and now this shit happens and no one seems to care...

We care.
We just don't have any clout.
The people that might be able to do something as the mobo manufacturers.

If not the government then I don't know who. They should be especially interested in this topic.

Done. I've remade the list with subdivisions for architecture. Sections for x86, ARM, POWER9, PowerPC, MIPS, and RISC-V.

Does Arduino have hardware botnet?

I wonder how hard it would be to port an open source implementation. It's a shame Intel had to fuck us with UEFI, with Open Firmware expansion cards can carry platform-independent drivers.

who here is yet to order their Hi-Five board yet?

bump

I could use text-mode for pretty much everything. I already have workspaces with vim on one, mocp on one, mc on one, and alpine on one. All I use graphics for is Firefox really.

God damn you Sup Forums

>thenextweb.com/security/2017/11/09/researchers-find-almost-every-computer-intel-skylake-cpu-can-owned-via-usb/?amp=1

This. I actually seek out ways to perform typical graphical tasks with a text-mode interface. There is certainly the benefit of low resource requirements to use, although a big part of it for me is portability, as these programs could be used on any system, whether it's Linux, BSD, some other thing, whether it has X installed or not, pretty much regardless of resources, etc.

I WANT TO GET OFF MR. INTEL'S WILD RIDE

It also gets you out of the rat-race, being a good goy who buys brand new hardware every single OS release cycle.

Exactly. It also increases the usability of some of these alternative architecture options. The PowerPC notebook project, as i've said, I've found the CPU it uses. It's clockspeed is 1.8GHz. Not the worst thing in the world, but far from what is typical for x86. However, honestly, using GNU/Linux or *BSD would make it very easy to work with this, and have a smooth experience.

Windows is bloated as fuck

GUIs in general are getting horribly bloated. If you have a Pi laying around try the latest release of RISC-OS and you'll be stunned at what you can get done with limited hardware if the limit is set it stone.

I think another culprit is browsers. From my little experiment up here , the system used very little with just the terminals and only a little bit more with LibreOffice (although granted, I did have a lot of wacky 3d transitions playing there. Document editing uses even less than listed).

But throw a browser in there with a couple tabs, and it jumps up a lot!

this is why i want netsurf to be developed more, since it's designed to run on everything

Parted can't remove or format the internal partition on my librebooted chromebook c201. It has some sort of special secure partition layout. I have arch installed on a microsd but it runs like garbage.

Is there any way around this? -

Protective master boot record
The master boot record is the first sector on the hard drive (LBA 0). As mentioned above, legacy BIOSes will boot from this sector.

To protect the GUID partitions on the drive from legacy OSes, the MBR partition table normally contains a single partition entry of type 0xEE, filling the entire drive.

chromium.org/chromium-os/chromiumos-design-docs/disk-format

wow that looks pretty interesting! Will check it out.

it can't? that's concerning, as I thought reflashing the coreboot/libreboot with a different payload would fix the problem. Some other anons claimed that this worked for them.

Anyone know of a workaround, or clarification of the process for replacing ChromeOS?

Every time I try to use NetSurf the font spacing always fucks up.

>oh no we just found that this backdoor installed on every modern pc with intel can be use by someone else than NSA

Just wait until there's some python script that skids can use.

Here's the updated list. Categorized by architecture. Still seeking clarification on ARM chromebooks, as this user Seems to be running into an issue.

Findings so far
x86:
For desktops, there's lots of C2Ds and atoms listed, but also some very nice opterons and apparently an iMac
libreboot.org/docs/hardware/#desktops-amd-intel-x86
libreboot.org/docs/hardware/#serversworkstations-amd-x86
For Laptops, you have the CD and C2D memepads
libreboot.org/docs/hardware/#laptops-intel-x86
Purism doesn't do libreboot, but their roadmap includes this as a future goal.
puri.sm/learn/freedom-roadmap/

ARM:
Obviously there's a shit ton of SBCs
For a laptop option with an open firmware, try ARM Chromebooks.
I'm dead serious. Open it up, unscrew the write protection screw, reflash coreboot, install loonix of choice.
In general, your biggest concern with ARM is the GPU drivers.
Mali is fucked. Don't use it. PowerVR too. Vivante GC, Qualcomm Ardreno, and Broadcom VideoCore are fine.
en.wikipedia.org/wiki/Free_and_open-source_graphics_device_driver#ARM
Some anons have reported that lighter environments like XFCE are usable on stuff like Mali, but it's not ideal.

OpenPOWER:
Raptor Engineering sells POWER9 workstations, that may soon be getting RYF certification.
They're expensive as fuck, but probably the most powerful non-botnet computers out there.
raptorcs.com/TALOSII/

PowerPC:
Here is a project for a Libre PowerPC laptop, shooting for RYF certification.
powerpc-notebook.org/faq/

MIPS:
Lemote is a chink company that sells libre MIPS boards, using PMON firmware.
lemote.com/html/product/

RISC-V:
Only SBCs here. SiFive has some.
sifive.com/products/freedom/
There's also LowRISC
lowrisc.org/

kmandla.wordpress.com/
inconsolation.wordpress.com

Two good blogs about command-line software. Get a little more out of the limited hardware.

C201 guy here, going to try some of this malarkey to install to the internal drive later on

github.com/altreact/archbk/issues/3

It's well worth persisting with the C201 as librebooting it is very easy and its battery life is around 15 hours.

>15 hours
DAMN! That's nuts. Hopefully there can be a clear idea of what must be done to re-coreboot/libreboot a chromebook. That way it can be incorporated into the ARM section. There are so many ARM chromebooks out there, so if there can be a definite method to this, that opens up a lot of stuff.

bump

The Creator Ci20 is a MIPS SBC that can be run with only free software. The Wi-Fi and Bluetooth radio require a non-free driver along with the GPU but if you're using it headless over Ethernet you're good. They have a Debian image they certified for FSF approval too. I'm pretty sure the Ci40 can run with only free software as well.

*submitted for FSF approval

>Wifi, Bluetooth, and GPU ALL need nonfree software
I'm not so sure on that one...

If you want to use them, it's not like you need the firmware installed for the CPU to work.

Why even fucking bother using parts that only have nonfree blob drivers available?

That's my point, you don't have to use them.

I think what was saying is why bother using this SBC if most of it is blob city.

I might put it into the list, simply because we don't have a MIPS SBC yet, but it will be with with a major warning about the wifi, bluetooth, and GPU.

Yes, and also frustration at manufacturers, especially ones who claim to support free software and the like but then put in components with no free drivers available. If I didn't care about freedom then I'd buy an x86-based device, because it would be cheaper, faster, and better-supported. Not a slow, expensive ARM/MIPS/whatever device.

What OS can I put on my powerbook G4 without having to burn a CD?

Yeah it's like
>"We support free software"
>uses powerVR GPU
I'm actually a bit more lenient when it comes to non-x86 architectures, because the biggest threat to privacy, the ME/PSP, does not exist there. However, when just about everything on your chip is nonfree aside from the processor, that is a bit too far for me. Even the Pi, which previously wasn't so good in this regard, actually opened up the GPU driver.
raspberrypi.org/blog/a-birthday-present-from-broadcom/

Not really sure what you mean. Doesn't it have USB ports? You could try making a live usb and booting/installing from that.

As for what OS, I would think you'd need to use something using a lightweight environment such as XFCE, LXDE, or LXQT. Main reason being that 2GB max ram.

I don't understand why manufacturers don't open-source the specs for things low-end GPUs. You get free support and maintenance for it forever if the driver gets into the Linux kernel. Free software advocates will buy your device in preference to those of competitors who only release blobs. Probably no competing company cares about how the OS interacts with your low-end device. It's not like you're trying to keep your latest top-end cutting edge tech secret.

I meant it should have a USB installer. OpenBSD requires a CD to install. You can not boot the OpenBSD installer from USB on PPC.

All major GNU+Linux dropped PPC support

By specs I mean things like documentation for writing drivers. A free driver would be nice too.

If a nonfree driver exists then the source for it already exists, it's just being withheld for no good reason.

r8

How is it?
Is an A64 actually usable?

Luke Smith's latest video did make me think about a "laptop body" standard, then SOCs can be plugged in and replaced at the owner's whim/requirement.

if you don't browse any website with more than 20 lines of us, it's pretty good. I use it for development, basic text work, seeing photos that I take when on trips etc. Basically it has become my travel laptop. I use it since July and I'm happy with it.

only thing is, browsing the Internet is a pain in the ass. Everything else is fine

I'm running Debian btw

Have you tried something like Midori? Maybe links2 graphical mode, or even CLI elinks?

I haven't. I wanted to try qutebrowser because that's what I use on OpenBSD but there is no A64 port.

The mainstream browsers Firefox and Chrome are both unusable.

Probably should do a writeup exploring AMD alternatives for the x86 category.

libreboot.org/faq.html#amd
>it is our opinion that all performant x86 hardware newer than the AMD Family 15h CPUs (on AMD’s side) [...] is defective by design and cannot safely be used to store, transmit, or process sensitive data.
>Libreboot has support for fam15h AMD hardware (~2012 gen) [...]

According to Wikipedia:
"K15 and older" pre-2012 includes Stars (K10: Thuban, Deneb, Heka, Callisto), Bulldozer (K15: Bulldozer, Piledriver), Bobcat (K14: Desna, Ontario, Zacate, C-series, E-series, G-series, Z-series), and earlier APU's (K10/K15: Llano, Trinity).

Newer AMD parts (K16 Jaguars: Kabini, Temash; K17 Zen, Epyc) may be controlled by the AMD Platform Security Processor ("PSP") and should be considered unsafe. I've never heard of the Jags being subverted, but Libreboot seems pretty insistent on drawing the line to exclude K16.

Unknowns aka post-2012 K10s and K15s: Steamroller, Excavator, Richland, Kaveri, Carrizo/Carrizo-L, Godavari, Bristol Ridge, Raven Ridge, Stoney Ridge. These are suspect.

Somebody double-check me?

My god I want one so bad. Good for you man.

I know Links2 -g (graphical mode) let's you post on text boards. You could also check out Dillo.

Qupzilla/Falkon. GIve it a shot.

I've already included links to the librebootable x86 boards, which includes some AMD stuff such as the D-16 from ASUS.

Is this trying to pin down the exact, precise line where the PSP started? Your first part from Libreboot says it supports 'fam15h', and your second thing from wikipedia says K15 and older, with the possible exception of certain later ones that are K15. So I guess that means what we kinda knew all this time. AMD is fine up to like 2013, then after that it's compromised.

On the subject of "I've never heard of the Jags being subverted", Libreboot is like a SUPER free software type of thing. Whether the PSP has been exploited by hackers yet or not, the fact that it is closed-source is enough for Libreboot to consider it a threat.

Do you know if there's been any news on the newer ARM Chromebooks (the RK3399 ones)? There's the Samsung Chromebook Plus and the ASUS Flip C101, not sure if there are any others yet.

For libreboot? Not really. I took a quick peek at their notabug once, and I saw something where they were maybe gonna add Core2Quad support, but I haven't heard much about any of the new ARM stuff from them. Chromebooks by default already have Coreboot, although you would have to reflash to get payloads such as SeaBIOS, etc.

I've seen at least 2 anons confirm you can do this, although there has been one that claimed to have issues removing the chromeOS partition for some reason.

>Is this trying to pin down the exact, precise line where the PSP started?
Yeah, more or less. I had looked into building the most performant PSP-less AMD box I could after news of the Intel ME became widespread early in the year. I understood Libreboot's "all newer than Family 15h is pozzed" to mean that K15-and-lower is safe. Libreboot's "support for up to ~2012 hardware" might just be K15-and-lower, 2013+ parts are safe but they haven't gotten it working yet--I get that. Personally I've seen no indicators either way, so until then I'll put it under the "suspect" column. Rather safe than sorry, you know?

Jags, being Family 16h and 2013+, seems come down on the bad side of the equation. But again, I personally haven't heard whether these are safe or dangerous. This might be another case where they haven't gotten to it yet and K16 is a good boy.

Sounds like a better structured post.

Hope to be a Christmas present for myself.

RISC-V support will be baked in 4.15 kernel so it should just be in time.

If you want a libreboot AMD computer, the best one I think is that Asus KGPE-D16 server/workstation board. Opteron 6200 processors, and ram can be anywhere from the usual 16 gigs or so to a max of 256GB (more than you'll probably ever need).

It's here: Good to know.

It's a Forth environment and you can just boot into it (command-option-o-f) and look at / edit any of the words. Everything can be examined, so while it might not be 'open source' it's all laid bare before you if you can into Forth.