Story 2015-09-29 NZ56 Taurinus X200 laptop now FSF-certified to respect your freedom

Taurinus X200 laptop now FSF-certified to respect your freedom

by
in hardware on (#NZ56)
story imageThe Free Software Foundation (FSF) has awarded its Respects Your Freedom (RYF) certification to the Taurinus X200 laptop sold by Libiquity. The RYF certification mark means that the product meets the FSF's standards in regard to users' freedom, control over the product, and privacy. The Taurinus X200 comes with Libreboot firmware and the FSF-endorsed Trisquel GNU/Linux operating system. Importantly, Intel's Management Engine (ME) firmware with its applications like AMT (remote out-of-band management/backdoor system, part of "vPro") and PAVP (audio/video DRM) have been removed from this laptop. The laptop ships within the USA and may be purchased from the Libiquity Store.
Reply 10 comments

A step backwards (Score: 1)

by evilviper@pipedot.org on 2015-09-29 22:07 (#NZ6D)

Removing/disabling existing out-of-band management strikes me as a distinct step BACKWARDS. OoBM is extremely useful and convenient (and uncommon in consumer hardware). It's unfortunate that manufacturers don't put a high priority on the security of their OoBM firmware, so I understand the reason for the removal... but I'd still call it on-par with protecting your computer by completely disconnecting it from all networks. It'll be secure that way, but...

Re: A step backwards (Score: 2, Insightful)

by pete@pipedot.org on 2015-09-30 00:05 (#NZE7)

I think the overriding factor is that its all currently closed source, with chunks being supplied by 3rd party developers. If the laptop does well, maybe it will help nudge these companies to developing an open-source equivalent to protect their market share; better yet, the community creates a solution themselves

Re: A step backwards (Score: 2, Interesting)

by evilviper@pipedot.org on 2015-09-30 00:34 (#NZFM)

I think the overriding factor is that its all currently closed source, with chunks being supplied by 3rd party developers
A server BMC is really just an low-resource embedded ARM based computer, mounted on the motherboard. Obviously that's something pretty easy for a Linux image to do. In fact I distinctly remember reading about some group working on writing just such an open source BMC firmware, but I can't motivate myself to go try and look it up again.

You can't just replace any BMC firmware with your own image, as they are cryptographically signed like the rest of the server firmware, but if you're working with the OEM, there's no reason you couldn't have an open source BMC image, and maybe work around the need for signing by only allowing updates via a boot-time BIOS prompt, a physical jumper, or similar physical access requirement that wouldn't work as well with (remote) servers.

Looks... normal (Score: 2, Informative)

by wootery@pipedot.org on 2015-09-29 22:20 (#NZ77)

I was expecting to see some exotic hardware, but no. Intel CPU, Intel graphics, the usual suspects produce the other components.

Stallman uses a Lemote Yeelong, which is a very obscure MIPS-powered netbook which supports 100% FOSS all the way down.

Re: Looks... normal (Score: 2, Informative)

by pehjota@pipedot.org on 2015-09-30 00:37 (#NZG7)

He now uses a Lenovo ThinkPad X60 on which the FSF installed libreboot and Trisquel.

Re: Looks... normal (Score: 2, Informative)

by evilviper@pipedot.org on 2015-09-30 00:42 (#NZGS)

Stallman uses a Lemote Yeelong,
From your link: "Saturday January 23, 2010."

I would think it safe to assume he has upgraded to something more modern in the intervening 5.7 years span...

Yup, he sure has... Upgraded at least to a Thinkpad X60 from these guys since then.

Re: Looks... normal (Score: 0)

by Anonymous Coward on 2015-09-30 10:01 (#P0MJ)

Lenovo? Really? Would never trust Lenovo again. Ever. Not even their hardware.

Re: Looks... normal (Score: 1, Informative)

by Anonymous Coward on 2015-10-01 21:16 (#P6DG)

You realize this machine is a modified Lenovo too, right? In fact all the RYF laptops are. Even though they've been doing some bad stuff recently, everyone else is still worse. Sad as that is.

Re: Looks... normal (Score: 3, Funny)

by Anonymous Coward on 2015-09-30 10:06 (#P0MX)

It's okay. Intel has never spied on their customers. Ever. Those stories about backdoors and phoning home are completely false. There is no "second operating system" in the hardware hidden from users, capable of being hacked into, capable of taking control of the primary OS. Complete and utter lies. Trust us. - NSA

Re: Looks... normal (Score: 1)

by wootery@pipedot.org on 2015-09-30 19:59 (#P2JD)

Oh good.

You can always trust the reassuring words of the NSA relayed by an AC.