Comment NZFM Re: A step backwards

Story

Taurinus X200 laptop now FSF-certified to respect your freedom

Preview

A step backwards (Score: 1)

by evilviper@pipedot.org on 2015-09-29 22:07 (#NZ6D)

Removing/disabling existing out-of-band management strikes me as a distinct step BACKWARDS. OoBM is extremely useful and convenient (and uncommon in consumer hardware). It's unfortunate that manufacturers don't put a high priority on the security of their OoBM firmware, so I understand the reason for the removal... but I'd still call it on-par with protecting your computer by completely disconnecting it from all networks. It'll be secure that way, but...

Re: A step backwards (Score: 2, Insightful)

by pete@pipedot.org on 2015-09-30 00:05 (#NZE7)

I think the overriding factor is that its all currently closed source, with chunks being supplied by 3rd party developers. If the laptop does well, maybe it will help nudge these companies to developing an open-source equivalent to protect their market share; better yet, the community creates a solution themselves

Re: A step backwards (Score: 2, Interesting)

by evilviper@pipedot.org on 2015-09-30 00:34 (#NZFM)

I think the overriding factor is that its all currently closed source, with chunks being supplied by 3rd party developers
A server BMC is really just an low-resource embedded ARM based computer, mounted on the motherboard. Obviously that's something pretty easy for a Linux image to do. In fact I distinctly remember reading about some group working on writing just such an open source BMC firmware, but I can't motivate myself to go try and look it up again.

You can't just replace any BMC firmware with your own image, as they are cryptographically signed like the rest of the server firmware, but if you're working with the OEM, there's no reason you couldn't have an open source BMC image, and maybe work around the need for signing by only allowing updates via a boot-time BIOS prompt, a physical jumper, or similar physical access requirement that wouldn't work as well with (remote) servers.

Moderation

Time Reason Points Voter
2015-09-30 23:38 Interesting +1 pete@pipedot.org

Junk Status

Not marked as junk