this post was submitted on 04 Nov 2023
305 points (97.8% liked)

Linux

48039 readers
776 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

You can run a free OS pretty effortless, but when wanting 100% free software, you have to dig deeper and replace the proprietary BIOS firmware.

top 50 comments
sorted by: hot top controversial new old
[–] alt@lemmy.ml 67 points 1 year ago (3 children)

Besides the already mentioned Star Labs and System76, there's also Insurgo, Nitropad and NovaCustom.

As for an exhaustive list on the matter, unfortunately, I don't think something like that is out there. Though both Canoeboot (formerly known as Libreboot) and Dasharo do have their own respective lists.

[–] gears@sh.itjust.works 16 points 1 year ago (2 children)

Canoeboot is more of a sister to libreboot than a replacement

https://libreboot.org/news/canoeboot.html

[–] MonkderZweite@feddit.ch 12 points 1 year ago

Canoeboot is engineered to a high standard, basing off of each Libreboot release, but you should still use Libreboot. Canoeboot is only a proof of concept.

https://libreboot.org/news/policy.html

[–] alt@lemmy.ml 4 points 1 year ago

Thanks for the correction!

[–] scytale@lemm.ee 7 points 1 year ago

The starlabs one is actually pretty interesting. Too bad the keyboard is not included in the price and costs extra.

[–] Pantherina@feddit.de 3 points 1 year ago* (last edited 1 year ago) (1 children)

I just got myself a Clevo NV41MZ, supported by Dasharo! Lets see if this machine would like to boot my damn usb sticks XD

[–] alt@lemmy.ml 3 points 1 year ago* (last edited 1 year ago) (1 children)

Hehe :P , consider to keep us updated on how it goes ;) !

Clevo MZ41

Would that be the Clevo model that NovaCustom's NV41 Series is 'based' on?

[–] Pantherina@feddit.de 3 points 1 year ago* (last edited 1 year ago) (9 children)

Yes, model names, its a NV41MZ. Very rare to find actually and an older model than novacustoms.

So far, the build quality... they saved on material. Keyboard and chassis are very cheap. I wish I could swap in my Thinkpad keyboard, would probably be possible.

load more comments (9 replies)
[–] pastermil@sh.itjust.works 28 points 1 year ago (3 children)

Just get a 20 or 30 series Thinkpad that has no nvidia GPU, and flash coreboot on it.

No, you cannot get 100% free firmware these days, but you can get something close this way.

[–] TheyCallMeHacked@discuss.tchncs.de 11 points 1 year ago (1 children)

I mean... Depends what you mean by 100% free firmware... If you mean only the boot firmware, that's the case for PCs like the ThinkPads T400, T500, R500, W500, X200, as well as the Dell Latitude E6400. Note Libreboot even recommends the latter for new full libre buys, as it can be software-flashed without disassembly.

But if you mean 100% free including EC firmware, wireless firmware, and disk firmware, then this will probably never happen, or at least not until a very very long time.

[–] pastermil@sh.itjust.works 6 points 1 year ago

What I'm trying to say is that it's an uphill battle, arguably pointless too.

Before going with the current 30 series, I was using X200 and X60. They're both good machines, don't get me wrong. However, their age shows when trying to do modern tasks, even something as simple as web browsing.

The X60 doesn't even have the hardware acceleration capability for my usual KDE setup. By the way, you'd be stuck with DDR2.

The X200 is much more capable than X60, but try to browse most modern sites and you'll feel the machine getting hot. You could turn off javascript, but then you'll be missing quite a bit of functionalities. I definitely wouldn't run VSCodium on it for work. I'm currently using this one as a testbed for distrohopping.

To me, the 30 series is a sweet spot. The Ivy bridge is not too old for demanding computations of modern days. If you opt for the highest tier i7, you could beat a lot of the average ones from the following generations. If you don't get the processor you want, you can always replace it since it's socketed, at least for my W530, which should apply for T430 &T530 (not X230).

You might want to ask yourself: what are you trying to achieve, and more importantly, how can you measure what you've actually achieved? No, blindly following online articles is not a good measurement.

I found out later on that I had no way of actually verifying anything with libreboot. The build system is a pain in the neck to follow thru. I then tried doing it with coreboot upstream, and my experience building with it was much better. Even with it, I wouldn't have the chance to look thru every line of code, I still need to just "trust" somebody.

You can definitely play around, but if that's all you do, you'd be asking yourself why you did all that when you get bored.

[–] possiblylinux127@lemmy.zip 3 points 1 year ago

You can indeed get free firmware, it just is on older devices

[–] cloud@lazysoci.al 2 points 1 year ago (1 children)

yes you can, read other comments

load more comments (1 replies)
[–] AnUnusualRelic@lemmy.world 20 points 1 year ago (2 children)

The disks still have proprietary firmware, as do several other components though.

[–] Catsrules@lemmy.ml 13 points 1 year ago (1 children)

I bet that wireless mouse probably has some code in it.

[–] nxdefiant@startrek.website 25 points 1 year ago* (last edited 1 year ago)

If you're using an active thunderbolt cable, you wire has proprietary code in it.

[–] smileyhead@discuss.tchncs.de 3 points 1 year ago

But it's a closed device with the firmware not being for user to replace.

While BIOS can be updated without opening the computer. Or many WiFi cards require you to load a firmware on them upon boot.

So firmware in the disk is more of a right-to-repair problem rather than free/nonfree software

[–] Jumuta@sh.itjust.works 17 points 1 year ago* (last edited 1 year ago)

https://libreboot.org/docs/hardware/

also iirc starbook/system76 also does coreboot support

[–] 0x4E4F@infosec.pub 14 points 1 year ago* (last edited 1 year ago) (1 children)

ThinkPads have some sort of an open source replacement I think...

[–] generic@iusearchlinux.fyi 14 points 1 year ago

Some ThinkPads. I have coreboot on my T430, but I don't think my X270 can run it.

[–] fireshell@lemmy.world 13 points 1 year ago (2 children)

Lenovo G505S 16gb RAM - no (the A10-5750M processor has neither Intel ME nor AMD PSP), software probes - too, if instead of the closed UEFI from the manufacturer you install the open source BIOS coreboot+SeaBIOS: it will contain only a few small closed binaries , they were all dismantled and no backdoors were found. Someone made a script in which by rolling back 1% of the last commits (made after deleting the G505S) you can return AMD boards to coreboot - https://review.coreboot.org/c/coreboot/+/76832. You can install the AR9462 module, whose ath9k family WiFi is 100% open source.

[–] kugmo@sh.itjust.works 2 points 1 year ago (1 children)

nice i'll have to try this out, what hardware did you use to flash it?

[–] fireshell@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

Try to build Coreboot on Lenovo G505S using the restore_agesa.sh script in conjunction with the csb_patcher script, which applies a group of unofficial patches for AMD platforms

[–] lemann@lemmy.one 2 points 1 year ago

Saving this, thanks for sharing!

[–] MonkderZweite@feddit.ch 13 points 1 year ago
[–] MartinXYZ@lemmy.ml 12 points 1 year ago* (last edited 1 year ago) (1 children)

Is the deer the Libreboot logo? Mine has a rabbit (Coreboot). I flashed Coreboot on my old Chromebook a couple of years ago and it's been running different flavours of linux since without any fuss.

[–] MazonnaCara89@lemmy.ml 9 points 1 year ago

Yes the deer is the Libreboot logo

[–] CCF_100@sh.itjust.works 10 points 1 year ago (1 children)

What laptop is that? That dock looks so cool...

[–] this_1_is_mine@lemmy.ml 12 points 1 year ago

That's a x200 lenovo thinkpad.

[–] Smokeydope@lemmy.world 10 points 1 year ago (2 children)

If you want a for-real free device your bes bet is a RISC-V Single Board Computer. RISC-V is open architecture meaning no hardware level spyware built Into Intel's chips.

Chris over at explaining computers managed to get kdenlive to render a video with one and some other cool stuff, you should check it out

[–] vrighter@discuss.tchncs.de 17 points 1 year ago (1 children)

yeah, no you have a misconception of what risc-v is.

Risc-v is an isa not a chip. the isa is open, available to anyone.

Implementations of risc-v (actual working designs) are usually not open. They are just guaranteed to be able to execute risc-v instructions.

So risc-v is neither more nor less vulnerable to hardware backdoors than any other architecture

[–] Smokeydope@lemmy.world 4 points 1 year ago

Thanks for the clarification!

[–] PipedLinkBot@feddit.rocks 2 points 1 year ago

Here is an alternative Piped link(s):

check it out

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[–] lemann@lemmy.one 9 points 1 year ago

Check out Pine64, however they only develop Arm and RISC-V devices, not x86.

[–] turkelton@lemmy.world 5 points 1 year ago

X200 Libre ftw

[–] FQQD@feddit.de 5 points 1 year ago (3 children)

honestly.. why? i really get why open source software is great, but there's no benefit in replacing the bios, right?

[–] alt@lemmy.ml 24 points 1 year ago* (last edited 1 year ago) (2 children)

Star Labs' take on the matter.

Furthermore, if one is sensitive regarding their cybersecurity, then one is likely to adhere to the zero trust security model and thus choose to simply not trust; which would include the closed source BIOS. coreboot, on the other hand, at least allows one to audit it themselves. As Linus Torvalds has been approached for implementing backdoors, it should surprise nobody that (some) of the vendors we buy our devices from have been as well and thus our BIOSes might not have been as safe as one would like to believe. Qubes OS, the most secure OS on desktop, shares the view that coreboot is preferred over closed source BIOSes due to reasons related to trust.

load more comments (2 replies)
[–] thantik@lemmy.world 10 points 1 year ago

There can be. There are certainly Bios' that don't give options that motherboards are perfectly capable of changing. I had an old Phenom II that I managed to patch NVME support into the bios so I could boot off of a PCIe Riser.

Granted, I was patching UEFI stuff and none of it was open source -- but the idea is the same. Open source bios in theory, could unlock features.

load more comments (1 replies)
[–] xia@lemmy.sdf.org 3 points 1 year ago

System76, starlabs, protectli, raptor computing...

load more comments
view more: next ›