They require the BIOS / core boot firmware to be open but allow closed peripheral firmware and CPU microcode.
This is a natural allowance as otherwise no modern computer would ever be certifiable, but it's interesting in that it doesn't require the firmware for wired-in peripherals like webcams or wireless chipsets to be open.
WiFi firmware can in theory allow passive monitoring and forwarding of data. This is because the WiFi card is a small self-contained embedded system.
The CPU microcode (and arguably architecture) is more difficult to modify but it's possible that the microcode for an AES round opcode could be intentionally flawed. Enough press is around not to have to explain this.
USB is the one I find interesting. Anything (webcam/keyboard/mouse) could arbitrarily register itself as an HID device and inject data into your OS.
The whole systems architecture is a mess.
I'm not suggesting we go back to discrete wire-wrapped PDP11's but something needs to be done by putting security and privacy first. That means starting again as where we are isn't good.
I do agree that it probably shouldn't be allowable; even minor pieces like webcam firmware have proven very important (see the Apple webcam firmware with no light story from a few days ago).
Plus without the requirement to release firmware for co-processors, some full machines with the potential for DMA and all sorts of nefarious concepts can exist that nobody even notices (SMC, WiFi, Bluetooth, "fan managers" and so on).
With that being said no modern CPU vendor would even think about open-sourcing their CPU microcode especially, so the FSF are stuck between a rock and a hard place. With a true "every single thing open" requirement in place, the only general purpose PC made in the last ten years or so that could hope to come close to passing would be a Chinese MIPS laptop.
Can I get a link to that webcam firmware story? I read a little bit about it, but I was looking for a more technical look into why it would be possible to enable a camera with no LED.
I always thought the sensor power was connected also to the LED, to prevent exactly that type of hackery.
I don't consider a computer properly open unless (if I had the available fab tech) I could replicate every part by spec and program everything with blueprints and documentation without breaking any bullcrap trademark or patent without just reproducing the parts verbatim (IE, using novel circuit printing, re-implement the hardware of the computer itself with no barriers and complete information, I am lenient on having short-term no direct replication proceedings, though I think those are still dumb).
The fact that seems so impossible I believe is one of the reasons our IP and information sharing ideologies are so completely fucked right now.
> WiFi firmware can in theory allow passive monitoring and forwarding of data. This is because the WiFi card is a small self-contained embedded system.
On the other hand, it would typically be detectable and would generally fail to work without significant intervention from the software on the computer. The same goes with the webcam. Theoretically, it could keep its activity LED shut down and snoop you without you knowing it, but how is it going to send data over to No Such Agency?
This is probably not sufficient for high-security matters, of course, but it is IMO good enough to ensure the privacy of a user who doesn't do anything illegal. Working past the security you get simply from running open-source software (at least as far as the peripherals are concerned) is expensive, risky and potentially intrusive enough that it isn't worth doing unless you're trying to tap into a drug dealer's computer. In which case yes, you should be thinking about something else.
> I'm not suggesting we go back to discrete wire-wrapped PDP11's but something needs to be done by putting security and privacy first. That means starting again as where we are isn't good.
More vitality in the open hardware movement would be great. This isn't meant as a way of criticizing its members; if asshole engineers like me would do something about it instead of blabbing on HN, things would probably be better.
I'm not sure it would require 'intervention from the software on the computer', by which I think you mean, the software running on the CPU. For instance it does not seem beyond the realm of possibility that firmware in your webcam could communicate over the PCI bus with firmware in your ethernet card to transmit video.
Note also that while the software running on your CPU might be beyond reproach (you carefully read every javascript file before you execute it right?), the microcode running on your cpu can do just about anything.
> For instance it does not seem beyond the realm of possibility that firmware in your webcam could communicate over the PCI bus with firmware in your ethernet card to transmit video.
IMHO, it does. The PCI bus isn't something that gets shared on a whim. The functionality you need for this would have to be built in the BIOS.
> ...but it's possible that the microcode for an AES round opcode could be intentionally flawed
I guess that you mean that it'd still give correct output, but somehow leak the key (incorrect output seems simple to detect, unless it happens for a very small set of keys, and then it seems mostly useless).
I wonder: what ways of leaking the key off the machine would you expect? I (but I'm probably not devious enough) don't see ones that aren't overly complex and don't require additional compromised peripherals. Do you?
Timing. Perhaps a malicious microcode could introduce key-dependent delays into AES encryption/decryption? That's a pretty long shot, though; given my understanding of modern CPUs it's unlikely to be possible.
Another hypothetical attack: the AES instructions could be modified to store plain text and/or keys in cache, with a specific set of innocuous opcodes and register values triggering a readout of the data. This would allow one VM on a physical server to steal keys or data from another VM on the same server.
It seems unlikely, though, due to the probability that an adversary that controls both CPU microcode and VM placement probably has access to the hypervisor.
They're selling an ancient laptop at a premium because they installed Coreboot. They haven't addressed any of the problems with proprietary firmwares or backdoored chips.
RMS has been recommending the Loongson Lemote for a long time, which would seem to be a much better choice. The Lemote's firmware and hardware is essentially all open source, including its MIPS CPU.
Extremely difficult to get a Lemote, though. I guess there's somewhere in the Netherlands that has them in stock. Shame the battery only lasts a couple hours.
$500 for the 10' model, which gets 1.5 hours out of the battery. This is laughable.
When these were first announced, I wanted one badly. A cheap, MIPS-based laptop? Yes please. But you couldn't get one for a long time, and queries to the Chinese company were never answered. Now you can get one, but they're now out of date and too expensive.
Not related to the laptop: I like the retailer's site [1]. It's simple and clean. But most importantly there are no 3rd party trackers, and they have chosen not to use Google's surveillance code (Analytics) and instead they use Piwik analytics - which is probably hosted on a server that they control.
Do these laptops have hardware on/off switches for the webcam and the microphone? If they don't, are there any such laptops? I couldn't find a modern and powerful full HD laptop which has no integrated mic and webcam (which I don't need).
That would be an excellent feature and years ago I had a laptop that had a simple plastic sliding piece that would cover the camera lens. Later versions eliminated this piece (it probably broke off too frequently).
I have taped a piece of aluminum foil over every webcam on my laptops/iMac with a large piece of packing tape (making it possible to pull it aside when I do rather frequent video conferences).
I get dismissed as paranoid (or the next question that's asked is "what do you do in front of your computer!"). What they don't understand is that years ago I wrote software for a building access kiosk that involved a one-way video chat, followed with a photograph taken of the visitor. I used an open source library for interacting with the camera. When video was running, the light was on. I had the worst time getting the camera to take a picture, but after a bit of tinkering (read: shooting bullets randomly), I had it working. It was my coworker that noticed the light didn't come on when the picture was being taken. I had done something wrong (so wrong that every few pictures, the camera would stop working and wouldn't recover until the entire machine was rebooted). Though I've been writing software professionally for twenty years or so, I had never wrote code to interact with a web cam and yet had somehow managed to stumble upon this entirely by accident. It gave me the willies, so from that point forward, I covered my cameras with a bit of ugly aluminum foil.
I've never really worried about the microphone, but it would be nice to have some kind of hardware control to disable devices that can be used to record in that manner.
I've recently run into one where it's possible to make Android devices recognize the faces of people in front of the device via the front facing camera with no sign of this to the user. Someone has to actually start an app (which needs camera access) and it is possible for it to be killed, but I too did this entirely by accident and would now be super wary about it.
A few months ago I added a little tiny square of electrical tape over the front-facing camera in my phone. I never have a reason to take pictures of myself, so I'd rather that camera not exist at all.
You're most certainly not paranoid. Three-letter agencies have malware in the wild that can operate a webcam without turning on a light. It's probably well-targeted at specific people, but you can't know whether you're a target (until it's too late, anyway).
I've never seen a laptop with either of those. Many webcams do have the activity light controlled in hardware, such that it isn't possible to record without a clear indicator. I haven't seen a microphone killswitch, though; most microphone mute buttons are software-based.
If you're that concerned and trust your software stack that little, it wouldn't be that hard to open up the system and physically disconnect the internal microphone, such that you can only use a 3.5mm or Bluetooth microphone. But if you trust your software stack that little, you have bigger problems. Efforts like the one in this article are a good step towards not having to worry about that kind of problem.
However, you can disconnect the hardware pretty easy. I've done this on my T400. Took about 5 mins with a Swiss army knife screwdriver (all you need to service a ThinkPad!).
My alienware has a keyboard+Fn key for disabling the camera which is technically not hardware - but it seems to be handled in the bios.
When I use this under linux, it reports an unrecognized keycode; but at the same time the USB device reports as if disconnected, which I can see in dmesg. Close enough for me.
You can certainly delete the webcam from T-series Thinkpads, which also have hardware switches for the wireless network. No ability to delete the microphone, alas.
It's a nice gesture, but I fear they've missed their target market. Most of the people who care about free software are programmers, and programmers need things this laptop doesn't have, namely modern specs and a great screen. Cheap is nice for toys, but not for the computer you use every day to do your job and entertain yourself. This simply isn't a good enough laptop to do everything you'll want to do with it, which means you won't use it all the time, which means your freedom and privacy are compromised.
Give me a laptop that can actually replace my MBP, instead of merely sit on the shelf while I watch movies and surf the web, and we'll talk.
>Most of the people who care about free software are programmers, and programmers need things this laptop doesn't have...
The hardware is a bit antiquated, yes, but it's a step in the right direction. There are a good amount of programmers who care about freedom that are using Lemote laptops as their primary computers. So, I think that the Thinkpad X60s is certainly an improvement from a more practical standpoint.
>Give me a laptop...
If you really want freedom, you'll work for it and sacrifice some convenience instead of waiting around for someone to do all of the work for you.
Personally, I made a bit of a compromise and use a Thinkpad X220 with a hacked version of the proprietary BIOS so that I could replace the wireless chip with a free software friendly one.
The BIOS includes a whitelist for which PCIe cards can be put it in the slot that the wireless chip is in. Intel wireless chips require nonfree firmware to be loaded into them in order to function. I replaced this with an Atheros chip that does not have this problem. In order for the chip to not be rejected, I had to flash a hacked BIOS that removed the whitelist.
At least some laptop BIOSes have a whitelist (or was it a blacklist?) of approved wireless chips. So to choose your own, you'd have to get around that.
I'm one of the programmers to whom this laptop is just perfect. Common hardware that's well supported on almost any platform, good reliability, excellent keyboard and, IIRC, a clit mouse, which I would prefer over the fanciest of touchpads. And not just because it superficially looks like a clit.
Most of my work revolves around programming devices with no more than a couple of megabytes of RAM, most often with no more than a couple of kilobytes. A MBP is far, far more powerful than what I need.
Their page says you can get a US keyboard layout but I can't figure out how to order one like that. I could live with the UK layout if it weren't for that key in between the Z and left-shift.
Fully agree, not to forget the screen ratio of 3:4 which cannot be found any-more! This together with the excellent keyboard and the trackpoint are me is THE criteria for a developper laptop.
A machine like that runs vim/emacs perfectly, I don't see the problem. And for compiling you can use build farms if you're serious. We're getting way to used to our shiny modern toys to realise that it doesn't take much for an OS to run and do actual work.
Up to last March I was using a first generation eeepc with a resolution of 800x480, 512mb of ram and 4gb ssd. It was stretching it but didn't stop me from doing actual work with vim, compile programs (although slow) and push to github. Plus ssh on my server for heavier work.
now... browsing the Web with elinks and framebuffer was kind of a pain...
After I stuck an SSD in it, my 2nd-generation Thinkpad X100e makes a fantastic little dev box. The damn thing boots in under 5 seconds. I've always been a fan of the smaller laptops like this (I used a Thinkpad 240Z for nearly a decade).
An rMBP would be nice to have but in the meantime this laptop suits me just fine. The keyboard is better on this too. Maybe if that iPad Pro rumor pans out and it ends up having a USB port I'd just use that with one of my smaller keyboards (KBC Poker) instead.
I use a newer eeepc with 1G of ram (Atom N450). It allows me to discern what software is horribly inefficient crap and what is actually decent. It allows me to see where code changes actually have a real impact on performance and UX. Profiling isn't always nearly as helpful: it gives you numbers, which you can compare relative to each other, but it doesn't tell which numbers actually matter. And how often do people really profile?
For me using cheap low-end hardware is a feature, for development. Plus it saves me monies.
I really miss my X60. If it had an LED backlight (I hack outside a lot) I would still be using it. The 1440x1050 resolution is better than anything currently available in this weight category.
The X60 has only a resolution of 1024x768. That was one of the main drawbacks of the X60 imo. The better resolution display was only available for the X60t. Some people hacked the X6x to use those [1].
Yeah.. Anything early 2012 onwards (x230/x1 and later) has the new style keyboard. I've heard reports that it's not that bad, but I don't know why they would do such a blasphemous thing..
As far as I can tell the changes are purely cosmetic; the underlying switch hasn't changed at all. Still crap compared to any mechanical switch, but better than any other laptop.
Some T60s came with a 15" IPS 1600x1200 UXGA display, which for years was the best display you could hope to have on a laptop. Only starting to become outdated now thanks to Apple's retina push.
"Most of the people who care about free software are programmers, and programmers need things this laptop doesn't have, namely modern specs and a great screen."
Mr Hess seems to do ok with a lowish spec netbook and more recently a Lenovo Arm based tablet convertable. Perhaps many programmers need high specification hard ware, but even rounding error would be a significant market for this operation.
I think it depends on your workflow; for me, the keyboard is the single most important thing, then probably portability and RAM. Screen and CPU are pretty low on the list.
You're suggesting a different product and a different market at the same time.
I think your comment demonstrates that most programmers are always going to go for the most awesome laptop and will make the necessary sacrifices. To me, the natural target market for this is probably FSF & EFF members; those that are concerned enough about their privacy that they will accept a laptop that does less, isn't as shiny, etc.
That's not their target market. Their target market is people who care about having a completely free system (for the FSF's definition of free) over having good hardware. It think it would be pretty hard for a more modern laptop to get this sort of certification, since you'd need all the hardware manufacturers to agree to open up their drivers and firmware.
I think, if nothing else, this effort is useful as it serves to highlight to technically inclined people just how hard it is to get a system that meets these requirements. It is a wakeup call, telling us that there is still a lot of work that needs to be done.
That's interesting because I can't seem to find the exact CPU that these laptops ship with anywhere on the page. The ThinkWiki page shows that there are Core Duo (not 2!) and Core Solo variants of this laptop that exist as well.
afaik, the Core models are a very small fraction of the total sold. They were replaced by Core2 models very quickly. I don't think there's enough Core models to reliably source used ones.
If I'm not mistaken, thinkwiki gets their info from the thinkpad service manuals. (I have one too). There are a billion configurations of every laptop, most of which you'll never see because they were restricted to one region or market (or govt or edu). Some of them probably never even made it into production, but they exist as a row in a database.
I have an X60 that can't run a 64 bit Linux, as I found out when I tried to boot the RHEL 7 beta installer. I'm assuming that is a Core Duo rather than a Core Duo 2.
My sample is a Type 1706-CT0 with product ID 1706WB5 and it was manufactured December 2006 (06/12 on the end of the serial number). Did I get 'lucky'?
My particular X60 has an Intel T2400 Core Duo Mobile processor [1] and this processor has a 32 bit width[2]. I picked an early model, and I decided to pick one up of UK ebay days before finding the site mentioned in the OA!
The T61 which is where my main experience lies has hardware whitelists for WiFi cards and restricts the internal SATA port to basic SATA speeds rather than SATA2 speeds which the chipset supports.
There are many hacked BIOSes (I use Middleton's BIOS) out there which fix this though.
I purchased one of these machines running Trisquel. With an SSD it is quite snappy and the IBM keyboard is fantastic. It was a pleasure to purchase from Gluglug, although at the time I was restricted to paying via Paypal.
I have an old x61s, so it's not even as old as this. It does work perfectly. However the screen is bad--very dim, even on maximum brightness. It seemed fine back then but compared to the x230 I would never go back. Otherwise, though, there's nothing about the machine that makes it antiquated for most uses (web, video, etc.) Even the 1024 x 768 would be tolerable were it not for the dimness.
I can testify for the sturdiness of these. And X60's aren't the most robust of the pack. But I bang them once a week and yet no glitch. The platform is ancient, a Haswell ULV will be twice as fast for less than 25% of the TDP, with many added niceties (64bits, vt-*, a decent gpu, ...)
I own a T400 and it saved my back twice when sliding on ice. After 5 years of taking it everywhere, it looks like it was barely used.
I love it, but damn... a P8600 Core 2 Duo in 2013 is noticeably slow even in browsing.
Is this simply a rearrangement of the standard QWERTY keys? Or a "real" Dvorak keyboard? Specifically, the nubs on [F] and [J] are always an impediment to swapping keys.
I don't believe Lenovo has made Dvorak laptop keyboards themselves (last time I looked for my T60p, I found nothing), so I suspect they are talking about a rearranged QWERTY that they can do during refurb.
Article is not good.
They keep using the word 'free' as if it means 'open'.
Also why is there a picture of an IBM thinkpad? I can imagine the writer just google image searching 'laptop' for this article.
They require the BIOS / core boot firmware to be open but allow closed peripheral firmware and CPU microcode.
This is a natural allowance as otherwise no modern computer would ever be certifiable, but it's interesting in that it doesn't require the firmware for wired-in peripherals like webcams or wireless chipsets to be open.