Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] [coreboot] Fwd: Firefox OS with built in support for OpenPGP encryption

Eugen Leitl eugen at
Fri Sep 20 05:02:51 PDT 2013

----- Forwarded message from Patrick Georgi <patrick at> -----

Date: Fri, 20 Sep 2013 13:49:49 +0200
From: Patrick Georgi <patrick at>
To: coreboot at
Subject: Re: [coreboot] [liberationtech] Fwd: Firefox OS with built in support for OpenPGP encryption
User-Agent: Roundcube Webmail/0.9.2

Am 2013-09-20 11:51, schrieb Eugen Leitl:
> The Intel Atom-based MinnowBoard is a new UEFI dev platform, and it's
> Linux-based, and targets hackers; it uses Intel's definition of "Open
> Hardware", mainly meaning no NDAs involved. It is much cheaper and
> smaller than the above box.
To wit, its download page is guarded by a long, non-free EULA:
Some of the components also seem to be binary-only.

> Both of these boxes let you reflash your system firmware with your
> custom build of BSD-licensed TianoCore UEFI.
BSD-licensed TianoCore + heaps of binary modules that are currently
only available under NDA.
They'd also require some additional code (probably binary only?) to
make Tiano resembling something like a complete and secure

> <soapbox>
> There is a large OEM/ODM/IBV/IHV/ISV ecosystem that currently runs the
> hardware, and it is UEFI-centric. IMO, focusing only on fringe
> Lemote/Coreboot technology is not a good bet.
coreboot is your only bet on x86 if you aim for open source firmware.
It can be combined with TianoCore to provide the UEFI APIs to the user
(read: Operating System), but TianoCore alone won't do since it lacks
hardware initialization drivers (that coreboot provides).

> Personally, I wish EFF/FSF and other open/free tech groups would form
> a Linaro-like firmware group and produce their own UEFI firmware
> image, as an option for OEMs.
Personally, I wish people wouldn't wish for someone else to start
groups, but do it themselves for a change.

However that brings the risk of seeing that things aren't quite as
simple and might ultimately fail.
Of course, soapboxes and arm chairs are much more comfortable and
comparably risk-free.

> There needs to be some Free Boot alternative to Secure Boot, with
> certs from EFF/FSF/etc and the open source distro vendors, not just
> OEMs/MSFT in the firmware, and it needs to target booting from a
> handful of main open source distros, not just 1 commercial OS. Else,
> UEFI will turn Personal Computers into Windows PCs, ending the era of
> General Purpose computing.
"main open source distros" is not enough since it creates a gatekeeper
model. "Secure Boot" (which is really a Verified Boot) without
physical user override doesn't cut it.

ChromeBooks, using coreboot, provide a mostly* Open Source Verified
Boot model with physical user override (with two override modes: safe
via dev mode switch, and complete via jumper).

* (blame Intel)

tl;dr: Comparing coreboot, Lemote, UEFI and Tianocore isn't as easy as
people seem to believe.


coreboot mailing list: coreboot at

----- End forwarded message -----
Eugen* Leitl <a href="">leitl</a>
ICBM: 48.07100, 11.36820
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

More information about the liberationtech mailing list