jarrham xavyerah otello

0 views
Skip to first unread message

Chanelle Glugla

unread,
Aug 2, 2024, 9:09:18 PM8/2/24
to tentmezcmistdeck

I think this deserves a specific thread @moderators on which a list of existing coreboot flashing services should be promoted? There should be no distinction to be made between coreboot flashing services and Heads flashing services, even less since Basic boot mode (referred above) exists. Heads can be flashed without bounding it to any USB security dongle nor provisioning any secret. Therefore an end user could just reflash internally upon reception of the hardware and not trust the firmware and go from there.

If Heads is flashed by a third party, you trust that third party, until you reflash yourself internally, having verified the hash of the firmware yourself, and then remotely attesting the trusted firmware integrity feature, enabling anti-interdiction and remote attestation for in-transit tampering detection.

Basic mode permits, for the first time, to have Heads being flashed as a service, just like people flash libreboot or skulls, which are coreboot distributions, without enabling any of Heads security features enabled. This means no need to buy and couple OpenGPG smartcard to be provisioned by third party, no OS preinstallation necessity: it just permits a third party to do the first external flash which might be complicated for some, even more depending on the hardware in question where those SPI chips are not so easy to access.

Basic mode goal is exactly that: not enforce any security mechanism. It could permit third party to address your first comment on the other thread: the initial burden of externally flashing the hardware, and then permitting you to internally flash your hardware to a firmware image you verified the integrity yourself. You would still have to trust to a certain level that third party to a certain extent, after all, that human will have access to the hardware insides.

But Heads is just that: a firmware image you can either build yourself or download and verify prior of flashing, after which security mechanisms are to be applied in place for you to be able to attest and verify the the state of your firmware on succeeding reboots. And maximized images are exactly that: full spi images that will overwrite the whole content of what is booted from, replacing ME and everything else in SPI flash with a fresh copy, that on next boot will be sealed in TPM on which you will then be alerted of changes.

Ideally you do all of that yourself, but just like for Skulls, libreboot and coreboot: the first external flash is problematic for some, and that service is offered also by some to ease access to coreboot firmware ecosystem.

@catacombs Fablabs are amazing for their dedication into free knowledge sharing and ability to assist into doing those things and might be able to do/help into externally initially flashing the device while you being present.

Here is a non-exhaustive list of fablabs which would benefit of being extended and called/emailed to see if they can help doing this with phisical presence, with sources to extend it with some manual efforts, including the entry for Texas:

It seems that Fab Lab Houston FabLabs is more updated then the information I automatically generated through a bing creative chat. Here is an updated generated list focused on fablabs having CNC printers and a known to have an electronic focus:

I will not maintain those lists! Just showing that they are accessible and fablabs/makerspace should be visited more often. If unaware of coreboot (possible but improbable) they should be trained once to it and then knowledge will trickle down and propagate as it should.

New forms of sharing, as well as new ways of collaborative production and consumption, are raising questions for the current economy. Fablabs and hackerspaces have a particular place in this context where commons-inspired wealth is based on access and use rather than property. These collective manufacturing spaces, which appeared in the mid-2000s, are introducing a new work ethic: a maker culture. Dispersed all over the world, these spaces have different names: fablabs (fabrication laboratories), hackerspaces, makerspaces, living labs, tech shops, among others. They are an invitation to rediscover the pleasure of throwing different objects together, of coding software programs, or simply imagining new styles of clothing and cooking. Across the globe, major metropolises are welcoming these new spaces that simultaneously promote new ways of manufacturing, collaboration, consumption and learning.

A 3D printer is often the center of attention at these sites, as it allows for the production of any object, using plans found on the Internet. Although results are still modest, progress is astounding. Most of these spaces also have professional equipment such as numerical control machines: cutters, laser cutters, silkscreen printers. Only a few years ago, months of training were necessary to successfully operate one of these machine tools to manufacture prototypes. Today, training to use them correctly takes only a few hours. Moreover, prices of machines and design software have dropped significantly. Thus, just as personal computers allow us to navigate the tech world, Personal Fabricators can allow anyone to engage the physical world.

However, even if they share common values, fabrication laboratories in Barcelona, Berlin, San Francisco, Paris or Beijing are not all alike. Fablabs were founded at MIT (Massachusetts) in the early 2000s and have formed a worldwide network. Hackerspaces have a different story. Their origins lie in California during the early 1970s with the Homebrew Computer Club, an incubator where hobbyists gathered to explore and invent information technology. Some shared their findings for free while others, including Steve Jobs and Bill Gates, took a more traditional capitalist route. Steeped in hacker spirit, hackerspaces are no different from fablabs from an organizational perspective. Even if coding practices are more advanced at these sites, hackerspaces are similarly equipped with materials for individuals to manufacture, invent, fiddle with different objects and make something. Moreover, just as with fablabs, public access is an important criterion, as well as the will to make these spaces not only sites of innovation and manufacturing but also places for collective learning and sharing knowledge.

Fabrication laboratories are partially anchored in the territories where they are located. They operate in networks that sketch the contours of new productive ecosystems. Some observers consider them the beginning of a new industrial revolution or the avant-garde of a civilized exit from capitalism. But one need not go that far to realize that these new worlds should be taken seriously. These spaces are laden with multiple innovations on technical, political and organizational levels. Though they may be located at the margins of the dominant economy, their growing success is indicative of socio-cultural shifts in the ways people work, design, produce, make decisions and take action.

Sociologists who have begun to study these new production sites show that although these spaces are heterogeneous, they have a shared mode of organization, partially issued from developer and hacker communities. The culture fostered by the free/open source world, founded a few decades ago, introduced new ways of working and collaborating relying on egalitarian and horizontal networks. They also developed new ways of sharing goods and services, for example, through the Copyleft license.[1] The maker movement, which includes fabrication laboratories, also draws inspiration from a tradition critical of industrial society, initiated by William Morris in the world of design.

A recent survey of hackerspaces we conducted in northern California showed that these alternative maker worlds are mostly made up of young white educated thirty-year-olds disenchanted with academia. These spaces, frequented by both Google engineers and homeless techies, have one objective: to hack, that is, to innovate by engaging computers, physical objects and even society at large. Some makers actively participate in innovation processes for the Silicon Valley, while the more radical invest their energy at the service of those contesting the established order, such as the Occupy movement. In a time of generalized structural crisis, it is worth examining these alternative spaces, real utopias where new ways of working, decision-making, consumption and living together are being invented.

c01484d022
Reply all
Reply to author
Forward
0 new messages