Censored Libreboot c20230710 released (FSF-friendly spin-off. 100% Free Software, zero blobs)
- Vous devez vous identifier ou créer un compte pour écrire des commentaires
Just putting this out there:
https://libreboot.org/news/censored-libreboot20230710.html
This is a special spin of the Libreboot 20230625 release, modified to remove *all* non-FSF-compliant code. It *only* supports boards that are RYF/FSDG compatible.
There is a special website, specifically for this version of Libreboot, which you can see here:
https://censored.libreboot.org/
Have fun!
I know I certainly did, working on this.
What a controversial release name :)... had a giggle when I first read it, although sensing the naming could become cause of friction, but I really hope not... I hope the itch becomes a way to deepen the discussion with questions that lead somewhere.
What I liked very much was the news of a dedicated home for zero blobs Libreboot, this makes all the difference... so much cleaner and exciting, specially for those of us who want ZERO of anything hidden. Thank you Leah!
One more thought to add to the itch... why is the zero blobs Libreboot the spin of?... How about switching them around, making the 'uncensored'[*] the actual spin of?... You would still be offering those with "censored" machines a greater degree of freedom than they would have had if left uncared for, but would make the original concept the core of it all!
([*] uncensored here relates to how I understand your use of the word 'censored' so far, please feel free to correct me if I am wrong)
--
EDIT: This is a reply to Leah's first message (the reply link wasn't visible)
I added a +1 to messages on this thread (and other threads) and have been meaning to clarify this:
Please use the rating system to mark posts that go against the Community Guidelines
Does this refer only to posts that go against the Community Guidelines? With both + and -? If so, how do I remove a + I added?
Sorry for the silly detour and thank you for any help.
Dislike -1
Censoring is something that seriously harms people in some countries. I live in Iran. Last year, they almost shut down internet (censoring everything). Right now I can't even access Trisquel repositories because of that.
Naming blob-less libreboot, censored , is not funny.
Yes, I hear what you say and you are right.
I can only apologise for my part in finding it funny, although funny there had other connotations, which are best left out, as this is much more important.
It was good to hear you, thank you!
Have you tried apt-transport-tor? It works by installing packages "apt-transport-tor" and "tor", then using "tor+http://" as the protocol on /etc/apt/sources.list entries.
It's a workaround, but I wouldn't call it a solution.
Trisquel should have official mirrors directly hosted over the Tor network, so you don't even need to touch exit nodes, Debian for example already has mirrors in onion sites. It would perform better and would offer much better privacy. Else I2P mirrors would also be nice.
I agree that it would be good to have official onion mirrors and/or for the Trisquel site to have it's own onion site.
I also think that it would be good to have apt-transport-tor pre-installed in the distro otherwise people experiencing censorship run into a catch 22 or chicken and egg style problem.
By the way you can use "tor+https://" instead of "tor+http://" if you don't trust exit nodes and you don't want to rely only on the package hash signatures for security, but obviously this will prevent you from using mirrors that do not yet support TLS.
TOR with HTTPS only works with regular addresses, .onion addresses only works with HTTP.
Of course spy sometimes happens to be exit nodes but this is more bad luck then anything else for TOR's users. Moreover, a compromise exit node is not enough to compromise TOR's user (as long as JavaScript and such compromising technologies are still disabled with NoScript).
dotsrc.org has a Trisquel Tor Onion Mirror.
I tested and it works!
Archive Mirror:
http://dotsrccccbidkzg7oc7oj4ugxrlfbt64qebyunxbrgqhxiwj3nl6vcad.onion/trisquel/
ISO Mirror:
http://dotsrccccbidkzg7oc7oj4ugxrlfbt64qebyunxbrgqhxiwj3nl6vcad.onion/trisquel-iso/
You can see all the mirrors here:
https://trisquel.info/en/wiki/mirrors
Thanks @quidam for the reply! Censoring in Iran is a carbon copy of GFW (Great Firewall of China). Tor network is illegal and blocked in some countries; There the only way to access it is using "Bridges". There are two main types of them: OBFS4 and Snowflake.
1- OBFS4: uses static IP addresses and is pretty fast, but unfortunately the IPs would be discovered by the government hackers after some time and won't work anymore.
2- Snowflake: uses dynamic IP addresses and thus is impossible to block. That's the way I use to access free internet. You can help people bypass censorship by running Snowflake
This works as well: torsocks apt-get install (package)
It would be great, if it was just that easy! But unfortunately, GFW uses another technology named DPI ( Reference ). What it basically does, is checking the size, type and timeline of your encrypted packets to guess what is inside it and block it if it is suspicious. This technology is a disaster. For example "apt-get install " works all right in trisquel live systems but not in installed trisquels systems. I guess there is some weird machine learning algorithm behind it.
Is there any way to try this using different pluggable transports?
Hi Leah,
I understand that the conflict between you and the people from libreboot.at and more generally those (like me) who want FSF-compliant LibreBoot code made you became let's say “sour” about that, so that you choose to use the name "Censored Libreboot". But, this only adds to controversy a useless aggression and as you see in KaKooDa's comment, that controversy really goes beyond the boundaries of this little conflict because of the fact that censorship is seen more then anything else as a political tool to diminish people's rights (witch have nothing to do with your use of the word “censored” in this case).
As a militant of some minorities rights, you should understand how some word choices can affect those minorities.
So, at least for the sake of people that live a real* political oppression, please change the name of this version. There are plenty of alternatives, “FSF compliant LibreBoot”, seams to me to be the more neutral (in the sens of non-offensive) option, but if you really want to keep it “sour” to mark your opposition to what you certainly see as a stubborn opinion on the strict application of the FSF compliance, you can use a word less offensive (for people that have nothing to do with this conflict) like “Limited LibreBoot” that would mean: “Limited (by FSF compliance) LibreBoot”.
*: We certainly all live in some level of political oppression, but in the United Kingdom for you or here in Belgium for me, this level is quite low compare to a certain number of other countries in the word.
What is with this offensive attitude? Both Leah, and "those" people are respected people who have done their best to improve free software and we owe a great dept to them. Conflict always exists, but you shouldn't insult other people just because they have different points of view.
Okay, so I made an account just to comment on this -- "Including blobs is for the greater good" is not a phrase I think I ever expected to see in a place like this. I mean...with an attitude like that, why even use Trisquel? Either way, I can empathize to some degree with the sentiment you have.
Yes, those "libre talking points" can feel pretty rigid, repetitive, and you might even think they look pointless. Yes, the FSF does not acknowledge as many *practical* freedom issues as it could (for example, software complexity preventing people from understanding software well enough to exercise any kind of freedom to modify or control it -- see modern web browsers/compilers/etc, they have free licenses but good luck modifying them very much without a huge team of employees). But I really don't think it's foolish or as pointless as it looks, even if the focus is extremely restricted.
As far as I know, the whole blobs-policy issue with Libreboot started as a result of Leah wanting to include processor microcode updates (which are proprietary) by default, on the basis that they aren't as dangerous as regular software and that it appears beneficial for security and stability to use them. However, it is actually perfectly sensible to *disagree* with this, it is *not* just blindly following the FSF's rules, and it is *not* an open-and-shut case in the way that she implies that it is. Leah does not magically hold The One Ultimate Truth Ever, as you seem to be implying, even if she does raise some good points.
Think about it this way: if we can all agree that microcode updates can help fix hardware security vulnerabilities, then it is not an unfair assumption to make that microcode updates can also quietly add new bugs/vulnerabilities. It is well known that the NSA spends some of their budget on finding ways to create subtly exploitable vulnerabilities in existing hardware and software -- this is hardly the realm of conspiracy, either. I think some people would argue that sticking to the original microcode, even if it is proprietary, is a safer choice precisely because it is static.
We know about the bugs it has, and we might even be able to work around them ourselves. Our knowledge of the quirks of the original microcode can *only go up* over time, whereas with updates we would always be left in the dark, with the manufacturer holding ultimate power over us. It is true that microcode cannot operate with anywhere near as much freedom as regular software, but it is also true that having *any* degree of low-level control over the processor is still a very powerful thing, and it's not something easily studied either. You aren't really given much indication of what is even happening under-the-hood when these updates are applied, so it's only natural to be paranoid. In fact, it's healthy.
Regarding "restricting the libre movement to ancient hardware" -- A computer will be a computer no matter how old it gets. The computer is not getting slower over time, the software is. The hardware itself is otherwise still useful for everything it was useful for when it was brand new. Laptops manufactured in 2009 are hardly worth calling "ancient" either, unless you're extremely rich. There are still plenty of people even in first-world countries who get by with computers as old as 2004 or older. You do not need the latest AMD Ryzen 256-core 8 GHz Monster Extreme Super-Processor to run a word processor and read e-mail. To drive that point further, I can still do absolutely everything I have ever needed to do with a computer on my laptop from 2010, and it's cheap! I can even compile an entire modern web browser on it just fine. And yet people expect you to buy the latest computer just to do something as boring as watching YouTube.
When people call these computers "ancient" and "useless," it's usually because they're the ones writing the software that makes those computers obsolete. There is really no reason to want computers to get faster and faster forever just in the same way there is no reason for everyone to drive a Ferrari to the grocery store. It's a much more modest and humble approach to "make do" with something older and continue to be uncompromising about free software (eventually forcing someone to do something about it and design a more modern computer that can be used entirely freely) than it is to succumb to temptation and spend tons of money on the latest hardware and then complain that the FSF won't compromise on their ideals the same way.
So, don't call the people here fools just because of things you read on Leah's website. And please don't act like her words are the one-and-only truth that everyone else is somehow blind to. Doing that would be religiously following someone else, which is something you claim to hate :)
Okay, so I made an account just to comment on this
So glad you did, thank YOU for making sense of it all in such beautiful depth!
I was gobsmacked by the word "brainwashed" being thrown around here, as if it meant something!! It sounded to me like a weapon of division, or should I say, sub-division.
What you wrote pacified my mind and I'm happy I will not be saying what I came here to say :)
I moved to free software as a blank canvas and knew nothing of this discussion until a few months ago. Must say ignorance has been quite useful in this case, as it helped to join the dots afresh. What you said matched what I have been concluding intuitively -- thank you again for taking the time to share your thoughts!
- Vous devez vous identifier ou créer un compte pour écrire des commentaires