Purism on Spectre and Meltdown and the microcode update
- Login o registrati per inviare commenti
We all know about the recent discovered security issue related to modern x86 cpus.
As free software community we can use the most recent kernel to mitigate the meltdown attacks.
For the Spectre ones instead, we are deep on the #####.
We cannot apply microcode updated on our systems. This because for principle microcode is proprietary software.
I read in older post a war of extremism between who completely exclude the use of microcode updates (see libreboot) and who instead say that since microcode is already running in the system, updates should be used when absolutely necessary like for example now.
I agree with the latter since in my view spectre exploit is a fact and I want to mitigate this problem. But I cannot because the distro blocks the microcode updates. In the old post this behavior was compared to the proprietary software that imposes on the user something.
I am still free to find a way to apply the microcode, but this is an hack. Not everybody can do that.
In the same old post some people risked to be banned because promoting the use proprietary software (the microcode).
I am not trying to create a flame or so, but to make people think to find solutions.
Coming to Purism, this post: https://puri.sm/posts/meltdown-spectre-and-the-future-of-secure-hardware/ to my eyes appears to be quite reasonable. Maybe because I am a reasonable person and I don't like wars of religion. I would like to have a nice discussion about these topics.
It is interesting that reasonable discussions come from a company that is so much demonized in here.
How do you think we can solve this problem (the microcode update), do you think that using a librebooted laptop makes you immune from spectre attacks?
I am curious to ear different opinion and maybe possible solutions.
yep I agree but this is for a possible future, but in the meantime now should we not try to mitigate the problem for our actual hardware?
But I cannot because the distro blocks the microcode updates.
How is Trisquel "blocking" updates? That would be DRM! I believe you confuse "not proposing" with "blocking": no Trisquel developer is working to prevent you from installing something on your system.
Blocks meaning doesn't provide any package to facilitate the update. Using distro packages is the preferred way to do the update while the manual update is not.
I tried the manual and also to use packages from ubuntu unsuccessfully
Trisquel would have its GNU FSDG status rightly revoked if it provided proprietary software.
yep, I know but I am thinking that for this particular case a different strategy should be adopted.
Because taking such a strict position can be sustained only ditching the actual CPUs in toto. It is clear that this is not possible at the moment, so some sort of compromises should be used.
Many people are pretty upset (see Linus T. on some public mailing lists) and this could be the right moment for alternatives to emerge. But It will require a lot of time.
I've decided not to send what I just wrote because I've already fanned enough PureFlames in this forum. Instead I'll just say that I completely agree with you, and that I would like to share this thumbnail from a video called "Why you should support the Librem 5 phone", as I believe it is meme-worthy.
- Login o registrati per inviare commenti