Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 24 Jan 2019, 06:54
All times are UTC - 4
 Forum index » Taking the Puppy out for a walk » Announcements
FSF Petition against Secure Boot
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 2 of 2 [20 Posts]   Goto page: Previous 1, 2
Author Message

Joined: 28 Dec 2010
Posts: 12
Location: Tanas by PDX

PostPosted: Wed 16 Jan 2013, 21:53    Post subject: Computers as appliance
Subject description: A vendor-promoted trend

Yes, many people have a mix of talents that doesn't gel with geekness. So?
They work with a GUI, they use mouse and menus, they avoid digging deeper.
Without them, how many geeks would have a job or useful social role?

But if vendors make small embedded computer modules that cannot be modified or maintained, will enough of these people buy them?
Computers could become a thing of the past, replaced by disposables.
Not cheap, of course. Just not maintainable, and thus disposable.

If we don't educate people, they won't understand - in time.
Back to top
View user's profile Send private message 

Joined: 22 Nov 2010
Posts: 5056
Location: Everybody knows this is nowhere...

PostPosted: Thu 17 Jan 2013, 12:20    Post subject:  

Ol'Duffer, to your point... (sorry, this will be a little off the thread topic)...

You got the gears in my head going, and they spun something up. Consider the following scenario...

A community (eg town, city, neighborhood, whatever) government distributes a bunch of computers, one or two to each household. These computers need not be high-power systems -- they need only to operate, and to be fairly inexpensive in the required bulk quantity. Assume that they're all the same (or, at least, similar enough that the differences don't matter).

While these systems do have removable storage, they do not have a hard drive or any sort of OS storage built in. Instead, the household is given a set of USB storage media -- one drive per person over age 6. Each drive (flash or external HDD, doesn't really matter) contains an OS and some base programs. There is plenty of space for user data.

The community in question also maintains a community software repo (this isn't hard -- just servers and a way of checking/approving/adding "clean" software), such that community members are able to download "approved" programs that they might need -- games, productivity software (word proc/spreadsheet/etc.), whatever they might need. While community members can setup and maintain their own repo if they want to (and can fund its construction privately -- the community won't help with this) they are required to note, upon access, that theirs is a private repo and the community government can't help with any problems that come from it.

Free or low-cost classes are provided by the community on how to properly and responsibly use the computers and media provided. People can take the classes if they wish (or not) -- but if they are found to be committing cybercrimes (or at least cybermisbehaving), they must (re-) take the class(es) as part of their punishment. If someone loses their drive, or it is damaged, they can obtain a replacement, but whatever can't be transferred from old to new, is gone. (This also encourages user responsibility.) If someone has a hardware problem, the community government takes care of that.

All of this would be paid for through taxing appropriate to the community -- for a town, there might be a $25-50/year mandatory "technology tax"; for a small neighborhood or subdivision, it comes from your homeowner's association dues.

I'm (for now) calling this concept "Modular UserSpace Computing". MUSC allows the hardware to sort of fade into the background. The community government handles the hardware, and all people have to do is worry about their own data. Probably the best data medium would be a large-capacity flash drive. Mechanical hard drives have a bad habit of dying after a sharp drop of 12-18 inches, however accidental, and proper SSDs are insanely expensive proportionate to capacity. SD cards are nice, but they're tiny and thin -- the easier for your toddler to swallow or stomp on (CRUNCH!), or for you to lose. Obviously, if the drive is wrecked or missing, all the data on it is gone as well. (The community can, as needed, provide a backup service, but this brings other problems with it, for sure!)

I can already see the Reds in my country (nothing to do with Russia, but rather Republicans) starting to get a little red in the face and foamy at the mouth, at the idea of *gasp* community-oriented computing -- they might even want to call it "socialized computing". Difference is, I'd welcome it with open arms, if it was done right. ("Doing it right" is the key to all things!)



Back to top
View user's profile Send private message 

Joined: 05 Jun 2012
Posts: 1935
Location: Wisconsin USA

PostPosted: Thu 17 Jan 2013, 12:53    Post subject:  

I think that the government should not handle the hardware in computers.
Back to top
View user's profile Send private message 

Joined: 22 Nov 2010
Posts: 5056
Location: Everybody knows this is nowhere...

PostPosted: Thu 17 Jan 2013, 13:14    Post subject:  

OK, so they contract out the hardware repair to local companies. No big deal. In fact, this whole operation could be done by a private company, contracted in by the local government or whatever. Who's doing it doesn't really matter -- what matters is doing it right.

The central idea is that the user is responsible only for their data and (if they want to do so) their OS. Whatever's on the USB media is theirs. Whatever isn't... isn't. Since nobody's born with the knowledge of how to compute responsibly, there are classes for that -- classes that anyone can attend. Making it mandatory for everyone is unnecessary. Giving people the option -- and then making it a little easier if they take the classes -- makes things go down better Wink

The only real requirements for the hardware are --
(1) it is compatible with the community-sponsored OS and software
(2) it functions adequately to allow a user to accomplish their tasks at a reasonable rate -- this does not mean "latest and greatest" but we're not talking mid-90s tech here either.

Probably the best setup would be a single-board computer with an ARM SoC and a gig of RAM -- and plenty of USB ports (4-6). LCDs around 15-17" diagonal are fairly mainstream -- and therefore cheap. Have the thing's BIOS (or UEFI or whatever) set so that it can boot from any USB port (the physical connectors do wear out after a while, so redundancy is important here), and you're good to go.

If you want a modular setup, put the SoC in a ZIF socket, like PC CPUs are, the RAM on a SODIMM, and the PSU on a separate PCB. That's about as modular as it's going to get. Cooling on this sort of setup would be simple -- a laptop-style setup would be fine, where you have the chip clamped to a bit of aluminum or copper with a heatpipe in it. Heatpipe goes to a not-very-large heatsink, and a fan blows air through that. Since I've yet to hear of a 20w ARM chip (RasPi is a ~1w chip IIRC) this cooling method is probably slightly overkill.


Back to top
View user's profile Send private message 

Joined: 24 May 2005
Posts: 785
Location: Connecticut USA

PostPosted: Sat 19 Jan 2013, 21:07    Post subject:
Subject description: Do you really think it is secure?

I have been investigating the UEFI BIOS changes. Like any technology, it will be used and people will manipulate it for their own purposes. As far as locking out Linux, the Fatdog64 UEFI test distribution shows there are ways around it. I manage to make a UEFI bootable flash device. It allowed Fatdog64 to be become a tool in understanding the changes associated with the UEFI BIOS. Better tools will become available to allow the more inquisitive people to modify their computes as they want them. The genie is out of the bottle and will both help and hinder,

The "secure" portion of the UEFI BIOS uses the pubic shared key (PSK) system to determine if the bootloader being used is signed and has it been modified. The PSK system relies on a private key and public key to sign or confirm messages have not been changed. With Fatdog64, Jamesbond, signed and provided a certificate (public key) that registers the Grub2 bootloader as being acceptable. The UEFI BIOS requires a manual (man in the loop) process to register the new key.

However, if one checks a UEFI BIOS setup menu, one finds "gray out" entries for platform keys and company keys. These are the keys that were used to initialize the BIOS, mostly likely without needing a human in the loop. Most computers are assembled in foreign countries and imported. Do you really think the governments of the countries where the computers are assembled do not have copies of both the platform and company keys (public and private) used for the initial setup of the UEFI BIOS? The UEFI BIOS computers are not secure at the government level. Just think of the economic chaos a hostile nation could cause if it reset the keys of the UEFI computers to new ones, which do not recognize the existing operating systems. Especially, for example Windows 8, which does not provide the end user with a key management tool. FatDog64 does have a tool,so one could re-enter the key and start using it again.

Now, imagine if you are a professional data thief, but, you have a brother-in-law or have made loans to an employee at the factory where the computer assembly takes place. Do you think that he could not get the same keys to insert some new code into computers to capture information?

I do not think UEFI BIOS is sercure. It does help to solve some problems. But, it runs into JustGreg's dictum, derived from Murphy's Law: "Every new solution brings a new set of problems" Laughing

Enjoy life, Just Greg
Live Well, Laugh Often, Love Much
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 2 of 2 [20 Posts]   Goto page: Previous 1, 2
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Taking the Puppy out for a walk » Announcements
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum

Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0594s ][ Queries: 12 (0.0236s) ][ GZIP on ]