Toward an Open MachineIt was the voting machines that convinced me that we need our computers to be open. My home State of Connecticut bought new Diebold optical scan voting machines which, of course, do have a paper trail. But when the University of Connecticut evaluated them, it said machines "can be compromised with off-the-shelf equipment in a matter of minutes even if the machine has its removable memory card sealed in place. The basic attack can be applied to effect a variety of results, including entirely neutralizing one candidate so that their votes are not counted, swapping the votes of two candidates, or biasing the results by shifting some votes from one candidate to another. Such vote tabulation corruptions can lay dormant until the election day, thus avoiding detection through pre-election tests." It would not be appropriate to explore this here, but you can see some of the argument at [1] www.seconnecticut.com/elections.htm. A really trustworthy machine must be auditable, much as you would wish voting machines to be auditable, and to do that it must then have transparency... the code and the hardware must be open for inspection. For voting machines, openness should be a requirement. For my living room, I want no less. The ProjectIs it possible to configure a computer which is completely free ? It should have a free BIOS, hardware with open drivers, and a complete complement of open software. I wanted to find out. To build a free desktop machine the question becomes: Not can you do it ? but How close can you get ? Obstacles include non-disclosure agreements, and secrecy that surrounds the components. Why would you do this ?You may not find a lot of discussion of this in the media, but you have lost a lot of consumer rights in the last few years. Currently you have rights of fair use of printed documents. You can copy, quote, from written work. You can sell or give away books. But publishers would like to stop that. The ebook is subject to copy protection that controls what you can do with a document and prevents you from viewing information beyond a defined period. You cannot sell it or give it away as you might with a book. Microsoft and Apple want to own your home entertainment. They would like for you to buy your music again every so often. Not only that but they do watch what you watch. Their privacy statement may say that they do not share such information with anyone else, but they also point out that they may change the policy at any time without notifying you. Audio CDs may contain stealth software and be accompanied by end user agreements. They can have software that prevents you from using your disk drive freely. For Digital Rights Management (DRM), Sony used root kits that compromise security and even caused CD Rom drive failure. Copy protection schemes have been used that allow monitoring of consumer behavior, compromise computer security, render drives useless, and can result in computer breakdown and repair expense. The way MS implemented DRM is simply inexcusable, they caved into the draconian money grubbing ways of the content providers at your expense. Try this with your new Media Center PC, record a HBO show on your DVR, say Six Feet Under. Then try to burn it to a DVD so you can clear HD space, Good luck. ... Until this abomination is abolished, I can't recommend Media Center in any way, shape or form. In fact, it is one of the few products I would tell you to actively avoid. While I don't know that they changed anything in the 04 to 05 transition, the fact that the phrase DRM does not appear in the marketing materials once is more than telling. They don't want you to know, just consume quietly, bread and circus. In fact, they are eroding your rights, and charging you for the honor. As of now, just say no. µ From [2] http://www.theinquirer.net/?article=18385 Richard Stallman has written and spoken extensively about treacherous computing, and it is at best an imposition on consumers. He correctly points out that DRM is not reconcilable with free software. Proprietary software is usually accompanied by long EULAs (End User License Agreements) which you must sign to actually use the product. They are often too long to read thoroughly at the time you are doing an install, and to do due diligence you may need a lawyer to fully appreciate the language. In the case of Microsoft operating systems, rejecting such an agreement could prohibit you from using your own computer. If you do not agree, you are legally not allowed to use the product. (Have you ever not agreed ?) You have no rights in this contract. It's a 'take it or leave it.' It is a commentary on our time that people agree to this kind of contract pretty much without complaint. Last night a dialog box appeared telling me that I needed to stop everything and validate my software or my contract for virus protection would be void. I did what they said, retrieving a 16 digit license key that appeared once about a year ago. This kind of verification is rude, distracting, unacceptable. Why people are complacent and do not refuse escapes me. A hard drive failure can cause re-install of all software, renewal of all licenses, re-purchase of subscriptions, loss of data, recovery of passwords, and so on. Sometimes software from a multiplicity of vendors does not work well together. Functions can be redundant, or even conflicting. Any computer can be a surveillance device. Open machines do not solve this problem because phone companies have permission to listen to your wire and the federal government says they need this right. Data mining is certainly in use on our communications and there is not much we can do about it. Surveillance is cheaper and more common as RFID, GPS, video cameras and other tracking devices become ubiquitous. You can prevent some Microsoft applications that 'phone home' including the Media Center, MS Office, and probably other home invaders with open source software Eban Moglen, Chairman of the Software Freedom Law Center spoke at the Free Software Foundation's 2006 meeting at MIT: (The complete audio in ogg format was downloadable from the FSF.org website, it may still be there.) He said:
Aside from that, closed products lack interoperability, audit ability, extensibility, robustness, security and, too often, quality. I happen to think that your freedom and civil liberties are at risk as well. The Free Software Foundation license, GPLv3, protects your right use the programs, examine them, modify them, and not deny other people the right to fully use their equipment. Tivo, under GPL2, was able to use Free software, but made sure that no one was able to run modified versions. GPL3 has been drafted to prevent 'Tivoization' from happening again. ConfigurationInstalling Linux is always a learning experience. Each distribution is different. What may be well supported in one distribution, may not be in another. Wireless sometimes installs immediately, or it may have to be configured. That can even change with each new version of the same distribution. Here are the kinds of configuration problems that I find annoying...which is to say they take time from something that matters to me more. Kmidi is not packaged so that it will work with my SoundBlaster, so it needs recompile and to do that the QT libraries need to be available. I'm pretty happy with my Debian 4.0 (etch) distribution right now, but Rosegarden tells me that the "kernel timer resolution is set too low." With a little effort I can probably recompile the kernel or find a low-latency version. Since Rosegarden also uses the QT libraries, I'm just using other simpler applications instead. It should be possible to buy an open machine that is fully configured. Commercial OfferingsThe major vendors mostly push Windows, but if you look hard they'll offer a Linux machine... usually targeted at the business customer mostly for commodity Linux servers. It is not clear to me that Dell or other vendors actually do more configuration beyond what installs from the iso. The reviews I saw mostly mentioned that some additional configuration is required. Usually not a particularly consumer-friendly process. If it is simply a matter of feeding the disks and then shipping it out, I might as well do the install myself. Anyway, before starting a custom machine, I want to be sure that there are no readily available off-the-shelf computers available. How can we know how much they configured before they shipped ? Life is too short to redo work that someone else has already accomplished. HP offers [3] open source machines and it has an 'indemnification' program which will protect you from suit by SCO provided you agree never to 'use or modify the source code', purchase the HP service contract, and apply for the program. Dell offers Linux machines with Ubuntu and some other distributions, but reviews indicate some additional configuration is required. The closest actual machine is the OLPC. (One Laptop per Child) See the [4] OLPC.tv site for an open project which approaches many of the stated goals. For a limited time, between November 12 to November 26, you can buy the OLPC, but you have to buy two of them: one goes to charity and the other is shipped to you. DistributionsThere are a lot of distros out there, many with commercial hooks, proprietary code, or some licensing requirements. No surprise. Everyone needs some kind of business model so that they can survive. Then again, that is not what Open Source is about.
There seem to be enough differences among them that I keep migrating to
look for something better. Break one. Try another. Debian [8] is the basis of many other distributions (gnewsense, ubuntu, mepis, ...) and it is also the best I've tried. Audio applications are demanding enough that there are some issues. For audio applications, the kernel needs to be modified and recompiled. Fortunately there is a distribution called 64studio [9] that addresses audio issues. It has a kernel for either 32 or 64 bit machines, the kernel is patched for real-time, and some specialized applications are included to implement a DAW (Digital Audio Workstation). I should be able to use their kernel, and it is reassuring to know that support is available for a modest fee. (Full disclosure: I haven't installed it yet.) BIOSI am not aware of single motherboard manufacturer that offers an open source BIOS. In fact, if you attempt to install a different BIOS than the manufacturer's you may 'brick' the board. It is rendered useless. How is this different than tivoization ? In modifying the BIOS you could also lose the MAC address, the unique identifier for many devices: routers, network cards, or even motherboards. Some reports say that LinuxBios runs on over one million machines. They mostly come from a small vendor in India. [10]: It turns out that LinuxBios is, for all practical purposes, used for big Linux Clusters with a rack of nodes. One vendor with experience configuring server farms said it could only be used for a desktop with a lot of effort and even then it would be a "can of worms." I was told it is too large a development effort and would make sense only if there were the potential for large volume. The most likely vendors (Tyan and Giga) have no interest in allowing a substitute BIOS. You can't really look at the BIOS of your computer because it is a secret. You don't know what it does and you can't find out without painstaking reverse engineering. Developers are working in the dark for many of the details of its operation. The Free Software Foundation is working on it and, from the looks of the LinuxBIOS mailing list, appears to be making good progress. It is not practical, right now, for a personal computer. The Free Software Foundation has listed motherboards [11] which can support FreeBios [12]. Actually the LinuxBios.org [13] page does not recommend a motherboard for desktop use at all but there are two 'flagship' motherboards. The favorite motherboard of the LinuxBios developers is the GIGABYTE GA-M57SLI-S4? (http://linuxbios.org/GIGABYTE_GA-M57SLI-S4_Build_Tutorial) [14]. It is based on the NVIDIA nForce 570 SLI chipset and AMD's latest Socket AM2. Its features include: It has two Free & Open Source BIOS: One, thanks to AMD engineer Yinghai Lu who released GPL-licensed code, and the other is from LinuxBIOS, a Free Software project. To run an alternative BIOS you must solder a socket on to the board, it then must be loaded and hot-swapped. If it is done incorrectly the board could be ruined. The modifications and determination of payload are, I think, challenging. The FSF page makes this quite clear. Be careful which one you try because It comes in about 4 different forms, one with SPI. As embedded Linux devices become more capable, they may become the most open on the market. LinuxBIOS runs on many embedded boards, for example the Linutop ([5] linutop.com) and OLPC "XO" laptop ([6] laptop.org) . What we need is one motherboard with a socketed, and therefore replaceable bios. I would think this would be a basic developer's tool, but so far I don't see that it is available. Graphics CardLike the Bios, graphics cards and their drivers seem to be closely guarded secrets. There is good news though. AMD bought ATI and they are committing to support open source. Also the Open Graphics Project [15] is developing a board which is now becoming available. There is an active mailing list discussing the development effort. Cloning itThe project is to find the best combination of components for the most open distribution available and configure it so that it will be easily assembled and fully operational when complete. Once configured well, the machine will be easily cloned. Buy defined (readily available) components, install a preloaded hard drive (or easily loaded media) and it should work well either out of the box or after assembly. Software configured would be identified so that anyone who needs more would know that additional work is necessary. Some day a reputable vendor is going to offer an open machine. How much extra would you pay for a well configured open machine that you can be assured has no malware of any kind ? You would know that because all of it is open and visible. It should be possible to configure a computer which is completely free. It should have a free BIOS, hardware with open drivers, and a complete complement of freed software. The conversation is not new. See, for example, this OpenOEM page or the OLPC (One Laptop Per Child) wiki If you think that I have overlooked something or if you know of some better approach, please let me know at info at freeappliances dot org Resources[1] www.seconnecticut.com/elections.htm. [2] http://www.theinquirer.net/?article=18385 [3] open source machines (http://h71028.www7.hp.com/enterprise/cache/328211-0-0-0-121.html) [4] OLPC.tv [5] linutop.com [6] laptop.org [7] gnewsense [8] Debian [9] 64studio [11] motherboards (http://linuxbios.org/index.php/Supported_Motherboards) [12] FreeBios (http://www.fsf.org/campaigns/free-bios.html) [13] LinuxBios.org [14] GIGABYTE GA-M57SLI-S4? (http://linuxbios.org/GIGABYTE_GA-M57SLI-S4_Build_Tutorial). [15] Open Graphics Project (http://wiki.opengraphics.org/tiki-index.php) [16] Free Software Free Society.org (http://badvista.fsf.org/freesoftwarefreesociety/free-software-free-society/) Note: This conversation is not new. See, for example: [17} OpenOEM page or the [18] OLPC (One Laptop Per Child) wiki. |