Slashdot Mirror

← Back to Stories (view on slashdot.org)

Talos Secure Workstation Is Free-Software Centric — and $3100 [Updated]

Posted by timothy on from the tradeoffs-are-everywhere dept.

jones_supa writes: These days, the motivation to use open source software for many people is to avoid backdoors placed by intelligence organizations and to avoid software that has hidden privacy-intruding characteristics. For the operating system and userspace software, open choices are already available. The last remaining island has been the firmware included in various ROM chips in a computer. Libreboot has introduced an open BIOS, but it is not available for newer systems featuring the Intel ME or AMD PSP management features. Talos' Secure Workstation fills this need, providing a modern system with 8-core POWER8 CPU, 132 GB RAM, and open firmware. The product is currently in a pre-release phase where Raptor Engineering is trying to understand if it's possible to do a production run of the machine. If you are interested, it's worth visiting the official website. Adds an anonymous reader about the new system, which rings in at a steep $3100: "While the engineers found solace in the POWER8 architecture with being more open than AMD/Intel CPUs, they still are searching for a graphics card that is open enough to receive the FSF Respect Your Freedom certification." Update: 02/08 18:44 GMT by T : See also Linux hacker and IBM employee Stewart Smith's talk from the just-completed linux.conf.au on, in which he walks through "all of the firmware components and what they do, including the boot sequence from power being applied up to booting an operating system." Update: 02/08 23:30 GMT by T :FSF Licensing & Compliance Manager Joshua Gay wrote to correct the headline originally appeared with this story, which said that the Talos workstation described was "FSF Certified"; that claim was an error I introduced. "The FSF has not certified this hardware," says Gay, "nor is it currently reviewing the hardware for FSF certification." Sorry for the confusion.

2 of 117 comments (clear)

  1. Duh by Anonymous Coward · · Score: 0, Interesting

    Open =/= Secure

    I dont like how this is being used interchangeably here

  2. Some security observations by Okian+Warrior · · Score: 4, Interesting

    Making some observations from recent events, I've noticed:

    1) You can order a computer, and the delivery can be intercepted so that spyware can be installed. Especially laptops, which are difficult for the end user to peek inside.

    2) The Intel management engine is essentially an attached microprocessor with complete and total remote control of your system, including access to all peripherals, the network, the disk data, and the ability to wake up and run while the main computer is off.

    3) The Intel built-in programmable number generator was built in a way to be unverifiable. Essentially, the system reads physically generated random data and puts it through a hashing algorithm before giving it to the user. If the random number generator section is damaged (say, if someone modified the chip mask films before fab), you will get much less than the advertized 256-bits of entropy, but because the data is hashed there is no way to tell.

    Buy American!