i think this video misses the point that libreboot is aimed at something coreboot isn't--the end user. coreboot is more oriented towards developers and as such is more complicated to build and set up. libreboot has its own build system and documentation for devices that makes it easier (though still not always easy.) libreboot doesn't need to "become" coreboot to progress because it already *is* coreboot, or at least a distribution of coreboot. they're 2 versions of the same software that accomplish separate, though similar goals
I disagree that coreboot is necessarily more difficult to setup. It can be easy (like the Chromebook installation), or it can be tricky (like external flashing). I like to think I'm technical enough to read documentation, but I found the libreboot docs to feel scattered and incomplete. This could be a skill issue, but I needed to adapt a coreboot guide for the external flashing stuff and was getting errors on the BLOB injection script and then randomly it just worked and I still don't know how. I don't think coreboot is any less for the end user than libreboot. Libreboot has always been for the Luke Smiths of the world, but even Luke Smith prefers the x220 experience over the x200 despite requiring ME because the devices compatible are basically artifacts that couldn't open 2 tabs of google chrome without overheating. Libreboot did something unique from coreboot, but since they are limited by the microcode now, they are just back to being coreboot. In order to survive, they have to reduce themselves to coreboot essentially. I don't think anyone would tell you libreboot and coreboot are "the same", but since they need BLOBs to work on new devices they might as well be
Is it workable, from your perspective, for a rookie (like me) to install Libreboot on an old Thinkpad without screwing up the thing. I’ve seen a few videos and it looks like a fantastic project.
@@kludgefactory I believe it varies between who's giving it, especially since these may or may really done by Coreboot developers themselves, but other people (MrChromeBox's scripts being a notable example, since it greatly simplifies installation, but is not a part of coreboot in itself, the scripts being a custom implemention of Coreboot and Tianocore/EDK2. You don't get to specify your payload like U-boot or Seabios, or deal with vga and other nuanced material. (Assuming this is still the case when I used their scripts in 2022), unlike if you ran make menuconfig for coreboot after having done the preliminary steps of setting up the pre-requisites for the environment.) Coreboot itself also isn't completely infalliable to the prospect of documentation issues here and there, and the process of configuring things itself can get rather finicky once specific issues crop up in trying to build a ROM image (Setting parameters, using tools to pull binary blobs that are required for initialization no matter what, and also trying to add said blobs in the correct places.) Which can really scare a lower end user that may not exactly know what they are doing. Me being an example of that, back in 2021, I tried building a ROM image for a Chromebook, more specifically one that was code-named Phaser360 and used Gemini Lake processors. When enabling speaker options, I had to actually try pulling blobs from the stock firmware that was present onboard, using a tool that took me a few days to find (Was unable to recall the specific name of it, but it had the ability to pull a blob of a specific name once said name was inputted as a parameter for the command), unfortunately the firmware image I pulled right from the chromebook itself was missing a specific blob, which coreboot apparently required to continue building with speaker support for the board I selected, and the entire effort fell apart. I just switched to the MrChromeBox scripts once the initial "broken firmware" bug as it initially was described, was fixed in that and other affected Chromebooks of similar generation. All this really entails of determining Coreboot's difficulty of using/building ROMs on whether or not you include these types of scripts, or just leave a normal Coreboot environment in itself with all of its options and "frills" for a lack of a better term.
Libreboot is only marginally easier, there are many coreboot howtos out there that make things easy for you as well. I would not trust Leah Rowe and Libreboot, coreboot is much more trustworthy.
agree to disagree. at least in terms of old hardware and Linux laptops. If you live in the USA or Europe, then you will never have problems purchasing this kind of laptop or hardware from a similar category. But most of the world still does not rely on the top line of processors (you can often find equipment in use from 20+ years ago in various industries and business areas and it still performs its functions well) or has the opportunity to acquire a conditional “purism” from sunny California even through intermediaries. At the same time, manufacturers do not really want to release BIOS updates for old hardware, and here libreboot/coreboot can significantly extend their life. As for software developers, the emphasis on powerful hardware is more evil than good, because instead of trying to optimize the code and make the market as wide as possible, it is easier to blame users for the lack of computing power. You don’t have to look far for examples - absurd system requirements from Microsoft for Windows 11 - 12 and literally every second AAA game project (starfield, ghotam knighst, city skylines 2).
4:25 the ME disable in mewer CPUs tells ME shut off and cuts a lot of code beforehand. No eay to kbow whether the remaining code is safe and ME shuts off
The real problem is that these projects are trying to figure out a a solution to a problem that is hardly unsolvable, which is basically liberating proprietary hardware that was never intended to be liberated (at least from the manufacturers). Truly, the real solution is FOSS hardware, but until then, it isn't currently quite there yet. Regarding Coreboot, how can someone actually install it on modern x86 hardware? like previously mentioned, the intel 12th gen? and does it support AMD's AM5 Ryzen 7000 platform?
Probably too late, but I'd like to have an Librebooted thinkpad, if not: can you make a video on how to get cheap thinkpads? I'n Europe (balkans) and it's very hard to find a bargin. If you don't know how: is there anybody that knows a good site where to get thinkpads cheap?
I can only afford to ship in the continental US, but I was able to get this x220 for around 100 usd back in August on ebay. I don't know how great online retailers are in your area, but you can typically find these thinkpads valued at that price. Buying pre-librebooted drastically increases the price unfortunately
@@kludgefactory Fair, and also, thank you for your help. Thing is: here I found thinkpads at 200$ this is why I asked, so dw. I'll get one some day and libreboot/coreboot (most probably) it. But, until then, thank you guys! Also: I wish you a wonderful Christmas and a cool 😎 new year
Ako si iz Srbije, ja sam ih nalazio na kupujemprodajem za 30-100 evra, u zavisnosti od modela i ispravnosti. Uspesno sam ih Libreboot-ovao, nije bilo mnogo problema.
What you said about open hardware, which includes open firmware, has been on my mind a lot and it made me wonder. Why hasn't the FSF, The Linux Foundation or any similar foundation put forth more effort into the open hardware arena? I understand The Linux Foundation controversies so that's not a surprised but with how purist the FSF is thanks to Stallman you would think they would have but putting resources more into open hardware. It's not like you can't make money with open hardware either which any non-profit could use to further their efforts. A little confusing honestly.
Thanks for the video. So what setup do you recommend as the most optimal balance of security and functionality. Assume a user profile who will only be using a browser and possibly a secure instant messenger, whose only concern is the highest possible level of anonymity, privacy and security against malware? Thanks
realistically, the best browser for normal things is going to be hardened firefox (no cache, no saved data, ublock, etc.) or something hardened out of the box like icecat, librewolf, and kinda brave browser. People are quick to suggest tor, but it doesn't really cover normal internet activity. In my opinion, the best balance would be having a modern PC running linux and using any of those browsers. Don't click on links or download things you don't understand. I personally run a virtual machine in virt-manager that I take snapshots of so that I can run previous versions in case of breaches or update failures. Don't make accounts associated with email or other identifying info. When it comes to malware, good browsing habits, compartmentalization (virtual machines or using different devices for different purposes), and not using the typical solutions (Mcafee and Norton like to scan your stuff) should be ok.
@@kludgefactory Thanks, but I was talking more about the combination of box+OS/repos/boot system. If the OP was arguing libreboot isn't worth it, what is the combo of best laptop, OS and boot system. A few years ago I ran Obarun on a HP laptop, but there was no special boot system and ME was not disabled, so for my next setup I want to do better than that. Software side of things I'm fine, cheers
@@WolfgangRP Depends on what you're comfortable with. Any Linux distro shipping builds compatible with that hardware should do. Fedora or Debian for example, as both support a wide range of architectures and platforms. For ARM Chromebooks specifically, postmarketOS might be a good choice.
I think its important that a fully libre version of libre boot exists, keep the dream alive for fully opensource hardware one day, and support people who want to use old hardware so they can be on a fully libre version of libre boot, but its fine if the main project wants to pursue modern hardware, and use a minimal amount of necessary microcode. Idk why people would ever be upset at that, it wasn't done in secret or behind closed doors, a project just wants to move forward, someone else can maintain a different fully libre version, though now it looks like the main guys are gonna maintain both versions. The drama was pointless.
3:40 You have to understand too that its not just about privacy. Some people just want a system that they fully control too. Not everyone is gonna make all the compromises to achieve that but, to some it doesn't just matter if those blobs can be used to spy on you, but having a system you can 100% control.
I'm down for this. recently had my laptop give up the ghost, pretty sure its a power IC issue I can't fix without Louis Rossman levels of board repair.
Great video, and well-reasoned opinions. Also (and im sure this is a long shot since I'm exceptionally late to the party here, but) if you still have the ThinkPad available to ship within the continental US, I'd love to take it off your hands as a tinkering project and would be happy to cover any shipping costs. Either way, appreciated the video. Cheers.
If it's not already gone, I would love this thinkpad. I would have to pay for international shipping though, I am in Australia. How do I find your contact? Cheers
My 2c is these things are specific projects aimed at specific crowds. These old machines suit me fine. I don't do any gaming. I don't need graphics, high specs or etc. Mainly use my computers for plain text based work and web, and for that, these kinds of machines are fine. I agree the intel ME and AMD PSP are "bogeymen" in the way you describe, but really, we should have a right not to have backdoors in our hardware, so I personally have a respect the zealotry and hard-headedness towards these things, and would encourage anybody to retain the "cheetoh-dust on their fingers" while ranting angrily, or generally holding their position on this. Thankfully, in terms of new hardware it looks like frameworks laptops are moving closer towards a backdoor-free chipset / boards. They are not there yet, but soon. I think that the noise made by free hardware advocates, activists, and enthusiasts is being heard by various companies, and so I thank them, on that front, and many others. The Pine64 pinephone and Librem laptops are also examples of this demand for more-free (if not totally) hardware is being heard. If I had the money, I'd buy those Raptor computing rigs.
It's just a ton of work to use the worst of hardware, there are people that can use an old Thinkpad as their daily driver, but it just isn't worth it. As someone who used a W520 Thinkpad for a while in 2023 it was the worst computing experience I've ever had. (I used Arch Linux with the Cinnamon DE and Manjaro KDE later on) - You have almost no battery life, even with a new battery that adds physical length I saw almost no improvement. - Getting the drivers to work is a nightmare, and I had to install them all from the AUR, which was very annoying and tedious. - I wasn't even able to run Terraria even close to playable framerates and smoothness, even basic web browsing was somewhat slow and laggy. - If you don't want to use a hard drive then you better prepare to pay even more for an SSD (on top of the battery). - Using an M-sata drive requires a bios update that was another nightmare to find online and download. - There are the usal fa noise and heat problems, along with the size of the thing, which is embarrassing to carry around. Now, a librebooted Thinkpad requires all that, plus another mountain of crap on top of it. The ONLY use case for old Thinkpads is STATIONARY web browsing, writing, media players, or as a basic server on a LIGHTWEIGHT OS.
if you don't want a ton of work, why are you even thinking of it? because thats the fun part of it, at least for those who do it. I don't like linux elitists but as an electronics engineering student who does a lot of digital, analog, firmware and embedded programming, it provides me experience and great control for my hardwares. I learn a lot and in terms of programming, it is as capable as my i9 desktop or my M2 macbooks. It's just sooo fast for the task and direct to the point. Plus the trolling factor when I carry it around the school.
If you wanted battery life, why did you pick a giant mobile workstation with an ancient dedicated GPU? Why would anyone use a hard drive in the 2020s? SSDs can be had used for about $10. Again, if you didn't want size and heat, why did you buy a mobile workstation? Buy a normal ultrabook like a T480.
Thinkpad has been shipped. Thanks to those of you who expressed interest, and hopefully there will be more to things to come
:(
i think this video misses the point that libreboot is aimed at something coreboot isn't--the end user. coreboot is more oriented towards developers and as such is more complicated to build and set up. libreboot has its own build system and documentation for devices that makes it easier (though still not always easy.) libreboot doesn't need to "become" coreboot to progress because it already *is* coreboot, or at least a distribution of coreboot. they're 2 versions of the same software that accomplish separate, though similar goals
I disagree that coreboot is necessarily more difficult to setup. It can be easy (like the Chromebook installation), or it can be tricky (like external flashing). I like to think I'm technical enough to read documentation, but I found the libreboot docs to feel scattered and incomplete. This could be a skill issue, but I needed to adapt a coreboot guide for the external flashing stuff and was getting errors on the BLOB injection script and then randomly it just worked and I still don't know how.
I don't think coreboot is any less for the end user than libreboot. Libreboot has always been for the Luke Smiths of the world, but even Luke Smith prefers the x220 experience over the x200 despite requiring ME because the devices compatible are basically artifacts that couldn't open 2 tabs of google chrome without overheating. Libreboot did something unique from coreboot, but since they are limited by the microcode now, they are just back to being coreboot. In order to survive, they have to reduce themselves to coreboot essentially. I don't think anyone would tell you libreboot and coreboot are "the same", but since they need BLOBs to work on new devices they might as well be
Is it workable, from your perspective, for a rookie (like me) to install Libreboot on an old Thinkpad without screwing up the thing. I’ve seen a few videos and it looks like a fantastic project.
@@kludgefactory I believe it varies between who's giving it, especially since these may or may really done by Coreboot developers themselves, but other people (MrChromeBox's scripts being a notable example, since it greatly simplifies installation, but is not a part of coreboot in itself, the scripts being a custom implemention of Coreboot and Tianocore/EDK2. You don't get to specify your payload like U-boot or Seabios, or deal with vga and other nuanced material. (Assuming this is still the case when I used their scripts in 2022), unlike if you ran make menuconfig for coreboot after having done the preliminary steps of setting up the pre-requisites for the environment.) Coreboot itself also isn't completely infalliable to the prospect of documentation issues here and there, and the process of configuring things itself can get rather finicky once specific issues crop up in trying to build a ROM image (Setting parameters, using tools to pull binary blobs that are required for initialization no matter what, and also trying to add said blobs in the correct places.) Which can really scare a lower end user that may not exactly know what they are doing. Me being an example of that, back in 2021, I tried building a ROM image for a Chromebook, more specifically one that was code-named Phaser360 and used Gemini Lake processors. When enabling speaker options, I had to actually try pulling blobs from the stock firmware that was present onboard, using a tool that took me a few days to find (Was unable to recall the specific name of it, but it had the ability to pull a blob of a specific name once said name was inputted as a parameter for the command), unfortunately the firmware image I pulled right from the chromebook itself was missing a specific blob, which coreboot apparently required to continue building with speaker support for the board I selected, and the entire effort fell apart. I just switched to the MrChromeBox scripts once the initial "broken firmware" bug as it initially was described, was fixed in that and other affected Chromebooks of similar generation. All this really entails of determining Coreboot's difficulty of using/building ROMs on whether or not you include these types of scripts, or just leave a normal Coreboot environment in itself with all of its options and "frills" for a lack of a better term.
Libreboot is only marginally easier, there are many coreboot howtos out there that make things easy for you as well. I would not trust Leah Rowe and Libreboot, coreboot is much more trustworthy.
agree to disagree. at least in terms of old hardware and Linux laptops. If you live in the USA or Europe, then you will never have problems purchasing this kind of laptop or hardware from a similar category. But most of the world still does not rely on the top line of processors (you can often find equipment in use from 20+ years ago in various industries and business areas and it still performs its functions well) or has the opportunity to acquire a conditional “purism” from sunny California even through intermediaries. At the same time, manufacturers do not really want to release BIOS updates for old hardware, and here libreboot/coreboot can significantly extend their life. As for software developers, the emphasis on powerful hardware is more evil than good, because instead of trying to optimize the code and make the market as wide as possible, it is easier to blame users for the lack of computing power. You don’t have to look far for examples - absurd system requirements from Microsoft for Windows 11 - 12 and literally every second AAA game project (starfield, ghotam knighst, city skylines 2).
4:25 the ME disable in mewer CPUs tells ME shut off and cuts a lot of code beforehand. No eay to kbow whether the remaining code is safe and ME shuts off
The real problem is that these projects are trying to figure out a a solution to a problem that is hardly unsolvable, which is basically liberating proprietary hardware that was never intended to be liberated (at least from the manufacturers). Truly, the real solution is FOSS hardware, but until then, it isn't currently quite there yet.
Regarding Coreboot, how can someone actually install it on modern x86 hardware? like previously mentioned, the intel 12th gen?
and does it support AMD's AM5 Ryzen 7000 platform?
Probably too late, but I'd like to have an Librebooted thinkpad, if not: can you make a video on how to get cheap thinkpads? I'n Europe (balkans) and it's very hard to find a bargin. If you don't know how: is there anybody that knows a good site where to get thinkpads cheap?
I can only afford to ship in the continental US, but I was able to get this x220 for around 100 usd back in August on ebay. I don't know how great online retailers are in your area, but you can typically find these thinkpads valued at that price. Buying pre-librebooted drastically increases the price unfortunately
@@kludgefactory Fair, and also, thank you for your help. Thing is: here I found thinkpads at 200$ this is why I asked, so dw. I'll get one some day and libreboot/coreboot (most probably) it. But, until then, thank you guys! Also: I wish you a wonderful Christmas and a cool 😎 new year
Ako si iz Srbije, ja sam ih nalazio na kupujemprodajem za 30-100 evra, u zavisnosti od modela i ispravnosti.
Uspesno sam ih Libreboot-ovao, nije bilo mnogo problema.
What you said about open hardware, which includes open firmware, has been on my mind a lot and it made me wonder. Why hasn't the FSF, The Linux Foundation or any similar foundation put forth more effort into the open hardware arena? I understand The Linux Foundation controversies so that's not a surprised but with how purist the FSF is thanks to Stallman you would think they would have but putting resources more into open hardware.
It's not like you can't make money with open hardware either which any non-profit could use to further their efforts. A little confusing honestly.
It's all software
Thanks for the video. So what setup do you recommend as the most optimal balance of security and functionality. Assume a user profile who will only be using a browser and possibly a secure instant messenger, whose only concern is the highest possible level of anonymity, privacy and security against malware? Thanks
realistically, the best browser for normal things is going to be hardened firefox (no cache, no saved data, ublock, etc.) or something hardened out of the box like icecat, librewolf, and kinda brave browser. People are quick to suggest tor, but it doesn't really cover normal internet activity.
In my opinion, the best balance would be having a modern PC running linux and using any of those browsers. Don't click on links or download things you don't understand. I personally run a virtual machine in virt-manager that I take snapshots of so that I can run previous versions in case of breaches or update failures. Don't make accounts associated with email or other identifying info. When it comes to malware, good browsing habits, compartmentalization (virtual machines or using different devices for different purposes), and not using the typical solutions (Mcafee and Norton like to scan your stuff) should be ok.
@@kludgefactory Thanks, but I was talking more about the combination of box+OS/repos/boot system. If the OP was arguing libreboot isn't worth it, what is the combo of best laptop, OS and boot system. A few years ago I ran Obarun on a HP laptop, but there was no special boot system and ME was not disabled, so for my next setup I want to do better than that. Software side of things I'm fine, cheers
For rhat specific use case, a re-flashed Chromebook most likely.
@@mskiptr Flashed with what?
@@WolfgangRP Depends on what you're comfortable with. Any Linux distro shipping builds compatible with that hardware should do. Fedora or Debian for example, as both support a wide range of architectures and platforms.
For ARM Chromebooks specifically, postmarketOS might be a good choice.
The point that you're missing, is we won't have gnu or gnu tools, if those devs that made them didn't have this sort of hardline philosophy
1:30 they are not installing microcode but updating microcode
I think its important that a fully libre version of libre boot exists, keep the dream alive for fully opensource hardware one day, and support people who want to use old hardware so they can be on a fully libre version of libre boot, but its fine if the main project wants to pursue modern hardware, and use a minimal amount of necessary microcode. Idk why people would ever be upset at that, it wasn't done in secret or behind closed doors, a project just wants to move forward, someone else can maintain a different fully libre version, though now it looks like the main guys are gonna maintain both versions. The drama was pointless.
Is the laptop still available? 😅
If you want privacy and remove intel ME then how do you do ?
4:05 the Core/Libre-boot guys are trying to get ME opcode. If it was signed it would be less backdoorish
3:40 You have to understand too that its not just about privacy. Some people just want a system that they fully control too. Not everyone is gonna make all the compromises to achieve that but, to some it doesn't just matter if those blobs can be used to spy on you, but having a system you can 100% control.
I'm down for this. recently had my laptop give up the ghost, pretty sure its a power IC issue I can't fix without Louis Rossman levels of board repair.
Great video, and well-reasoned opinions. Also (and im sure this is a long shot since I'm exceptionally late to the party here, but) if you still have the ThinkPad available to ship within the continental US, I'd love to take it off your hands as a tinkering project and would be happy to cover any shipping costs. Either way, appreciated the video. Cheers.
Thanks for your support! Unfortunately, the thinkpad has already shipped, but good luck on your project!
You mean these stock Libreboot laptops
If it's not already gone, I would love this thinkpad. I would have to pay for international shipping though, I am in Australia. How do I find your contact? Cheers
My previous laptop broke and I’m temporarily borrowing one. I’d LOVE that laptop. :)
Libreboot a w541. Tbh the performance is more than good enough for me on one of these.
nice vid kludge im thinking of reprogramming just hearing everyones thoughts.
My 2c is these things are specific projects aimed at specific crowds. These old machines suit me fine. I don't do any gaming. I don't need graphics, high specs or etc. Mainly use my computers for plain text based work and web, and for that, these kinds of machines are fine. I agree the intel ME and AMD PSP are "bogeymen" in the way you describe, but really, we should have a right not to have backdoors in our hardware, so I personally have a respect the zealotry and hard-headedness towards these things, and would encourage anybody to retain the "cheetoh-dust on their fingers" while ranting angrily, or generally holding their position on this.
Thankfully, in terms of new hardware it looks like frameworks laptops are moving closer towards a backdoor-free chipset / boards. They are not there yet, but soon.
I think that the noise made by free hardware advocates, activists, and enthusiasts is being heard by various companies, and so I thank them, on that front, and many others.
The Pine64 pinephone and Librem laptops are also examples of this demand for more-free (if not totally) hardware is being heard. If I had the money, I'd buy those Raptor computing rigs.
x86 isn't worth it if you care about 100% open firmware
I'm interested
Since you show as the first message, send me an email at KludgeFactoryDM@gmail.com with your TH-cam tag. To confirm, are you in the continental US?
@@kludgefactoryI'm not him but I'm immensely interested and have sent you an email there. Please consider me if removalist1995 doesn't respond.
all software should propietary and all hardware should are soldered
evil linux:
Thanks for the video!
i would be down
Id be interested in a thinkpad
It's just a ton of work to use the worst of hardware, there are people that can use an old Thinkpad as their daily driver, but it just isn't worth it. As someone who used a W520 Thinkpad for a while in 2023 it was the worst computing experience I've ever had. (I used Arch Linux with the Cinnamon DE and Manjaro KDE later on)
- You have almost no battery life, even with a new battery that adds physical length I saw almost no improvement.
- Getting the drivers to work is a nightmare, and I had to install them all from the AUR, which was very annoying and tedious.
- I wasn't even able to run Terraria even close to playable framerates and smoothness, even basic web browsing was somewhat slow and laggy.
- If you don't want to use a hard drive then you better prepare to pay even more for an SSD (on top of the battery).
- Using an M-sata drive requires a bios update that was another nightmare to find online and download.
- There are the usal fa noise and heat problems, along with the size of the thing, which is embarrassing to carry around.
Now, a librebooted Thinkpad requires all that, plus another mountain of crap on top of it. The ONLY use case for old Thinkpads is STATIONARY web browsing, writing, media players, or as a basic server on a LIGHTWEIGHT OS.
if you don't want a ton of work, why are you even thinking of it? because thats the fun part of it, at least for those who do it. I don't like linux elitists but as an electronics engineering student who does a lot of digital, analog, firmware and embedded programming, it provides me experience and great control for my hardwares. I learn a lot and in terms of programming, it is as capable as my i9 desktop or my M2 macbooks. It's just sooo fast for the task and direct to the point. Plus the trolling factor when I carry it around the school.
If you wanted battery life, why did you pick a giant mobile workstation with an ancient dedicated GPU? Why would anyone use a hard drive in the 2020s? SSDs can be had used for about $10. Again, if you didn't want size and heat, why did you buy a mobile workstation? Buy a normal ultrabook like a T480.
Up thogh
Is this channel dead?
I think
@@cullenmanning141 can confirm, is dead. Also releasing something microcenter related soon
@@kludgefactory you had some really well made content! Subscribed for the comeback!
@@kludgefactory Alright, good to know.
.
?
.
Good point
good dot
@@kludgefactory I reply with a dot if I want to get notifications from a thread. No idea why do that as a top-level comment though.