I have used coreboot before, but I got a laptop with a weird chip layout that is going to be difficult to coreboot. I found a few workarounds, but I am having trouble understanding them. Would anybody here be willing to help?
>>16605>>16606The first time around I tried building myself and wasn't able to produce a working image, so I did it using a prebuilt rom (skulls) and had no issues. I think I would have a bit more luck now.
>>16609Thanks. Basically the issue is that there are two bios chips (1 4MB containing bios and 1 8MB containing gbe, fd, and intel me), but only the 8MB chip is accessible. One of the workarounds involved changing the chip layout in the flash descriptor to contain the bios in the 8MB chip, something like this
https://ch1p.io/coreboot-t530-one-chip/The other solution, which I didn't fully understand was this
https://doc.coreboot.org/mainboard/lenovo/w530.htmlThe third solution, which I came to by myself, was to extract blobs, reduce ME, and unlock ifd on the accessible 8MB chip, build and spilt the coreboot rom, flash to 8MB chip, then internally flash to the 4MB chip using a USB with 1vyrain.
I ultimately decided to go with 1vyrain, which isn't full on coreboot, but it allows me to do a soft-disable of the ME and implement other custom bios features while retaining the ability to boot UEFI or legacy (I was planning on going with UEFI via tianocore, but I prefer to retain the ability to do both using 1vyrain). I still might open up the computer and run me_cleaner on the bottom chip, but I have not decided yet. I think I understand the process that would go into that, but I am not entirely sure.
>>16617I've only corebooted systems or motherboards by following clear + defined instruction tutorials for that system or motherboard tbh.
If there are no tutorials for your specific system or you're coming to solutions by yourself then you're a couple of levels beyond me.
If there's anyone else reading this interested in trying coreboot you're in luck. A massive number of cheap chromebook models became coreboot compatible in the last few months. They can be found for $40 or less secondhand, schools have millions of them. It's extremely simple to wipe chromOS off them, flash coreboot as the new bios, and install whatever distro or OS you want.
They are amazing, Cheap, rugged little hacking terminals. Now with coreboot. What's not to like?
>>17177That's good, happy for you man.
>happier throwing it in a rucksack than a thinkpad somehow. Propably because it's cheaper honestly
>>17179>>happier throwing it in a rucksack than a thinkpad somehow. >Propably because it's cheaper honestlyNah I meant because it actually seems more rugged than a thinkpad, crazy as that seems. These things are designed for kids in school. They are so solid.
Doesn't having one of these with the latest coreboot and a secure OS almost solve all the mobile security and privacy issues that exist with cellphones?
I can't understand how people are so wild about corebooting thinkpads for ultimate security but there doesn't seem to be much interest in almost free chromebooks with the same functionality and an easier install.
>>17191>Nah I meant because it actually seems more rugged than a thinkpad, crazy as that seems. These things are designed for kids in school. They are so solid.Sounds good, maybe this'll be my next laptop purchase. I haven't been following stuff on chromebooks, how does it perform? Could you play something like 30fps HL2 on it?
>Doesn't having one of these with the latest coreboot and a secure OS almost solve all the mobile security and privacy issues that exist with cellphones?Mostly yeah, it's the metadata that does the work. Plus I remember some thread a few months back where someone was advertising some mobile phone equivelant of corebooting if my memory is correct.
>I can't understand how people are so wild about corebooting thinkpads for ultimate security but there doesn't seem to be much interest in almost free chromebooks with the same functionality and an easier install.Plenty of people pretend to be tech jesuses but in reality they really are just follow trends, it's like with many other things like cars where one of the models gets a cult following despite there being a much better alternative.
>>17193>Could you play something like 30fps HL2 on it?Don't think i mentioned specs anon. Performance will depend on the specs of whatever model you get. In the last few months hundreds more models have become coreboot compatible so it's looking good.
>Mostly yeah, it's the metadata that does the work.With this setup you control almost all the metadata, compared to a phone.
>I remember some thread a few months back where someone was advertising some mobile phone equivelant of corebooting if my memory is correct. Now that sounds interesting. I can't find anything on it, link?
> it's like with many other things like cars where one of the models gets a cult following despite there being a much better alternative.for sure. The practicality of this device compared to an x220 or something should blow any cult feelings out of the water tho.
>>17195>With this setup you control almost all the metadata, compared to a phone.Yeah well I guess, it's easier as wellbbut you can also technically control metadata on your phone by using it in a really conservative way. Like using a completely different writing style etc. with the whole thing wrapped in foil.
>LinkYeah it does sound interesting but sorry anon, like I said I don't remember much of it expect that it may exist. I would share if I could.
>>19102i have one it is trash. the screen is broke but maybe it is just a wire maybe it is the screen I do not even want to look at it. i found it a nightmare and i am a long time linux user.
Worth repairing?
>>19121A nightmare because of Chromeos? I never used it. If the screen is broken you can probably still flash coreboot onto the firmware headlessly, install your distro, and connect it to an external monitor as a media pc or whatever.
Another use is to install a router OS like pfsense an use it headlessly as a router.
>Worth repairing?Depends on the specs of the device and the cost of repair. List model or specs if you like. I would usually say that shit is worth repairing.
Guys, I'm coming at this from a certain position. I had the gear lust. I was spending time obsessing about shitty gpd handhelds for $600 that didn't even have coreboot. Dreaming about boutique phones with mechanical pop out keyboards for $700. Then I fucking find out that I can install coreboot and every distro on an indestructible military grade (educational grade) 10 inch yoga touch screen netbook that I got second hand for $10? My mind is blown. Yours should be too.
>>19235>>i just get coreboot and it magically installs linux mint on my shitty little device?<Depending on model, disable write protect<run script to install coreboot<no longer a chromebook<install mintIt will definitely get more complicated but that's basically it
>(theres software alternatives but if youre a privacyhead its not as safe)tbh I just use the mr chromebox scripts. Is the end result less secure than using an external hardware device to flash the bios chips directly, in your opinion?
I have an x230, I have the clips, I have the flashing chip. I have everything I need, just hesitant to start because:
1) I might brick my laptop
2) It might not go smoothly so I will spend all night troubleshooting.
>>19304What times are you online (UTC)? We can talk on irc, freenode or libera.chat. You can keep me company and provide moral support. Plus help me troubleshoot if something goes wrong. In return, one more laptop will be corebooted.
I know x230 it is supposed to be relatively easy, but what about t530? I have one of those too.
>>193582 extremely logical reasons to hesitate lol.
>You can keep me company and provide moral support.I work split shifts so not much spare moral support.
>In return, one more laptop will be corebooted.What a deal.
We should organize a convention for all thinkpad cowards to get their bios corebooted.
>what about t530?I'm not an oracle on this, what do the docs say?
How to square the Chromebook shilling ITT with the following
https://libreboot.org/docs/hardware/#desktops-amd-intel-x86>Removed boards>These boards were in Libreboot, but have been removed with the intention of re-adding them at a later date. They were removed due to issues. List:>·[Bunch of Chromebook boards]>NOTES about removed boards:>WARNING: veyron speedy boards (e.g. C201) have non-functional video init as of 19 February 2023, and no fix is yet available on that date. See: https://notabug.org/libreboot/lbmk/issues/136 - the last tested revision from 2021.01 is known to work, for u-boot on this board. See:https://wiki.postmarketos.org/wiki/ASUS_Chromebook_C201_(google-veyron-speedy) (alpernebbi on IRC is looking into this, to bisect uboot and update the latest revisions) - for now, ROM images deleted from the Libreboot 20221214 and 20230319 releases.
>WARNING: daisy- and peach- boards require a BL1 bootloader blob, but the one from coreboot 3rdparty is a fake/placeholder blob. We need logic in the Libreboot build system for properly fetching/extracting these, plus docs to cover it. For now, assume that these are broken - ROM images are excluded, for now, and have been deleted from the Libreboot 20221214 and 20230319 releases. - see: https://review.coreboot.org/plugins/gitiles/blobs/+/4c0dcf96ae73ba31bf9aa689768a5ecd47bac19e and https://review.coreboot.org/plugins/gitiles/blobs/+/b36cc7e08f7337f76997b25ee7344ab8824e268d>d945gclf: Doesn’t boot at all, according to last report. D510MO is still in lbmk but still was reported problematic; other boards should be fine (see list above).>>21486I shilled and laid out why ITT
What's the TLDR on this?
>>21486>Is a corebooted Chromebook less free? How so, if its running a custom BIOS?Yes it is less free because Coreboot includes binary blobs (non free parts) while Libreboot does not. Libreboot also completely removes the Intel ME while coreboot only "cleans" or disables the ME via a program called me_cleaner. me_cleaner leaves parts of the IME code on the chip and the IME actually starts alongside the bootup on Corebooted machines but in theory it has all functionality removed.
from desuarchive
>>22295Well no, if someone has physical access to your machine always assume the worst. Encrypting like
>>22332 says will only keep your data safe but they can still flash whatever they want on the machine.
Afaik once you go coreboot you can also flash internally which means anyone with a modified USB flash could easily change it too.
Unique IPs: 13