Oksana has quit [Read error: Connection reset by peer]
<unkn0wn77>
DocScrutinizer05: cool! sounds good, I'll compile my own kernel...
<unkn0wn77>
DocScrutinizer05: I was meaning to BlackBerry PRIV phone being hyped for secure because of their use of grsecurity; They had a serious blog post on all the hardenings of grsec kernel, but reviewing their kernel build configs shows a totally different story - no KASLR, no mmap randomizations, a lot of different disablations. I've followed a comment on twitter regarding this and came up to this project, which had been claimed to be c
<unkn0wn77>
DocScrutinizer05: (cont'd) there is no android kernel nowadays with KASLR or any hardenings what so ever. This is absurd. Android is 8 years behind normal desktop linux. Although BlackBerry overhyped this (with saying that it supports hardend ASLR, MMAP randomizations, etc - there's a post from BlackBerry engineer on reddit), the kernel build config shows that almost most of them... are disabled during compile time. BlackBerry once
<unkn0wn77>
DocScrutinizer05: in marketing security. Just marketing, because who cares about the real deal as long as it keeps the bucks coming, huh? ;)\
<unkn0wn77>
I'll be in 32C3 this year. If anyone from the current project is going to be there, I'd be happy to have a chat.
<jonwil>
Why wouldn't android vendors turn all this stuff on if it has security benefits?
<jonwil>
Or do these features have negatives (e.g. lower performance) if you turn these on?
Pali has joined #neo900
tomeff has quit [Quit: tomeff]
cybiko123 has quit [Ping timeout: 240 seconds]
AndrewX192 has quit [Ping timeout: 252 seconds]
AndrewX192 has joined #neo900
tomeff has joined #neo900
<enyc>
jonwil: not 100% sure but I suspect no incentives and massive rush to do everything ...
<jonwil>
yeah probably
<jonwil>
The need to do extra QA if you turn it on also doesn't help
<enyc>
seems like a crazy industry of ''sell everybody a new phone each christmas'' etc.
<jonwil>
New phones comming out so frequently isn't a recent phenomonon
<jonwil>
Many years ago when I briefly worked for Motorola (back when the original RAZR V3 was considered state-of-the-art) new phones kept comming out all the time
SylvieLorxu has joined #neo900
sparetire_ has joined #neo900
<Kero>
selling phones is not about security, but, gosh, about making money. Every phone a little bit more secure than the previous one makes the most money.
<Kero>
making things secure is non-trivial, otherwise the IT industry as a whole would be more secure than it is now.
<enyc>
'secure' is another interesting concept unto itself ;p
<bencoh>
:)
jonwil has quit [Quit: ChatZilla 0.9.92 [SeaMonkey 2.38/20150923195647]]
jonwil has joined #neo900
freemangordon has quit [Ping timeout: 272 seconds]
freemangordon has joined #neo900
nicksydney_ has joined #neo900
nicksydney has quit [Ping timeout: 244 seconds]
Oksana has joined #neo900
Oksana has quit [Remote host closed the connection]
pozitron has joined #neo900
<enyc>
DocScrutinizer05: wondering who erlse is working on neo900 in the meantime =) they may not be very in-this-IRC-channel people =)
thum has joined #neo900
<thum>
are you planning on getting an FSF RYF certification for the neo900?
<jonwil>
I dont know that its even possible to get "respects your freedom" for anything with a cellular radio in it
<thum>
that was my thought, perhaps the neo900 guys already contacted FSF about it
<wpwrak>
last time i checked, RYF went into a very different direction than what we're doing. i think they made some adjustments that broaden its scope, but still too far from anything that would be compatible
unkn0wn77 has quit [Ping timeout: 246 seconds]
<wpwrak>
jonwil: the main problem are firmware updates. FSF are concerned about allowing loopholes that can bypass the GPL. that makes perfect sense for FSF, of course.
<wpwrak>
the problem is that a lot of hardware has firmware that is closed and needs to be upgradeable. on top of this, you often have signing with the rejection of updates that don't come from the vendor, e.g., for regulatory compliance.
<wpwrak>
signing per se is of course a good idea, even for an open product. but that combination clashes with the GPL.
<wpwrak>
the FSF would be happy with closed firmware that can't be upgraded. because that would make this firmware work as if it was just a piece of hardware, and not software (which is what FSF is concerned about after all).
<wpwrak>
however, many products, including components/modules, are designed and marketed under the assumption that updates in the field are possible, e.g., to plug security holes, to fix major incompatibilities, or, if they're nice, to add or enhance functionality
<wpwrak>
major incompatibilities could be, say, WLAN crashing when in the presence of some unexpectedly formed beacons, or the chip tuning into a channel adjacent to the one it should use. these are examples i've seen in real life. (in openmoko freerunner/gta02)
<wpwrak>
so in order to be compatible to FSF's wishes, one would have to cripple such a system to the point where it may become unusable, due to being unable to receive vital updates.
<wpwrak>
also, it may not be all that easy to actually prevent updates. i.e., there may not be a "write protect" pin. instead, this may be at the level of messages sent with some protocol running over USB or such. you'd need quite a bit of hardware to filter those.
<wpwrak>
of course, this doens't mean that it would be impossible to build hardware the FSF may like. but it would be different types of devices, and probably a lot simpler.
Zero_Chaos has quit [Remote host closed the connection]
<thum>
the FSF didn't adjust to broaden the RYF certification
SylvieLorxu has quit [Remote host closed the connection]
<thum>
in fact, it'll get harder over time to become certificated
SylvieLorxu has joined #neo900
<Kero>
is RYF a single boolean "Respects all your freedoms we deem important", or is it a list of freedoms that are marked respected or not, so I can compare it with a list *I* find important?
rjeffries has joined #neo900
Kabouik_ has joined #neo900
<thum>
it basically is about the four freedoms, you can always decide whether these are important for yourself
jonwil has quit [Quit: ChatZilla 0.9.92 [SeaMonkey 2.39/20151103191810]]
<DocScrutinizer05>
enyc: wpwrakdoesn't seem to be too "not be very in-this-IRC-channel"
<DocScrutinizer05>
and besides him and me there's only Nikolaus. You know we are a very small team
Guest91590 has quit [Ping timeout: 255 seconds]
<DocScrutinizer05>
we need to hire a webdesigner. If someone is listening, please contact me
pozitron has quit [Ping timeout: 264 seconds]
pigeons has joined #neo900
pigeons is now known as Guest51134
<DocScrutinizer05>
dos1, our original communications officer, is actually not very active on IRC or on the project anymore
<DocScrutinizer05>
which is a pity since without him, the project isn't the same it was, and we wouldn't be where we are today when he hadn't pushed us this far with his awesome support
<enyc>
DocScrutinizer05: i haven't acutally really been cogniscent of the team-strecture...
<DocScrutinizer05>
enyc: however you're right Nikolaus is a very non-IRC person
rjeffries has quit [Ping timeout: 244 seconds]
Zero_Chaos has joined #neo900
<bencoh>
maybe he wouldnt be able to do that many things if he was
tomeff has quit [Ping timeout: 250 seconds]
jonsger has joined #neo900
<DocScrutinizer05>
((hire) well, actually we need a web-design savvy communications officer, not just a web designer
<DocScrutinizer05>
bencoh: yes, that's exactly his rationale
<bencoh>
he's prolly right
<DocScrutinizer05>
sure, everybody has his very own methods and working procedures
cybiko123 has joined #neo900
cybiko123 has quit [Changing host]
cybiko123 has joined #neo900
arossdotme has quit [Quit: Ex-Chat]
rjeffries has joined #neo900
arossdotme has joined #neo900
itbaron has joined #neo900
Kabouik_ has quit [Read error: Connection reset by peer]
tomeff has joined #neo900
<wpwrak>
thum: (not broaden) ah, i thought i heard they had made some changes. but maybe i'm mistaken.
<DocScrutinizer05>
wpwrak: unclear. I also thought they did but maybe I also been mistaken
<DocScrutinizer05>
anyway they still don't really fix their basic problem which is lack of definition of their domain borders
<DocScrutinizer05>
maybe they *imply* that everything that is living in one case is cosntituting the system they want to evaluate. But that's really nowwhere written down
<wpwrak>
DocScrutinizer05: i think it's simply not meant to be practical. the issue for FSF may be purely legal: RYF defines a framework within which the GPL can apply everywhere in the whole system. that framework is not completely unrealistic, but the vast majority of devices could never comply with it.
<wpwrak>
now, with this framework, the FSF (and other GPL users) may be able to fight better against shady uses of GPL-protected material.
<DocScrutinizer05>
yes. However I feel it's sort of dishonest to offer certs then
<wpwrak>
e.g., they can prove that 1) it's possible to make a compliant device, and 2) they can point to the rules to say why the offender's device doesn't comply.
<DocScrutinizer05>
yes
<wpwrak>
well, after working so hard on it, they may as well use it as far as possible :)
<DocScrutinizer05>
nevertheless I think it's a crusade
<DocScrutinizer05>
not really targeted at providing a real added value to users
<wpwrak>
and if a device _can_ actually pass that exam, that's certainly a feather in the cap of FSF. and also strengthens the above legal use.
<DocScrutinizer05>
sure
<wpwrak>
RYF is only a problem if you think it might apply somewhere well beyond its practical scope :)
<DocScrutinizer05>
maybe it's enough to say RMS sent me an inquiry to help him or FSF with evaluating RYF properties of hw platforms
<DocScrutinizer05>
alas I really have no time for that stuff
<DocScrutinizer05>
and I dunno if I would be willing to do such job
<wpwrak>
i mean, if we were making arduinos (without any radio), and those critters happen to be RYF incompatible, we may very well try to fix that, because it should be quite possible.
<DocScrutinizer05>
yep
<wpwrak>
so, not hoping for a future career as legislator ? ;-)
<DocScrutinizer05>
it's even possible (though hard) to make a laptop that *seems to be* RYF compliant
<wpwrak>
we could connect modem, wlan, and BT via USB. phone would get a little fatter and kinda inconvenient to use, but hey, if that's what it takes ;-)
<DocScrutinizer05>
I'm pretty sure that RYF laptop they got still has half a dozen or more hidden firmwares in chips where FSF never thought about. And those firmwares may or may not be 'update-able' since you can't prove the manufacturer did NOT implement a non-disclosed method for update
<thum>
we should be working towards that at some point, to create a computing device that is free from the beginning, w/o any reverse engineering
dal has joined #neo900
<amatus>
the novena isn't?
<thum>
nah
<wpwrak>
thum: one of the problems you'd have to solve in the case of a smartphone is to build a reasonably large telephone network that works in an unregulated band.
<DocScrutinizer05>
novena was the name? might be right
<wpwrak>
thum: and then you'd need to build a 100% Free wlan solution. and fend off attempts by FCC and EU to make it harder for users to tweak their WiFi.
<DocScrutinizer05>
wpwrak: we don't even need to start this discussion
<MonkeyofDoom>
you can't really prove a negative anyway
<thum>
wpwrak: I guess I'll be very hard for a cell, I was just referring to normal computing
<DocScrutinizer05>
MonkeyofDoom: that's the point
<thum>
personally, I'd love a device like a smartphone, without a phone (but with wifi and a pager)
<thum>
but that's just me
<MonkeyofDoom>
it only makes sense for a *productive* definition of freedom to talk about things a user *can* do
* amatus
would love to do away with the cell network and replace it with an anonymous meshnet
<MonkeyofDoom>
sadly it's a lot harder to get an organization (e.g. EFF) to think coherently than it is any one individual
<MonkeyofDoom>
s/EFF/FSF/
<DocScrutinizer05>
FSF with their "not update-able, since then it's `hardware´ which we don't care about" policy shot their own foot. With a 33cm caliber
<wpwrak>
thum: maybe you could pull is off if you could convince the government of some large city to build a free and Free local telephony network, based on, say, wifi. first step: find one that's receptive to such "communist" ideas :)
<MonkeyofDoom>
first step is probably to prove that it's cheaper than a centralized network on some timescale, which isn't even obviously true
<DocScrutinizer05>
Cinterion for example simply deletes the chapter about firmware update from their technical reference manual und user manual, and declares "NOW WE'RE RYF COMPLIANT"
<MonkeyofDoom>
politically speaking I'd like decentralized comm to be cheaper, but I don't know if that's actually how the economics work
<MonkeyofDoom>
especially when towers/backbone wires are already present most places
<thum>
wpwrak: a communist idea like free buses, like in some city in the Netherlands?
<DocScrutinizer05>
wpwrak: there are several cities that allegedly have free city WiFi. Coverage and QOS are always abysmal
<DocScrutinizer05>
remember TPE?? didn't you try to use their free wifi?
<DocScrutinizer05>
it was a laugh
<DocScrutinizer05>
even when coverage was OK, those free wifi tend to be constantly abused by script kiddies and raid by all sorts of interference by incorrectly configured or broken devices
<DocScrutinizer05>
((cinterion for example...)) which gives me ideas ;-D Maybe *we* could do that, and provide RYF compliant manuals for the modem module with our device - after asking Cinterion for permission
<wpwrak>
thum: dunno what those dutch commies are up to ;-)
vakkov has quit [Ping timeout: 252 seconds]
<DocScrutinizer05>
but then otoh a loud bold "MEEHH!!" - we don't care about RYF
<DocScrutinizer05>
we do better than that stuff
<DocScrutinizer05>
I won't go silly and rogue just to please the FSF
<wpwrak>
DocScrutinizer05: we have free wifi in buenos aires. alas, only with spotty coverage. haven't found a situation yet where i could use it. but then i rarely feel the need to go online while outdoors.
<DocScrutinizer05>
I will try to act in very best interest of our customers, not in the interest of some silly FSF crusade
<bencoh>
ohmy, not again :)
<DocScrutinizer05>
hrhrhr, I'm already finished with that topic
<bencoh>
;)
<DocScrutinizer05>
dunno who brought it up
<wpwrak>
MonkeyofDoom: you're approaching this in the wrong way. the question you should ask yourself is "will it further the career and personal fortune of politicians that support your project ?" then work on coming with a plausible explanation why the answer should be positive :)
<DocScrutinizer05>
apropos: what's the final outcome of .ar elections now?
<wpwrak>
run-off elections in two weeks, nov 22
<DocScrutinizer05>
mhm
<DocScrutinizer05>
good chances the result will be sort of OK?
francis7 has joined #neo900
<francis7>
hey
<francis7>
just expressing disdain, based on reports from trusted friends
<francis7>
:)
<DocScrutinizer05>
heyQ! :-)
francis7 has left #neo900 ["probably by accident"]
<thum>
disdain, yes sir.
<DocScrutinizer05>
what a moron been that?
<DocScrutinizer05>
driveby ranter. Usually only seen from silly robot scripts
<DocScrutinizer05>
[Whois] francis7 is ~fchmmr@fsf/member/fchmmr (Rmmhcf Chmmfr Mmchrf)
<DocScrutinizer05>
mmmphhh
<DocScrutinizer05>
this guy and his cloak did a hell of a job regarding my respect for FSF
vakkov has joined #neo900
<JamesJRH>
17:09:36 <+DocScrutinizer05> but then otoh a loud bold "MEEHH!!" - we don't care about RYF ← Say what? How can we get behind you then?
<DocScrutinizer05>
sorry, we don't want somebody getting behind us who tries to eforce limitations on our hardware that are obviously against the interest of users
nicksydney has joined #neo900
<JamesJRH>
Users?
<JamesJRH>
Hello?
<DocScrutinizer05>
users of our hardware
* JamesJRH
waves.
<JamesJRH>
I'd be a user if you had RYF.
<wpwrak>
oopsie, only noticed now that i accidently switched channels ;) DocScrutinizer05, yes things look promising for the elections: there's lots of infighting in the still ruling party and they're clearly panicking
<DocScrutinizer05>
well, maybe you want to apply at FSF RYF cert with a modfied manual for the modem module then?
nicksydney_ has quit [Ping timeout: 272 seconds]
<JamesJRH>
As would many others who've hopeful that Neo900 does something right.
francis7 has joined #neo900
<DocScrutinizer05>
if all that's needed is FSF seeing there's "obviously no way to update the firmware" then you're welcome and I'm happily providing the manual that doesn't give any hint on how to update firmware
<DocScrutinizer05>
the point is we do it "righter" than FSF allows
<DocScrutinizer05>
we offer *more* freedom to our users than FSF is willing to accept
<DocScrutinizer05>
we offer the freedom to use closed blobs
<DocScrutinizer05>
if user wants to
<JamesJRH>
Oh yeah, the freedom paradox.
<JamesJRH>
Play that card.
<DocScrutinizer05>
and yes, we would even be willing to host those closed blobs for download if we were allowed to by the owners of such blobs. and we will tell our users about that option
<JamesJRH>
Freedom to remove one's freedom.
<JamesJRH>
I don't regard that as a selling-point.
<DocScrutinizer05>
not our problem. vast majority of our users want update option even when the update file contains non-FOSS data
<DocScrutinizer05>
they do NOT think it's a benefit to add additional hardware to block any such firmware update option
<JamesJRH>
Well, it seems pretty clear that you don't want to engage with the FSF. So what bothers me is the way you promote yourself.
<JamesJRH>
The claims that you make are really dodgey if you are opposing the FSF.
<DocScrutinizer05>
aha
<DocScrutinizer05>
FSF is not any authority in my wold
<JamesJRH>
You claim to be open and all that, but really?
<wpwrak>
how about peaceful coexistence, each minding their own business ? :)
<DocScrutinizer05>
yes, as explained above wqe are more open than FSF allows
<thum>
I think they're not opposing the FSF, even though it seems that way, they just don't care because it's more convenient for their users (as they claim here)
<thum>
which is allright
<thum>
but this is not for me than
<thum>
alas!
<thum>
then
<DocScrutinizer05>
I will NOT add a MCU to block the frimware update command on the USB link to modem
<thum>
< thum> which is allright
<thum>
in terms of doing business that is
<JamesJRH>
thum: When I first found out about them I was under the impression that they were Open Hardware. I think their site actually claimed this. Yet they are not. It's really dodgey ground.
<thum>
JamesJRH: I've read they're an open source project and that the cell can be *really* switched off
<JamesJRH>
I felt betrayed when I found out that it is not the case.
<thum>
which is further than other devices go so far
<JamesJRH>
thum: I see.
<thum>
but I also found out that it is not free enough for me
<francis7>
JamesJRH, forget about these clowns
<thum>
I think this is not clear enough on the website, as you do JamesJRH
<JamesJRH>
Mmmmmhhh.
<DocScrutinizer05>
JamesJRH: suggest improvements instead of ranting!
<francis7>
JamesJRH, your skills are best invested elsewhere, as opposed to this useless project.
<JamesJRH>
francis7: Don't be closed!
<francis7>
You wan't change these people's minds.
<francis7>
JamesJRH, I'm not closed, but I've seen all this before.
* DocScrutinizer05
too
<francis7>
JamesJRH, copy what I do after this line of text:
francis7 has left #neo900 ["probably by accident"]
<JamesJRH>
thum: So like to me, it feels like Neo900 comes closer than most phones to RYF. Do you know whether the FSF is trying to address the mobile phone issue?
<DocScrutinizer05>
JamesJRH: I had a email conversation with Mr stallman about it
vakkov has quit [Ping timeout: 264 seconds]
<JamesJRH>
“the cell can be *really* switched off” ← That's definitely a good bit.
<thum>
JamesJRH: there will never be a RYF cell phone
<JamesJRH>
thum: Then that's a problem.
<JamesJRH>
thum: If that's the case then the FSF must change.
<thum>
JamesJRH: I believe we're talking in the wrong channel
<DocScrutinizer05>
yes, and we can't address that, so we 'don't mind' RYF
<DocScrutinizer05>
we try to be as RYF as possible, *without* implementibng artificial limitations
<DocScrutinizer05>
we could get full RYF when we would add a 2 or 3 additional MCUs to *block* features that exist and are appreciated by most of our customers
<DocScrutinizer05>
only to allow FSF to "consider this chip as blackbox and hardwere then"
<DocScrutinizer05>
we won't do this
<thum>
to which MCUs are you referring to?
<DocScrutinizer05>
to a MCU that blocks the firmware update AT command on the USB link to modem module for example
<DocScrutinizer05>
and even that would be a mess since we also would need to block firmware update for that MCU since otherwise users *still* could disable it and then upgrade the modem firmware
<bencoh>
note that it wouldnt prevent your service provider or whoever has access to upgrade your modem firmware behind your back, but FSF would still be happy
<DocScrutinizer05>
it's schizoid
<DocScrutinizer05>
no, absolutely wouldn't help *anything* except allow FSF to "consider it as hardware which we don't care about"
<thum>
let's assume you are successful with the neo900 (if you aren't already (I don't know)), are there other devices planned later?
<DocScrutinizer05>
but invariably we'll face the situation that there doesn't ever exist a FOSS modem firmware, it can't exist since it wouldn't ever get cert by FCC et al
<DocScrutinizer05>
and afaik the calypso of Openmoko GTA01/02 was the last modem chipset that actually had no (activated) signature-check for firmware update
<DocScrutinizer05>
funny sidenote: since back when the flasher tool for calypso was not publicly available, RMS considered the GTA02 as compliant with FSF iirc. Later on we managed to provide that tool to our customers which effectively would void that FSF-compliance
vakkov has joined #neo900
<DocScrutinizer05>
since suddently the modem isn't a 'blackbox' anymore
<thum>
JamesJRH: sorry, I wasn't clear enough. I ment a device w/o a modem, w/o GSM etc.
<thum>
meant
<thum>
tha last 2 sentences @DocScrutinizer05:
<DocScrutinizer05>
no, we don't plan to compete against the flood of cheap tablets in the market
<DocScrutinizer05>
you can disable our modem aka GSM, our WLAN, our GPS, our BT, and you are even free to not use the PVR. But we won't build a device that doesn't even have those subsystems just because they are considered "non free" by some people. after all that wouldn't make the device cheaper
<DocScrutinizer05>
that's the basic difference between our take of "freedom" and FSF's definition: we don't care how much disabled cruft is in the system, we only care about what users can do, not about what they must not be able to do
<DocScrutinizer05>
as long as the user does it deliberately it's ok with us, even when it involves non-free stuff
<DocScrutinizer05>
while FSF tries to bully out non-free drivers and would like best if kernel would refuse to load them
<DocScrutinizer05>
not my idea of freedom
<Arch-TK>
TBH, the kernel taint mechanic already means many kernel developers will outright refuse to help you if you have issues and have a tainted kernel.
<DocScrutinizer05>
I understand and appreciate that FSF is on a political crusade against chip manufacturers not providing free drivers and docs. However I can't support this when building a phone
<Arch-TK>
I understand you, but I would consider that fact just the sad truth, I wouldn't call it a necessary evil. But at the same time, I feel that the concept that such a word might exist is quite unlikely.
<thum>
thanks for the infos!
<Arch-TK>
world*
<Arch-TK>
a world where all chip manufacturers free their chips.
<Arch-TK>
So I really don't mind supporting a project which tries to get as close as possible while staying functional.
<DocScrutinizer05>
FSF fights for that and I appreciate that very much. But participating in that fight would mean our project can't get done
* thum
believes that even when having fundamental differences, people can still be friendly, that is more productive =)
<DocScrutinizer05>
Arch-TK: get as close as possible is exactly what we do
<Arch-TK>
And that's awesome :P
<DocScrutinizer05>
without taking really counterproductive measures like adding complexity and cost to *block* features that are not mandatory to get used anyway
<DocScrutinizer05>
btw the FSF approved laptop probably as well has an update-able firmware in whatever storage device they are using, and I massively doubt that firmware is FOSS
<DocScrutinizer05>
unless those guys build their own HDD
<Arch-TK>
the X200 and T400
<Arch-TK>
or do you mean the thing RMS uses?
<DocScrutinizer05>
I dunno, this topic never been of high relevance to me
<Arch-TK>
I can't remember the guidelines for RYF
<DocScrutinizer05>
they are easy to find on the FSF site
<Arch-TK>
Maybe the thing RMS uses just uses an eMMC for storage, although I'm not sure if that has any firmware.
<Arch-TK>
I'm only an electronics hobbyist.
<DocScrutinizer05>
I also can't remember them since it's quite a while since I last read them
<DocScrutinizer05>
well, an eMMC obviously also has a controller with firmware. Up to everybody's guess if or if not it can get firmware update
<bencoh>
hmm, afaict the only "tainting" driver would be the pvr/sgx
<DocScrutinizer05>
build your RYC-approved PC with it, and next week the manufacturer releases a manual that describes how to update the firmware to fix a bug. What will you do? PC -> landfill?
<amatus>
i like the clause about if a free firmware becomes available the product has to use it in place of the proprietary one to keep RYF certification
<Arch-TK>
any OOT drivers and non GPL drivers taint.
<Arch-TK>
nvidia drivers for example.
<bencoh>
ah, that kind of tainting, nevermind :)
<amatus>
you could write a free firmware that doesn't have all the features of the original that users would never want, and then the product is fucked
<Arch-TK>
well, OOT modules and non GPL modules.
<bencoh>
I think most of what neo900 needs should be (or eventually end up) in mainline
<bencoh>
(again, apart from pvr)
<Arch-TK>
DocScrutinizer05: You should see if you can maybe sneak the N900 through RYF, I wonder what they would say.
<DocScrutinizer05>
bencoh: I think it already is there
<DocScrutinizer05>
Arch-TK: funny idea, indeed
<Arch-TK>
DocScrutinizer05: you never know, they might see your point.
<Arch-TK>
Although...
<bencoh>
DocScrutinizer05: they broke/removed support for a few componentes borrowed from n900, but apart from that, yes, I think so as well
<Arch-TK>
There are some people in #fsf who think that if you have non-free anything within 100m of you you are tainted.
<DocScrutinizer05>
we guarantee that the *core* system is *able* to work in a RYF compliant mode. Since we don't even ship software, FSF is basically not the correct address for us anyway
<DocScrutinizer05>
even the RYF cert mainly focuses on software, not on hardware
<Arch-TK>
I would love to have something to emulate the conditions of the neo900
<DocScrutinizer05>
get a N900 or a beagleboard
<Arch-TK>
hmm
<DocScrutinizer05>
attach a USB UMTS dongle
<Arch-TK>
I have a N900
<DocScrutinizer05>
here you are
<Arch-TK>
Alright.
<Arch-TK>
I'll ask the question I always ask: how hard is it to brick the N900?
<DocScrutinizer05>
impossible
<Arch-TK>
oh, perfect.
<Arch-TK>
How easy is it to burn the eMMC through disconnecting power?
<DocScrutinizer05>
you should create a backup of CAL aka config NAND partition though
<Arch-TK>
I managed to do that somehow to an android phone.
cybiko123 has quit [Ping timeout: 246 seconds]
<Arch-TK>
I took the battery out one too many times and the eMMC seemingly died.
<Arch-TK>
I've always been quite cautious around eMMCs since.
<DocScrutinizer05>
(burn eMMC) hmm, shouldn't happen. However try to avoid extremely fast and unsolicited power breaks
<Arch-TK>
How exactly does an eMMC die from power loss?
<Arch-TK>
I never understood that.
<DocScrutinizer05>
difficult to tell. Maybe some race condition in the controller firmware that should get fixed by a firmware update ;-)
<DocScrutinizer05>
a clean decent eMMC controller must not corrupt the the flash storage and metadata on it in a way so it can't recover
<DocScrutinizer05>
usually it is "complete writing new data first, only when that's finished erase or purge obsolete old data"
<DocScrutinizer05>
a partial erase might cause problems
<DocScrutinizer05>
though a decent controller would identify partially erased data from a non-matching checksum or similar means
<DocScrutinizer05>
maybe wen you partially erase but by chance manage to create a 'correct' checksum for that corrupted block
<DocScrutinizer05>
*and* the corrupted block of metadata then would cause the controller to completely bail out
<DocScrutinizer05>
even hw defects are imaginable when the flash-erase (high voltage cleaning out of static electric charge on cells - thus the name "flash") is extended for too long time, due to clock getting stopped by undervoltage or whatever while the VPP voltage still applied
<Arch-TK>
so like a micro which is controlling two shift registers to control a block of LEDs using high current to increase the brightness of the LEDs.
<Arch-TK>
If the micro looses a bit of power, it might lock up with the high current on a specific row of LEDs
<Arch-TK>
and the LEDs might get burned out
<Arch-TK>
I see
<amatus>
"Could you possibly design the machine with a wire which, if cut, prevents flashing the modem software?"
<amatus>
DocScrutinizer05: the answer is yes, it's called "VCC"
<Arch-TK>
heh
<DocScrutinizer05>
hehehehe rrrright
<amatus>
problem solved, you can all go back to doing productive work
<DocScrutinizer05>
;-D
jake42 has quit [Ping timeout: 246 seconds]
<Arch-TK>
mmmm, cider.
<Arch-TK>
Don't know why anyone drinks beer when there's cider.
Mentalysion has joined #neo900
<amatus>
Arch-TK: what's your favorite cider?
<Arch-TK>
amatus: To be quite frank, I don't go looking for cider to drink, I've had some really good strong cider at a pub near work once, (we go every year near christmas time). But mostly when I go to the pub with friends I end up drinking strongbow.
jake42 has joined #neo900
<amatus>
good choice
<Arch-TK>
Bulmers was good too, but these are just the "big" brands.
cybiko123 has joined #neo900
cybiko123 is now known as Guest8396
Guest8396 has quit [Client Quit]
<edwin>
(corrupt flash storage on power loss) there are some scenarios explained in this paper, although for SSDs, not sure how much applies to eMMC: http://www.sandisk.com/Assets/docs/Unexpected_Power_Loss_Protection_Final.pdf . So basically device metadata tables, and if using MLC (can eMMC be MLC?) then updating upper page may corrupt lower page, unless you use non-MLC flash for journaling ...
<edwin>
buggy firmware might be another reason, had an OCZ SSD permanently lock itself due to a firmware bug related to hibernation. (hence not buying OCZ anymore)
<Arch-TK>
edwin: did you get a refund?
<enyc>
edwin: how do I know what i've got with one Intel SSD and one Sandisk SSD ? ;-)
<enyc>
edwin: i was going to setup as raid1 and ext4 across them. to protect against cliff edge failure with any luck
Mentalysion has quit [Remote host closed the connection]
thum has left #neo900 [#neo900]
<DocScrutinizer05>
>>><JamesJRH> thum: When I first found out about them I was under the impression that they were Open Hardware. I think their site actually claimed this. Yet they are not. It's really dodgey ground.<<< I really hate it when fools rush in and claim they know about mistakes they spotted in the project, yet they completely fail to a) prove their point, which is understandable since b) they got no clue really
<edwin>
Arch-TK: got the drive replaced in warranty but of course all data on it was lost, they say that the only way to fix it is to reflash the firmware which wipes the builtin aes key (I had backups though)
<Arch-TK>
edwin: I always wondered how this hardware encryption stuff worked.
<Arch-TK>
You have to set it up in bios right?
<edwin>
there's a key in the firmware apparently, but all that it seems to be good for is that if the drive fails it wipes the key
<Arch-TK>
Right...
<edwin>
I haven't set up any encryption
<Arch-TK>
So someone can just... plug the hard drive in somewhere else?
<edwin>
without a password yeah
<Arch-TK>
Apparently if I put a password on this SSD through bios, it will somehow be encrypted, but that seems a bit dodgy to me.
<edwin>
if you set a password and the drive supports TCG OPAL then no
<Arch-TK>
I imagine it will wipe the data.
<edwin>
cause then the drive's aes key and your password is somehow related, althoug I'd rather trust open source full disk encruption than that stuff
<Arch-TK>
Yeah...
<DocScrutinizer05>
SD cards do even more weird stuff
<Arch-TK>
On an entirely unrelated topic, I've always been quite annoyed when people seem to think that tempered glass not being scratched by metal is something amazing.
<Arch-TK>
Metal is softer than glass, it won't scratch glass.
<DocScrutinizer05>
edwin: (eMMC) not decided yet, we gonna use the latest cheapest fastest fattest chip we can get
<Arch-TK>
</rant>
<DocScrutinizer05>
Arch-TK: yep
<edwin>
well presumable the phone will know when its battery its about to die and can tell the eMMC to shut down "cleanly", right?
<DocScrutinizer05>
edwin: of course
<enyc>
DocScrutinizer05: more to the point if they wanted 'security' might it be better implemented in layer outside the SDcard ??
<edwin>
so you can corrupt the eMMC only if you pull the batteries out yourself without shutting down first
<DocScrutinizer05>
even when removing battery brute force, the buffer capacitors should suffice for a MMC emergency shutdown that must not damage the flash storage or data
<Arch-TK>
So I imagine I was unlucky.
<DocScrutinizer05>
yes, very unlucky
<Arch-TK>
Or it was a cheap eMMC and design by our friends at samsung.
<DocScrutinizer05>
or poor hw design
<enyc>
oooh the superbrick fun?
<enyc>
Arch-TK: i recall all the fun with 'safe' kernels for n7000 and all that
<Arch-TK>
I don't know what you are talking about, I've only ever heard about the N900 when I heard about this project a year or so ago.
<Arch-TK>
So I missed all this Nokia stuff.
<enyc>
Arch-TK: samsung had bad eMMC in some of their phones e.g. galaxy note (n7000)
<Arch-TK>
oh
<enyc>
Arch-TK: which could be 'superbricked' by eMMC commands
<Arch-TK>
nothing to do with the n series phones then
<enyc>
Arch-TK: had to come up with ''safe'' kernels to use that wouldn't 'superbrick' the flash ;p
<DocScrutinizer05>
enyc: ((layer outside)) I think there are some features in SD that protect it in a way that a layer outside can't accomplish
<enyc>
DocScrutinizer05: ...but it relies on the SD card doing it right and many probably not proven well in that regard?
<DocScrutinizer05>
hmm, dunno tbh
itbaron has joined #neo900
<Arch-TK>
enyc: Interesting.,
<edwin>
enyc: I think intel ssds should be fine too, check if yours has 'enhanced power loss protection'
<DocScrutinizer05>
enyc: for example >>The host device can command the SD card to become read-only (to reject subsequent commands to write information to it). There are both reversible and irreversible host commands that achieve this.<<
<Arch-TK>
Samsung 850 EVO?
<Arch-TK>
DocScrutinizer05: Can't you do the same to SSDs too?
<Arch-TK>
Issue a command to render it read only forever / temporarily.
<DocScrutinizer05>
Arch-TK: I don't know. Anyway that wasn't the question
<Arch-TK>
I wonder why hdparm lists --fwdownload as "EXTREMELY DANGEROUS"
<DocScrutinizer05>
haha
<edwin>
its a download from the drive's perspective apparently
<enyc>
Arch-TK: =) could be fun swapping HDA assy over controllers to read such drives (non-SSD< that is...)
<edwin>
'The contents of this file will be sent to the drive using the (S)ATA DOWNLOAD MICROCODE command' it will actually flash a new firmware on your drive, no?
<DocScrutinizer05>
yes, of course
<Arch-TK>
oh, I read it as "Download firmware to file"
<Arch-TK>
I don't know, I need to sleep.
<DocScrutinizer05>
oooh
<Arch-TK>
It says "Download firmware file to drive"
<edwin>
probably why they call it dangerous, cause thats what I would've expected too (read firmware FROM drive)
<Arch-TK>
I can see how that can be dangerous.
<edwin>
they could've called it flashfw or something
<edwin>
not everyone knows SATA commands :)
<enyc>
I wonder how many firmwares there are on drives... are they mecoming *more* update-able these days?
<enyc>
SSDs certainly have more updatable, expecting issues ....
<DocScrutinizer05>
hmm, I nopt even considered that. I guess there is no way to read firmware from drive to file or whatever destination
<enyc>
many HDDs don't (seem) to publish updates, (seems) to be expected mature code product.
<DocScrutinizer05>
the terms "down" and "up" are very ambiguous and fuzzy in contect of data links
<DocScrutinizer05>
my take: you look at the whole infra as a hierarchy tree
<DocScrutinizer05>
with more basic smaller subsystems on the bottom and distributed large systems on top
<DocScrutinizer05>
in this model the host processor is higher than the storage card
<DocScrutinizer05>
so download is host->card, upload is card->host
<DocScrutinizer05>
however master-slave relations are another equally valid concept
<DocScrutinizer05>
or host-client relations
<DocScrutinizer05>
it's a mess
<DocScrutinizer05>
I couldn't tell if you do upload or download TO a SAN storage
<edwin>
'read from'/'write to' would've been less ambigous
<DocScrutinizer05>
yes
<enyc>
DocScrutinizer05: yes, like TX RX wires on TTL serials ;p
<bencoh>
:]
<edwin>
there's plenty of ambiguity in software too, like boolean values with 0,1,2; where 0 and 1 don't always do what you expect (e.g. curl CURLOPT_SSL_VERIFYHOST, or linux kernel vm.overcommit_memory)
<DocScrutinizer05>
hehe yes, that's extremely annoying when they label the output RX since they want to tell you "needs connection to the host's RX line"
<enyc>
DocScrutinizer05: would you consider writing a website update/blog post briefly mentining your necessary break, and who in the project may be worknig on what in the meantime (and mentionning such things as webdeveloper etc. that would help project come together espectually on your return) /or similar/ ??
<DocScrutinizer05>
sounds usefull but I think we need a webdeveloper for putting it on our "blog"
<enyc>
how did existing articels go up ?
<DocScrutinizer05>
by pestering dos1 for weeks
<enyc>
why is he so hord to get into helping here?
<DocScrutinizer05>
however the getting them up is the lesser problem, actually it's the writing that nobody wants to do
<enyc>
i'm not sure it so needs webdev as just semiple posting extra entry...
<enyc>
DocScrutinizer05: i find that writing down //enumerating the loose-ends helps to stop them being annoying/stressful in head
<enyc>
DocScrutinizer05: if you are soon to be out-for-a-while i highly reccomend doing this, for yourself and for good of the project, both to let everyboyd know situation fairly and to help organize what they can do in meantime
<DocScrutinizer05>
we're already trying to organize everything in the background. It's not a huge meeting since there are basically only two persons involved
<enyc>
okies
<enyc>
i still think it would be heplufl to summarise situation and your vanisihng-for-a-bit for all backers / thoso taking more interest etc.
<enyc>
hope it all works out well =)
<DocScrutinizer05>
wpwrak is about to write a "little story about PP" iirc, which we should publish soonish on tmo
<DocScrutinizer05>
and possibly via newsletter
<enyc>
kk
<enyc>
yes, reccomend getting it linked onto neo900.org and newsletter everything when all key points /posts made
<wpwrak>
yup, i am :) still have stuff to add. and then trim a little. hopefully i'll have something worth reviewing by tomorrow.
<wpwrak>
(review) also to check the facts, since i don't know have first-hand knowledge of all the communication between joerg and we'll-just-keep-the-money
<DocScrutinizer05>
((newsletter everything)) we have a dilemma with that, in that there's a strong opinion about "too long, must get shorter. Rather do more frequently smaller newsletters" and the fact that nobody is actually able to find the time to do such more frequent newsletters
<enyc>
so... sommarize in newsletter, be frank about overall istuation of project, whose working on it etc.
<DocScrutinizer05>
((communication)) quite a lot of that was per phone call. Some practice that has its advantages but also its downsides, first and foremost the lack of any useful protocol
<enyc>
*link* the long-articles on tmo if anybody wants to read etc.
<enyc>
that way best of both worlds
<DocScrutinizer05>
(dilemma) that's exactly one of the main reasons why we need a new communications officer who actually wants to write, who loves to write, and who has sufficient interest and insight in the project to pester the core team about details for such writing
<enyc>
put out a post asking for such =)
<DocScrutinizer05>
the "upload" to the website is only the final act and not a significant fraction of the complete task
vakkov has quit [Remote host closed the connection]
vakkov has joined #neo900
<DocScrutinizer05>
actually the vacant position could get split into a communications job that means writing text and a web designer / maintainer job that would handle the more technical aspects of maintaining the neo900.org site
Oksana_ has joined #neo900
Oksana_ is now known as Oksana
jonwil has joined #neo900
SylvieLorxu has quit [Ping timeout: 240 seconds]
Pali has quit [Ping timeout: 240 seconds]
dal has quit [Read error: Connection reset by peer]