Talos Secure Workstation

The world's first ATX-compatible, workstation-class mainboard for the IBM POWER8 processor.

Jan 09, 2017

Project update 14 of 15

The State of Owner-Controlled Computing as Talos™ Winds Down

As Talos™ winds down and development resources are being allocated to other projects, we explore the state of owner-controlled computing and what the failure to fund Talos™ means in the near future.

What To Expect

The libre software community in general does not have much direct experience with hardware enforced lockdown of the type now present on all mainstream computing systems. As we explored in an earlier update, unlike hardware that was designed and marketed before 2013, all modern, mainstream computing hardware operates under the direct control of the manufacturer in perpetuity, with no possible means of restoring full control (control of the "root of trust," the ability to modify the product to operate as the owner desires, etc.) to the physical owner of the machine. Over the course of 2016, we have seen glimpses of what this means to society, from the Revolv thermostats being remotely and purposefully bricked by their true owner, the vendor, to the Samsung Note 7 being partially disabled by a remote update for liability reasons, to unverified claims that the secret keys to the Intel® Management Engine are being traded underground in criminal circles, to the United States government suing D-Link partly due to the IoT-launched DDoS attack in October. Most interesting is that the lawsuit, by its target, implicitly acknowledges that the products people thought they were purchasing clear and free are in fact merely a more or less persistent rental or lease, with all of the freedom, privacy, and financial implications associated with leased, not owned, devices. As a final thought, the current trend in computing is to effectively move the hypervisor and/or kernel into the main platform firmware. If this is done with vendor-controlled systems, libre software will be reduced to a set of userspace tools, similar to what has happened on jailbroken iPhones or Android devices. Over time, licenses may even be required to run specific userspace tools where the libre offerings compete with commercial offerings on the same platform. The only way to stop this future is to financially support owner-controlled hardware development, regardless of which company is offering owner-controlled hardware at any given time.

In a nutshell, we are rapidly approaching (and in some countries have already reached) the often-ignored futures laid out so clearly by George Orwell and Richard Stallman. A general sense of apathy has spread and, as the proverbial frog in a pot of boiling water does not react before being cooked, we have all become accustomed to having our privacy persistently and maliciously invaded merely to save a little bit of extra money. While frugality is normally a positive trait, when taken to extremes it becomes folly as it mandates violation of basic human rights. The lack of action to counter these trends is increasing the barrier of entry for technological industries daily. It’s dooming technology workers to toil under the control of large corporations that can afford exclusive access to the type of hardware and software required to design new, commercially successful products. Indeed, to work in the engineering fields in the United States, you must never return to the type of work you were doing for your employer after leaving their employment. Keeping the tools needed to design new products available to both individuals and small business is vital both to securing the future of innovation and to ensuring fair compensation for work performed in the technical fields.

Hidden Costs

There is another hidden cost of vendor controlled hardware: heavy damage to the environment. By retaining full control of the product from cradle to grave, the vendor has effectively eliminated a major step in recycling, namely to "Reuse." Technology products are notoriously difficult to reuse due to rapid obsolescence of the software they use. However, for owner-controlled products, many people have figured out ways to breathe new life into the older hardware. This typically occurs by replacing the original closed source software with open source software that adds new functionality or otherwise restores the device to usefulness, sometimes in a completely different role than the manufacturer originally intended! Vendor control mandates that once software obsolescence occurs, the device must be thrown away or recycled, damaging the environment yet again as most of the device is burned away to recover trace amounts of gold and other valuable substances.

Finally, as we move to a post-privacy, advertising-supported society, a final cost becomes apparent. There is a saying in French, "Si c’est gratuit vous êtes le produit"; roughly translated it means "If you are not paying for it, you’re not the customer; you’re the product being sold." Rather than being looked at as sapient individuals, everyone is simply reduced to a product that can be exploited at will, for any reason. As people become more aware that their every thought, every action, every conversation, every relationship is being recorded and analyzed, a chilling effect takes place, destroying the very foundation of democratic society as new or non-mainstream ideas are not only ignored by others, but purposefully suppressed by the individuals generating them, simply for personal safety or immediate financial gain. We already see this in several nations, where services that would be considered fundamental to modern life, such as electricity and Internet access, are now being forcibly used to pry into the innermost details of a person’s thoughts and actions. It is vital that individuals take back control of their technology before it becomes nothing more than an invasive, complex leash used to subject individuals to external control — even if this means spending more or doing without the latest gadget until an owner-controlled variant becomes available.

Next Steps

Unworkable Ideas

Over the course of the Talos™ campaign we have seen a number of unworkable solutions proposed. One of the most frequent responses has been to just abandon all modern computing and continue to use seriously underpowered or laughably outdated devices until they are no longer available. While this is a perfectly natural neo-luddite reaction, it will inevitably lead to near-complete extinction of all non-commerical libre software as any remaining community-driven libre software fades into complete irrelevancy for the majority of the population. For example, how many people still want to use dial-up BBS software or text-mode word processors? Most of the current libre software offerings will be looked back upon with a similar "so what?" factor in a couple of decades if they are not continually developed; sitting still in a sea of change is not a solution, rather it will doom those opting to exclusively retrocompute to a permanently lowered and largely voiceless position within modern society.

A less common response, but one that is equally unworkable, is to try to force manufacturers to produce owner-controlled hardware at inexpensive price points through legislative means. Such intervention would be one of the largest regulatory interventions into the free market in many decades, and is extremely unlikely to ever occur. In fact, with recent FCC rulings we are seeing the exact opposite; manufacturers are being required to lock out owner control in wireless applications ostensibly for the public good. When the community then turns to illegal grey market items to circumvent these regulations, instead of paying more to develop safe products that comply with the new regulations at the hardware, not software, level, it simply cements the popular idea that owner control is only needed for illegal purposes, further damaging the likelihood that owner control will become more widely available in mainstream computing products.

A third response has been to try to apply libre software development models to libre hardware development. This sounds good on the surface, until you dig a little bit deeper and look at the factors allowing libre software development to flourish and converge on optimal solutions in so many cases. In a nutshell, this only works on the software side due to application of free market principles to a product with a large, experienced talent pool, near-zero barrier to entry, near-zero iteration costs, fast time to market, and very low costs to test a new idea or configuration. In such an environment, when forking a project to take it in a radically new, experimental direction only costs time and a few dollars of electricity, branches abound, and as a result, the market is free to select the best features of each branch and take the main product in an optimal direction — human intervention is not required to "predict" whether an idea will work or not as is required in most centrally planned systems. In contrast, hardware development has a sparse talent pool with widely varying skill levels, extremely high barriers to entry, very high iteration costs, slow time to market, and testing a new idea often requires a combination of both the barrier to entry and iteration costs to be paid up front. As a result, hardware development often falls back to a centrally planned model, with stronger individuals selecting what they think will be the correct, profitable branch, and the market is unable to converge on an optimal solution. We are already seeing this with RISC-V and some of its most puzzling design decisions and strangely missing features (e.g., the lack of an IOMMU and L3 cache in all current implementations, addition of Cray-style vector processing but no standardization of media-oriented packed SIMD, etc.); in our direct experience, the libre software development model simply does not extend to hardware given the current and predicted near-future constraints on hardware manufacturing technologies. If a fundamental shift does occur within the manufacturing technologies that reduces iteration cost to near zero, and more importantly reduces the barrier to entry to near zero, then and only then will libre software development models apply to hardware. Until then, computing hardware design remains squarely in the realm of companies with both the financial means to enter a market and the technical knowledge to keep a multimillion dollar project on track and head off "iteration into financial oblivion."

Temporary Solutions

First, it should be noted that the primary means of keeping libre hardware available will be financial at this time. The days when a lone programmer or loose team of hobby coders could change the world are long gone, largely due to the lockdown of consumer hardware discussed earlier. If you have extensive experience with low level hardware and firmware, are not already working for the handful of corporations requiring that skillset, have cash reserves to purchase owner-controllable but currently closed hardware, and would like to donate a lot of time to the cause of libre hardware, there are some projects where you could make a difference. If this does not describe you, the best contribution you could make is financial to one of the few remaining firms willing to consider working on or creating libre hardware.

Individuals

For now, the best course of action for individuals is to support those few companies, such as Minifree, still selling hardware that ships with owner control provided out of the box. For example, the D16 Desktop is a capable x86-based machine that can serve as a decent hold-over system until better options become available in a few years, and the C201 makes a capable terminal to a remote server or desktop machine. When purchasing from a vendor of owner-controlled systems you are not only directly supporting the development work needed to keep owner control available, but also showing that there is a market for such systems and that they are worthy of additional development in the future. While the D16 does not currently have a libre BMC option available, and thus is not suitable for use in a remote datacenter environment, Raptor Engineering would be willing to develop and release a fully libre BMC option for a reasonable one-time fee. Please contact us if you are interested in sponsoring this work.

Organizations and Companies

For organizations and companies that use servers and libre software, the best course of action is to purchase owner-controlled OpenPOWER hardware, and to remind IBM and your vendor that your rationale for selecting OpenPOWER was the fact that the hardware is fully owner-controlled. Raptor Engineering is also willing to "free up" existing OpenPOWER systems from closed-source vendors, such as the S812LC, under contract; if you would like to pursue this option please contact us with the platform vendor and model that you would like to see freed. Please note that unlike older x86 sytems, the BMC is integral to the boot process on OpenPOWER, and using a proprietary BMC firmware on OpenPOWER machines carries the same risk as using a proprietary system firmware on x86 machines.

Long Term Solutions

OEMs and ODMs

For OEMs and ODMs, using ARM64 or POWER silicon and licensing specific technologies from Talos™, such as FlexVer™ and LPC Guard™, will allow you to offer products that provide an even higher security level than the centrally managed schemes prevalent on x86. This higher security level has applications not only in protecting commercial intellectual property, but provides critical assurance to the defense industry that control rests solely with the machine owner, not with the vendor, and that there is no intentional or unintentional back door waiting to be exploited by an adversary. Raptor Engineering has years of experience in low level system firmware development, and can create a truly libre firmware solution for your new ARM64 or POWER based product, thus allowing you to leverage the public relations and commercial sales benefits of full auditability for a reasonable, fixed, non-recurring cost. For existing examples of our work, please see the AMD Family 15h support with DDR3 RAM initialization in coreboot, in addition to our ports of coreboot to the ASUS KFSN4-DRE, ASUS KCMA-D8, ASUS KGPE-D16, and Lenovo T400.

For software vendors, we can help port your software applications to POWER, allowing you to leverage the unique advantages of one of the most powerful CPUs on the market today, or to ARM64, allowing you to leverage the advantages of green computing in the datacenter.

Closing Thoughts

Raptor Engineering is grateful to have had the opportunity to run this campaign, and would like to thank the community for all of the support we received during this nearly year-long endeavor. We will not be receiving any of the pledged funds from the crowdfunding campaign. If you’ve already placed a pre-order for a POWER8 CPU via Crowd Supply, you will be fully refunded. If you placed a crowdfunding pledge for a Talos™ product, you have not yet been and will not be charged.

We will not be continuing development of the Talos™ systems, however we are willing to license parts of the Talos™ technology, such as FlexVer™, to other manufacturers. We remain strongly committed to OpenPOWER and assert that the OpenPOWER platform remains the best viable future for libre software development. Finally, we will be continuing our migration away from x86 onto POWER8 and POWER9, and will continue to contribute patches back to all open source projects that need modification to work correctly on OpenPOWER systems.

Finally, we may be starting up a new non-crowdfunded platform based on OpenPOWER through Raptor Computing Systems in the near future, so stay tuned!


Sign up to receive future updates for Talos Secure Workstation.

Subscribe to the Crowd Supply newsletter, highlighting the latest creators and projects