Introducing the Librem 11

Assuming it will be done through a USB A female to USB C male adapter.

Possibly, but I prefer not to assume or speculate anything; when it comes to security, especially regarding root of trust, I want clarity.

Same here.

Lack of other modern examples outside Purism? I thought that all of the Linux HW vendors offer to disable the IME via the HAP bit. On some systems it’s not default because it limits some of the power savings features … but the vendor supplies the tools for their users along with the appropriate warning.

I thought you would have known after reading the link from Youness Alaoui since it was about FSP == Intel’s Firmware Support Package … which is exactly the infrastructure needed for coreboot. In any case, in regard to Jasper Lake in particular you can see this Coreboot Seeing Tigerlake + Jasperlake Activity, Experimental Razer Icelake Laptop Support - Phoronix (there’s also a 2021 article) … or simply look at the coreboot contributions like https://review.coreboot.org/c/coreboot/+/42471 from Intel devs. Also, here is an early video of a talk from System76 devs about their work with Intel on Coreboot on Icelake ( https://www.youtube.com/watch?v=YbKSkPVz89o) … which was what Intel continued for their work on Jasper Lake. Also, here’s an article about the Intel engineers work for coreboot on alder lake.

My intent was to show that everyone who bought a Librem 14 was a beta tester. i.e. The links were there to show that the original EC firmware had lots of issues and that fixes were necessary for even basic functioning of the fan, etc.

It’s why it’s hard to even know who Jonathon Hall is and what job he’s contracted for.

I should be more specific: Intel 10th generation and later. I do know the Dasharo FidelisGuard Z690, NovaCustom NV41 series, and NitroPC Pro have options to disable the Intel ME with HAP and/or HECI, but I have not thoroughly researched any of the other Linux vendors outside of Qubes-certified devices, let alone other manufacturers.

Thank you for the links, I did happily read them all except for the YouTube one, since I no longer use it anymore; it also looks like you meant to share an article about Intel’s contributions to Coreboot on Alder Lake, do you still have the reference?

I did not have any issues with my Librem 14 ever since I got it, so at the very minimum my experience is an exception to your broad claim. I even mention about my (hardly notable) experience on the Qubes OS Forum with my own HCL report.

With the Wayback Machine, you can learn that they are a Firmware Developer, but you can always look at their GitLab contributions and/or ask/verify them yourself in the Matrix chat rooms; I was made aware of them from their forum and blog posts regarding firmware support/development.

Yeah i do not have any issue with my Librem 14 either. Librem 14 is amazing!
Thank you Purism for make the best Gnu+Lnx laptop to date, however there is one laptop on the horizon that could replace the L14, i will not say name, but is coming.

Purism HKS & GNU

The Librem 16, of course.

One should not have any problem with the HAP bit on the low power chipsets of 10th generation and later. I think System76 has a Raptor Lake laptop with coreboot and the HAP bit set. System76's Coreboot Open Firmware Manages To Disable Intel ME For Raptor Lake - Phoronix (from the article it looks like System76’s HAP bit works for Alder Lake and possibly earlier chipsets) . All the Linux vendors are doing this because Intel is enabling this on their low power line. The speculation is that the reason Intel is doing this for the low power line is because this is the Chromebook space. Intel Prepares Raptor Lake Code For Coreboot - Phoronix .

In addition to getting Intel’s Alder Lake hybrid processors ready for the Linux kernel and other areas of the operating system stack, Intel’s open-source engineers have continued their trend in recent weeks of upstreaming more Alder Lake work into Coreboot.

[
Edit:

Here’s a link non-Youtube link to the talk I linked in. System76 + Intel - A Production Laptop for Open Firmware Hacking - OSFC
]

Nice find, here is the relevant blog article from System76. All of their Intel 10th and 13th generation laptops have disabled Intel ME, but not any of their other generations in between, based on this firmware matrix.

Fascinating. I am also very confident in that line of reasoning too, since there has been very little economic incentive to work on Coreboot otherwise.

Perfect, thank you for that; I will review it on my own time.

I think that matrix is out of date. Everything they sell with coreboot can set the HAP bit. The issue is that on some setups, it breaks the suspend, so setting the HAP bit isn’t supported. See What is the Intel Management Engine? - System76 Support

For Open Firmware systems, the IME is typically disabled by default unless doing so would break functionality (such as suspend/resume). System76 maintains a list of machines that ship with Open Firmware in this article.

The matrix you had must be a bit old because they fixed the HAP bit + suspend in Alder Lake (12th gen) in June Major Updates for System76 Open Firmware! - System76 Blog . I guess it’s still an issue for the Tiger Lake (11th gen) … but, again, if you don’t want to suspend and are capable of turning off automatic system suspends, you can set the HAP bit yourself (one command; nvramtool) on the Tiger Lake systems.

We prefer to disable the Intel Management Engine wherever possible to reduce the amount of closed firmware running on System76 hardware. We’ve resolved a coreboot bug that allows the Intel ME (Management Engine) to once again be disabled.

This bug was a buffer overflow which caused coreboot firmware memory to be overwritten by the TPM measurement log, keeping the S3 suspend method from working properly. As a result of this, we had to switch from S3 to S0ix suspend, which required use of the Intel ME in order for OS-level drivers to function.

By fixing this bug, we were able to move back to S3 and re-disable the Intel ME on most platforms. (However, S3 suspend is not functional in the silicon we received for 11th Gen (Tiger Lake) U-class CPUs.) This fix was submitted upstream to coreboot as well.

Frankly, I was surprised by how many of the systems they have that run coreboot and openEC System76 Open Firmware Models - System76 Support

Your link is old and see:

Like a plus System76 it working on a GPL x86 Laptop.
So yeah Purism need to put all the manpower now, to survive like a good strategy is stick with free software, why? is Purely and real Libertad!

To be honest, I don’t have strong confidence in Purism’s future because their reputation is really bad right now. They might have a customer base that trusts them for now but convincing potential new customers appears nearly impossible based on what people are saying in other areas. This L11 might be dead on arrival because it doesn’t offer enough competitive differences for the price.

A recent Linux news video briefly mentions the Librem 11: ANOTHER Linux tablet, HDR gaming & GNOME 45 RC: Linux & Open Source News - Invidious

image698×38 8.45 KB

image698×38 8.46 KB

image698×418 24 KB

I am not concerned about the future of Purism; we will learn how the perception of the Librem 11 will be once it reaches the hands of consumers and reviewers.

Despite my comment, I am still considering a Librem 11. I want to believe in Purism’s stated mission. We will see how this and the upcoming Librem 16(?) will pan out.

Honestly a glued back and soldered RAM is a deal breaker for me.

I guess I’m spoiled by Framework these days.

The Librem 16 was briefly mentioned in one of the investor emails a few months ago, so once there is more news regarding it, I will share the message body in a different thread.

I do not mind either, but the lack of hardware kill switches is my dealbreaker; hopefully the Librem 16 does not follow the same pattern.

That review was skeptical about buying the Librem 11 vs. the Starlite V. I was curious, so I compared them:

1. Price. If one adds the keyboard and stylus and orders with 1TB “disk” to the Star Lite to try to make them more comparable, the prices are $806 vs $999.
2. RAM. 16GB RAM vs. 8GB RAM
3. Wifi. Wifi5 vs. Wifi6
4. Battery Access. Back not glued on for StarLite vs. reports that the back is glued on the Librem 11 [ Someone on a comment about the StarLite said that this was indicated on the battery replacement instructions. I only found instructions for the Mk I,II, III, and IV Star Lite Mk II / III / IV - Complete Disassembly Guide - Star Labs and will assume it’s the same]. Edit: My comment might be premature since the earlier Starlite devices (Mk I, II, III, and IV) were laptops. The form factor is different; must wait for more info. The mock-ups don’t show screws like those present on the previous devices.]
5. CPU. N200 vs N5100. That’s three generations different. In terms of benchmarks it’s not quite as much as would be implied by “3 generations”, but I’ll bet there is a difference in battery efficiency: https://www.cpu-monkey.com/en/compare_cpu-intel_celeron_n5100-vs-intel_processor_n200 .
6. coreboot base for both
7. IME. I think with the recent alder lake coreboot (end-of-June-2023) that one can disable IME with the HAP bit. I don’t know if StarLabs has done this.
8. Display. IPS vs AMOLED. Slight different resolution. Different aspect ratios.

It seems the Librem 11 wins on 3 and (possibly) 8. I think the StarLite wins on 1,2,4, & 5. 2 and 5 are very important to me … especially since the RAM is soldered. Both are kind of pricey IMO.

Since both options do not seem to be marketed towards developers only, I would add as comparison point the software it’s shipped with:

Starlabs gives you multiple options to choose from:

• Ubuntu LTS
• elementary OS
• Linux Mint Cinnamon
• Manjaro Xfce
• MX Linux Xfce
• Zorin OS

Purism gives you only PureOS as option. However we can see on their preview image that it will use Phosh. So arguably that’s at least a shell designed for touch input.

That’s really something which threw me off when looking at the tablet from Starlabs here. They start with a much lower price when not adding a keyboard (because it seems optional). But then they ship desktop operating systems with that. I assume you can use the touch keyboard on GNOME (with Ubuntu for example) to login at least but I’m not sure how well support is on all other choices here.

On a tablet I would worry about support for rotating the screen depending on its orientation, gesture support and battery life. Also the Librem 11 is a lot lighter in terms of weight (only 560g) while the StarLite Mk V is about 900g.

It seems more like the one thing is a laptop you can rip its keyboard off but have to buy separate. The other thing seems to be a tablet. But I guess it depends on the user.

I had to compare them both too, but only to both expand and challenge your claims.

It is not clear what exact drive model the StarLite V uses, but it definitely uses PCIe 3.0, unlike the Librem 11, which uses the Kingston KC3000 with PCIe 4.0. Both of their CPUs top out at PCIe 3.0, so the Librem 11 is needlessly inflating its price; it could be economically cheaper for both Purism and its target demographic if it used PCIe 3.0 drives instead.

Specifically, 16 GB of LPDDR5 RAM @ 4800 MHz on the StarLite V vs. 8 GB of LPDDR4 RAM @ ? MHz on the Librem 11. The Intel N200 on the StarLite V is maxed out on both the RAM type and speed, whereas the Intel N5100 on the Librem 11 is only partially filled, at 8 GB out of 16 GB; clearly a missed opportunity for Purism.

Intel 9560 on the StarLite V vs. Intel AX201 on the Librem 11.

Hard to say right now due to lack of an updated disassembly guide for the StarLite V, but @francois-techene stated in the Matrix chat room (community/general) that the back of the Librem 11 is glued.

I agree, but software optimization between operating systems is an important factor to consider too.

Yes, the StarLite V uses edk II for its payload, whereas the Librem 11 uses Heads instead.

It looks like it is optional, based on this image on the StarLite V product page.

2084×2000 322 KB

Specifically on the StarLite V:

• 12.5-inch (diagonal) LED-backlit 10-point touch display with IPS technology
• 2880x1920 resolution at 276 pixels per inch
• 3:2 aspect ratio

Against the Librem 11:

• 11.5″ AMOLED 2560×1600 @ 60Hz
• ? PPI
• 16:10 aspect ratio

Great details! I’m waiting to see some unboxing videos for the Starlite V.

The PPI would be approx 262 or 263.