I have no way to gauge the development velocity, but I’m glad that software updates are trickling in each month. It solved a Bluetooth problem I had with the old wireless card 
8 Likes
This plan is now no longer secured due to recently acquired information on the Qubes OS Forum:
In the case that both the Librem 16 and NovaCustom V54/V56 laptops with hardware kill switches are available before Crimson is officially released, here are the reasons why I would consider switching to the latter:
- Intel® Core™ Ultra 7 processor 155H with Dasharo firmware (Coreboot + Heads with Nitrokey 3A Mini workflow integration pending compatibility research) and Intel Management Engine disabled via HAP bit.
- Supports at least 96 GB of DDR5 RAM @ 5600 MHz.
- PCIe 4.0 support.
- Privacy screen can be preinstalled.
- 3 years warranty, firmware updates at least until July 10th, 2030, replacement parts at least until July 10th, 2031.[1]
Here is information that has no impact/weight on my decision, but may be of relevance to Purism:
- The NovaCustom V56 can be configured with a 2,560x1,600 display (LG LP160WQ2-SPB1).
- The NovaCustom V54 and V56 can be configured with an Intel Wi-Fi 7 BE200:
- The NovaCustom V54 and V56 keyboard layout can be completely customized, including backlight illumination and ANSI/ISO options.
Here are the reasons why I would consider the Librem 16 instead:
- Feature parity against the V56 with at least the first three reasons (switching Dasharo with PureBoot).
- Actually implement a write-protect dip switch on the motherboard for the BIOS and EC:
Dasharo firmware (Coreboot + Heads) support for the V54 and V56 are planned for March 2025 and earlier:
In the chance that Crimson is stable before both the Librem 16 and V56 are released, treat my potential purchase of the Librem 16 towards development of Dawn instead.
Thanks for sharing. One question, does the use of Clevo as an ODM vs. custom or in-house design/developed like Purism does, have significance for you?
I have used qubes on my desktop and have been searching for a laptop that can handle qubes reasonably well. I distilled my search down to Purism, NovaCustom, NitroKey and StarLabs. I realized novacustom and nitrokey both use clevo. where as Purism and StarLabs design and build in-house (or at least don’t rely on clevo). In my mind, the fact that they are designed and built in-house seems better. But, I can’t honestly say why I think that. I just tend to have more concern with mass-produced, or companies that focus on mass-production as it could be a potential vector for introducing vulnerabilities.
Along these lines I thought of going with starlabs, but they seem to be in the process of redesigning their Star Fighter laptop, so I’m waiting to see what they come up with.
2 Likes
No, because my main concern for hardware is strictly focused on boot firmware root of trust. This means Coreboot with Heads is the bare minimum criteria for any potential x86 product consideration, therefore Star Labs is excluded due to only using Coreboot with TianoCore.
1 Like
While Purism (likely) doesn’t use clevo, they still have/use a Chinese ODM. Purism has not revealed who that ODM is. Clearly that ODM allows (and/or helps with?) more customization (e.g. the Hardware Kill Switches).
1 Like
Good to know, Thx!
1 Like
Only in the case of the Librem 5? This wouln’t apply for the Liberty 5?
1 Like
I thought you and FranklyFlawless were discussing laptops. That was the topic of my comment. For other devices:
-
Laptops. They have a Chinese ODM and Purism does small customizations (HKSs, etc.).
-
Mini and Librem 11. They have a Chinese ODM and don’t do any HW customizations (except possibly the choice of Wifi modem on assembly).
-
Librem 5. The mainboard and case design is completely custom. The standard Librem 5’s mainboard is assembled + soldered in China and there is some assembly (antenna, cellular modem installed, etc.) in the US. For the Librem 5 USA or Liberty, the mainboard is assembled + soldered in the US.
4 Likes
My apologies. You are right. I was conflating a couple of thoughts going through my mind as I responded to your post.
Thanks for your info though.
To bring this back to the topic of this thread, I approach my support of Purism, this forum, etc from my interests in privacy. But, privacy is not derived from any one single act. As many of mentioned every person’s situation is different so you really need to look at your own threat model or vulnerabilities. Simply buying a particular piece of hardware won’t bring desired privacy.
So, as I anxiously await the release of Crimson, and what i can or cannot do to help, I also focus on things such as firmware, supply chains, laws in countries that companies might have to comply with, operating systems, lifestyle habits, evolving trends in software and hardware, corporate relationships that evolve daily, hardware specs, the ever advancing state of technology, etc.
Needless to say that list can be very long, and as I keep trying to educate myself on the different aspects I should be thinking of, I can see how it can be overwhelming for people. And they just stay with a status quo, of hardware, software, lifestyle, and habits that is compromising their privacy and security.
I wish I had more skills to help deliver Crimson directly. I also, know this will just be one very small piece of a large complex set of challenges. So, I appreciate everyone’s input into this discussion and effort.
2 Likes
I think it is important to figure out if Purism laptops fit your Qubes OS criteria, as that could potentially lead to a future purchase to indirectly fund Crimson. Here is the latest HCL report for my Librem 14:
1 Like
Thanks, I was leaning towards the larger screen size of the L16. That is why I was looking at the StarFighter, NovaCustom v56 or NitroPad v56. I learned something about the whole coreboot + heads from you @FranklyFlawless, so thanks. It is easy to get confused when all the companies tout ME disabling, coreboot, etc. I didn’t understand the subtle distinction of EDKII (tianocore) in the StarFigher vs Heads. I assumed if it was coreboot it was using Heads?!
so, now I am leaning towards L16 or NovaCustom v56 as you mentioned. and since the coreboot+heads is still in work at NovaCustom, I can give it time to see how that plays out. Who knows, maybe StarLabs will come through with coreboot+heads also. Or a new player appears 
1 Like
TianoCore is a payload for an open-source UEFI-compatible implementation, whereas Coreboot is the first-stage bootloader that passes responsibly to a payload after hardware initialization. You can contact Star Labs about using Coreboot with Heads on their products:
1 Like
I have two laptops from starlabs, running their coreboot version. I always asked myself how they manage to make the battery last much longer than dasharo coreboot version, on their github page you don’t find the code and on LVFS it’s classifed as proprietary: LVFS: StarLite MkV coreboot
I have asked them directly about it being proprietary and they say it’s open source, but as they created they are the owners of the code. It’s very strange to me. Then the fact that the battery lasts much longer, something like 14 hours on last devices, compared to 8 hours on novacustom last devices is very odd. If starlabs coreboot if really fully open source then why dasharo would not be copying them to have 6h more on battery life?
Anyway I am just a freedom tech enthusiast, not an expert in anything.
2 Likes
Maybe ask them for the source code and build instructions and make sure you can built it yourself and flash it, try making tyour own modifications and make sure you really can build and use your modified version?
1 Like
Here are the firmware build instructions from StarLabs. Building coreboot — coreboot 24.08-993-g40fac9a354 documentation
You’ll note that there are binary blobs used in their coreboot. They provide the link to those blobs here: GitHub - StarLabsLtd/blobs: mirror of the blobs repository containing redistributable binaries
The fact that there are binary blobs is why, when they bundle the whole thing for distribution by LVFS it is classified as proprietary.
From your description, it’s hard to know what the exact interaction is. What you mentioned above has no contradictions. Some facts that might help:
-
All code has a copyright owner (or “owner”).
-
Copyright owners can license their code for others to use. There are tons of different FOSS (Free or Open Source Software) licenses. There are also proprietary licenses.
-
Most of coreboot is licensed as GPLv2 which requires that contributed code to be offered with the GPLv2 license. That said coreboot can be distributed with proprietary binary firmware payloads (blobs) that coreboot loads at boot time.
-
If Starlabs incorporates a modified coreboot into their laptop, they are distributing that when they sell it … and, since, coreboot has a GPLv2 license they must make their modifications available (see 3). It think they do make that available (see the above link). Do you have any reason to believe they don’t?
3 Likes
Thak you, you clarify a lot of things to me that they could not. I have another question tough, do you know if the dasharo coreboot version has fwer blobs than the starlabs one?
1 Like
I don’t have the answer directly. I can verify that Dasharo has 3rd party blobs too. See coreboot/3rdparty at dasharo · Dasharo/coreboot · GitHub . It’s best if you compare those blobs to starlabs blobs and see which ones you would actually use for each device. Then you can answer your own question.
2 Likes
I wish I had the skills to make such comparison. Just a random autistic linux user.
1 Like
Clone the repositories using git.