With the recent news about the Raspberry Pi foundation adding Microsoft repositories behind user’s backs, could Purism develop a SBC that can run Pure OS so that everyone can move to that platform and teach the Raspberry Pi foundation a good lesson?
Related discussions: Purism on creating an SBC
and: https://forums.puri.sm/t/the-librem-micro-a-sbc-whod-be-interested/11109
and: PureOs on a SBC
and: The Librem 5 phone has the heart of a single board computer. What desktop SBC would you recommend as a free (as in freedom) alternative to the Raspberry Pi?
I draw your attention to: Purism on creating an SBC which is a comment from a Purism staff member.
I would suppose that a) yes but b) it would cost 3 x what a Pi would cost (ex recto estimate) and so the question would be whether the market would be prepared to pay that (in sufficient numbers to make the project viable). For what I do with Raspberry Pi computers, I think the answer might be “no”.
Do you have a link for that?
What’s inherently wrong about having a m$ repo? They do OSS now. Maybe some people want to use some of it.
The problem I’ve heard most is that this pre-installs MS private keys in the OS so that if MS adds non open source software to the repo or someone finds an MS binary users could install this without understanding that it’s closed source.
Personally I don’t see it as a huge issue as any distro can add whichever repos and keys it wants. Instead of trying to not use raspberry pis over this, why not just install a different distro on the pi?
Or just remove the repo after it was added?
The complaint was that it is inherently wrong: to add a repo without user consent i.e. if an update wants to add a repo then it should get informed consent during the update before adding a repo.
Remove the key from the keyring as well if you’re removing the repo.
I do agree that it would be better if a distro prompted before adding/removing repos and I haven’t looked, but I hope that they put the Ms (and any other non-os repo) in sources.list.d not in sources.list… but that’s just my opinion, and I still think the correct course of action for someone truly upset by this is to just move distros.
Don’t most distros add, update, and disable repositories? Often without big bold letters detailing it.
Was it a repo that got added to the list or was it a bunch of m$ sw? Who cares about a new item on the list. It’s only a problem when totally new software is being installed without notice.
Don’t get me wrong, I hate m$ as much as anyone and I can understand feeling violated by something of theirs automatically appearing in your machine but, this sounds like much ado about nothing.
Yes, the key too.
I had a look at a couple of mine but couldn’t see any change. One of them is on buster. I don’t know which release has this change.
The above article says:
The configuration of /etc/apt/sources.list.d is modified by the post-inst script
So you could be OK on that one.
No. The only change is one that the user explicitly makes.
A repo, reportedly.
Had they added a bunch of MS software to the standard Raspbian repo then there would be less fuss and fewer people would even have noticed. (That would have been better too because it puts control of the software within Raspbian. MS would only be able to release changes by going through Raspbian.)
It doesn’t hurt to have additional choices … I mean if Purism did create a blob-free alternative to the Pi.
A repo, controlled by Microsoft, not the Pi Foundation.
The implications include
- Microsoft suddenly (unexpectedly) gained root access to your device
- Microsoft gets pinged by every “apt update”, knows your device and the total amount
Why is Librem 5 not an (expensive) Raspberry Pi replacement?
The earlier link above also suggests “pi-holing” (using your preferred technology e.g. could just be /etc/hosts
) packages.microsoft.com
I might do that now as none of my Pi computers is exhibiting this “infection” as yet.
I would argue that creating an SBC would in the end, help Purism. Lower cost to manufacture than a Librem 5 since there is no plastic molding and beautifying. Plus there would be way more eyes and fingers on Purism hardware and therefore more software pull requests etc, thus moving the Librem 5 forward quicker as well.
I would rather disagree here. imx8q sbc are quite (or rather relatively) expensive and selling them would be a challenge. Designing SBC board for iMX8 will require some effort investment while not many people would agree (or afford) to buy sbc for $500+ (when you can buy for $300 at mouser). So this is questionable investment. Investing into other cheaper board would circumvent purism’s hardware liberating effort or will put them on the field with other players who are already set up steady production pipeline for those SBCs (with mainline linux support and not requiring blobs).
What makes you think it would need to be $500+?
The L5 was planned for $599, and I don’t think the hardware made it more expensive. It’s the delays and software development.
They could just stick the existing board in a case. Should be easily possible for $300 or less.
Or even without a case. And optionally sell some of the other components, like the display of the L5.
Not only would that increase order quantities, it would, at the same time, also increase the availability of L5 spare parts
But my impression is, that doesn’t fit the image (Apple) Purism is striving for.
I agree with Caliga. I really think Purism should do this and I am sure a ton of freedom loving hackers would ditch the Raspberry Pi foundation and their love for M$ for good and move to Purism’s SBC. I for one would replace about 30 Raspberry Pi devices that I use in my business.
existing board is not sbc. It has no com/power/io ports except usb-c. Also existing board has lot of extra elements not needed by sbc. So you will need to put some design to convert existing board to sbc. Which would make it cost $500 as per my personal ROM estimate (custom design, low volume, extra stuff, etc.).
Selling mainboard - I think they will come to this, but i don;t think they will sell more than a handful as sbc (unless someone would come up with some home-made-able breakout board for it)
Maybe someone should start a new version of the General Public License that requires any contribution of code involving encryption, trust, or keys of any kind to only be capable of authenticating any network communications with operating systems that are equally open-source and published to the public. So if Microsoft wants to establish any kind of “trust” with the open source community, they have to publish their Windows 10 operating system source code first (in other words, never). Otherwise, no deal and no networking trust with any Linux operating systems for that software, at least not from anything found in that repo. It would be a safe repo, guaranteed to be free of trust either to or from Microsoft or the other closed source people.
The idea would be that when you get software there, you’re guaranteed per the license that no authentication can occur either to or from that code to any closed source Microsoft operating system or any other closed source system. Tell the big closed source companies “if you don’t publish your source code, then we won’t network with you nor trust your networked communications using that software”. Then build our own networking communities, cultures, and markets… free of Microsoft and other tech giants, per license. Then if Microsoft wants to snoop on us, they’ll have to do it from Linux, where there can be reasonable countermeasures built-in to detect and defeat it.
Theoretically then, someone might say “Gees, that cool networking program that Microsoft donated to the repo last month, has generated ten million successful returned queries from Microsoft, to see what products people are buying, using their own root access granted to them by the program on the user end. How are we going to close that breech of privacy?”. Then, because we know that Microsoft is using Linux to do the snooping, we plug the leak in the software and warn everyone that they need the later version to plug the hole. In this scenario, if Microsoft then circumvented the countermeasure on the OS level on their own Linux computers, they would be in violation of the respective Linux GPL for not publishing their counter to the countermeasures. No funny-business tolerated. Those who do not play nice aren’t allowed in to the clubhouse. Everyone watching knows the score.
I really reeeaallyyy hope that Purism releases an SBC. Even continuing to sell the Librem 5 development boards without a screen would be enough for me.