spv.sh — living
foss
- now with raisins!
spv.sh — living
foss- now with raisins!
to_replace
over the past year, i've been aiming to remove all proprietary software from my life. this is a status update, of sorts.
since july, i've been daily driving a thinkpad t440p -- i'm using it to write these words right now. i run a lightly customized coreboot tree, with modifications to seabios (for boot password support), and to grub, to ease booting my full-disk-encryption (FDE) debian install.
as an aside, when i say write full-disk, i mean
it. /boot is on the same (luks-encrypted) partition as the rest
of my filesystem. when my machine boots, coreboot loads
seabios, which prompts for a password. after verification,
seabios loads grub, stored directly in flash, which prompts for
my disk password. grub then loads the configuration stored on
disk, which boots linux.
recently, i installed an atheros wireless card, finally eliminating my dependence on binary blobs for wifi. i currently do not even have the non-free-firmware repository enabled in my debian.sources.
the rest of the upgrades performed are pretty standard. 16GB of RAM, a 4910MQ, t450 trackpad, backlit keyboard, 1080p ips panel, 100wh pack. i do have one unique one, though. i've stuck a quectel eg25-g -- a cellular modem -- in the extra m.2. a similar configuration was available from lenovo, but it is (in my experience) rather rare, and inferior in a couple ways.
the eg25-g is pretty much the modem for use with gnu/linux. decent support from ModemManager, and a nearly*[1] fully libre firmware. additionally, changing the IMEI is just one AT command away. this is not illegal, for those wondering. generally speaking, merely changing an IMEI, say, for the purposes of hampering surveillance while using prepaid SIM cards, is not illegal. however, doing so in commission of a crime, say, to use a stolen handset, is. check your local laws though, i'm not a fucking lawyer.
it's rather fun using this machine. battery life isn't perfect, but suitable for my needs. i recently purchased an inverter for my vehicle, which helps. i keep it ready with a charger in my car, so any time i drive i get to top up too.
i do have a few complaints, though. in no particular order:
i've made virtually zero progress on this front, probably due to how infrequently i actually use the damned thing.
i'm running 8th gen intel and the stock Z370 BIOS from MSI. as such, virtually all of the boot firmware is proprietary. additionally, i use an nvidia gpu for, uh, reasons. i could use nouveau, but its performance simply doesn't stack up against the proprietary drivers, in my experience.
at some point, i'd like to build a proper FOSS workstation, but given the relative infrequency of my desktop usage, it's a rather low priority.
for a time, i daily drove a pinephone pro. i have mixed opinions on this handset. on one hand, the hackability and do-it-yourself-esque ethos of the community was refreshing, coming from an iphone. however, i have to say, the hardware is just shit. the screen cracks very easily, the RK3399s is of, at best, questionable reliability, and on one of my boards -- the second one i bought, after my first's RAM shit the bed -- the audio died after maybe 2 or 3 months.
i'm in the process of building my own dumb phone with off the shelf hardware, but it's been a rather slow start. getting some parts wednesday, though.
i self-host most of the services i use. mastodon, peertube, lemmy, email, etc. however, all of my servers run at least some proprietary code. i mostly use hand-me-down desktops for the task, none of which are supported by coreboot. i would, at some point, like to build a nice rack setup with coreboot-supported machines, but that's kinda a low priority for now. the machines do their job, and the firmware presents a relatively low security risk.
they say freedom isn't free, but i think it's even a little broader than that. principles aren't free. if you want to live your life free from proprietary software, you'll have to make some sacrifices. if you value privacy, you'll have to make sacrifices.
i'd say with certainty that this path isn't for everyone. i value my privacy and freedom over many things -- convenience being one of them. some would call me paranoid. and rightly so.
most people don't give a fake name at the barbershop, or have a drawer of prepaid SIM cards. this is the price of privacy in the digital age. and it's a price many aren't willing to pay.
[1]: the userland and linux kernel running on the modem are entirely libre. however, the ADSP -- the code that directly interfaces with the radios -- and the "TrustZone" (TZ) -- ARM bullshit -- are not. the ADSP has at least a decent reason -- regulators often frown on custom radio firmware. the TZ, on the other hand, is less of an effort or legal issue, and more of a technical one. iirc, the TZ firmware is signed by ARM, so failing a private key leak, or a quantum computer in somebody's basement. its chains shall stay...