Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Linux on MacBook Air Question
#1
I run Ubuntu on a System76 Meerkat. I've also put Ubuntu and Mint on some old MacBook Air laptops. Recently, I've thought about getting a new laptop that will run Linux. I was considering a laptop from either System76 (probably the Galago Pro) or Purism (probably the Librem 13).

I have a paranoia that even though I've formatted the hard drive of the MacBooks Airs (before putting Linux on them), that somehow Apple will still be able to somehow take over my computer or somehow be able to have access to my computer. So I was thinking getting a new System76/Purism laptop will somehow be "safer" (from a privacy standpoint), than using my old MacBook Airs that are running Linux, since those companies provide both the hardware and software.  

Am I just being stupid and not understanding how computers work? Or is there something to my paranoia, from a technical standpoint at the hardware level?
Reply
#2
(11-20-2019, 06:41 PM)LinuxNoob Wrote: So I was thinking getting a new System76/Purism laptop will somehow be "safer" (from a privacy standpoint), than using my old MacBook Airs that are running Linux, since those companies provide both the hardware and software.  

There is not a single modern laptop that does not have closed source bits. Usually the BIOS / UEFI is proprietary (even CoreBoot, used by Purism and System76, requires proprietary binary blobs) and then there also is Intels IME (and AMDs analog) which literally is a totally opaque, black-box mini-CPU inside your main CPU that has prime access to all of your hardware and nobody really knows what that shitty thing really does.

In other words, if you actually want a "safer" system, get an old IBM thinkpad with libreboot. Every modern laptop is more or less the same when it comes to such things: Not safe from attacks of the hardware / firmware providers.

When I got my Librem13, I knew that it won't actually be much better in regards to privacy than most laptops. I got it for three reasons: It is nice to use a laptop that was primarily designed for Linux, CoreBoot is infinitely better than any proprietary BIOS/UEFI garbage and because it funds a company who is actively working towards the goal of producing fully free/libre computers.



(11-20-2019, 06:41 PM)LinuxNoob Wrote: Or is there something to my paranoia, from a technical standpoint at the hardware level?

There absolutely is and the more you know about it, the more terrifying it gets and the more angry you get at intel and other idiotic companies who refuse to open the code of their firmware.
My website - My git repos

"Things are only impossible until they’re not." - Captain Jean-Luc Picard
Reply
#3
I have an old, used Galago UltraPro that I really like, but I can't speak for the new models.

If you are interested in System 76 or Purism, I would recommend checking out video or written reviews of current models. Your needs and preferences may vary, but good reviews often point out things you may not even anticipate.  There are plenty of reviews on Youtube, and lots of threads on Reddit or Purism's own forums.

Like Leon.p stated, we're all kind of in the same boat when it comes to the multiple points of closed-source code, and I laud any group actively working to bridge the gap or mitigate what we can now.

I'm also looking forward to the phone projects from Purism and Pine 64.  And Pine 64's ARM development on the Pinebook Pro looks so promising. They're selling it at cost, $200, to promote development / adoption.  Talk about a cool company / community!
Reply
#4
Thank you for the replies, leon.p and Eurus!

(11-22-2019, 07:27 AM)leon.p Wrote: There is not a single modern laptop that does not have closed source bits. Usually the BIOS / UEFI is proprietary (even CoreBoot, used by Purism and System76, requires proprietary binary blobs) and then there also is Intels IME (and AMDs analog) which literally is a totally opaque, black-box mini-CPU inside your main CPU that has prime access to all of your hardware and nobody really knows what that shitty thing really does.

If I got an old IBM thinkpad with libreboot, would those issues not be a problem? Would I have complete and sole access/control of my system (both at the software and hardware level) with that type of older laptop?
Reply
#5
(11-23-2019, 10:27 PM)LinuxNoob Wrote: If I got an old IBM thinkpad with libreboot, would those issues not be a problem? Would I have complete and sole access/control of my system (both at the software and hardware level) with that type of older laptop?

These laptops are from a time when Intel did not put the IME on their chips. And libreboot is a free and open BIOS replacement based on CoreBoot. So a librebooted thinkpad will have no proprietary firmware (except maybe the wifi card, but you can replace that). If you then install a fully free Linux distribution, like Parabola or Debian, and do not install any proprietary software, you will have a laptop that you have full control over and that is fully auditable.
My website - My git repos

"Things are only impossible until they’re not." - Captain Jean-Luc Picard
Reply
#6
In terms of safety/privacy, how would you compare a System76/Purism laptop that runs Linux natively versus a laptop that had MacOS/Windows on it and then was replaced by Linux? In other words, is there some sort of safety/privacy benefit that you'd get from System76/Purism providing the hardware versus using the hardware of another company but putting Linux on it?
Reply
#7
(11-24-2019, 08:59 PM)LinuxNoob Wrote: In terms of safety/privacy, how would you compare a System76/Purism laptop that runs Linux natively versus a laptop that had MacOS/Windows on it and then was replaced by Linux? In other words, is there some sort of safety/privacy benefit that you'd get from System76/Purism providing the hardware versus using the hardware of another company but putting Linux on it?

I can not speak for System76 devices, but I do know that I do not need any closed source drivers for my Purism Librem13v3. In theory, the less proprietary software you use, the less likely some nefarious code is on your device. CoreBoot is also mostly open, just requiring a few closed blobs to work. The hardware switches for camera/microphone and wireless are a nice touch (although placed in a bad spot on the device: I had to replace both switches as they broke when I put the laptop in a laptop case...).

So yes, they should be better, but only by a small margin.

It is basically impossible to protect against (theoretical) attacks by the vendors of your main hardware (like Intel) with modern devices. However you can get a long way protecting yourself against attacks of most other parties by simply encrypting your disk.
My website - My git repos

"Things are only impossible until they’re not." - Captain Jean-Luc Picard
Reply
#8
(11-25-2019, 05:15 AM)leon.p Wrote: I can not speak for System76 devices, but I do know that I do not need any closed source drivers for my Purism Librem13v3. In theory, the less proprietary software you use, the less likely some nefarious code is on your device. CoreBoot is also mostly open, just requiring a few closed blobs to work. The hardware switches for camera/microphone and wireless are a nice touch (although placed in a bad spot on the device: I had to replace both switches as they broke when I put the laptop in a laptop case...).

So yes, they should be better, but only by a small margin.

It is basically impossible to protect against (theoretical) attacks by the vendors of your main hardware (like Intel) with modern devices. However you can get a long way protecting yourself against attacks of most other parties by simply encrypting your disk.

So would it be accurate to say that if you replace MacOS/Windows on a computer with Linux, that the main difference between that and a System76/Purism computer is the closed source drivers and closed BIOS/UEFI?

Assuming the answer is yes, the next question is how much does it matter from a safety/privacy standpoint? I mean, does merely switching to Linux get you 95% of the way there, and then the issue of drivers/BIOS only make up the last 5%? I ask, because you mentioned getting an old IBM thinkpad with libreboot to have total (or the closest thing to it) safety/privacy, but I'm wondering if for the average user if it's really worth the loss of performance that you could get with a modern system.
Reply
#9
(11-28-2019, 05:47 PM)LinuxNoob Wrote: So would it be accurate to say that if you replace MacOS/Windows on a computer with Linux, that the main difference between that and a System76/Purism computer is the closed source drivers and closed BIOS/UEFI?

Yes, more or less.

(11-28-2019, 05:47 PM)LinuxNoob Wrote: Assuming the answer is yes, the next question is how much does it matter from a safety/privacy standpoint?

Technically a lot. With closed source software, you never know what it will do. It is entirely possible for a wifi-card driver to upload your personal file to some server online.


How much you care about closed vs free and open source is your decission.

(11-28-2019, 05:47 PM)LinuxNoob Wrote: I mean, does merely switching to Linux get you 95% of the way there,

Yes, it does.

(11-28-2019, 05:47 PM)LinuxNoob Wrote: I ask, because you mentioned getting an old IBM thinkpad with libreboot to have total (or the closest thing to it) safety/privacy, but I'm wondering if for the average user if it's really worth the loss of performance that you could get with a modern system.

If it is worth it is up to you, as you are the one who will use it.

There are also some interresting developments regarding IBMs new Power9 CPUs, which in the future might again allow for a fully libre computer (one motherboard is already FSF certefied), but those are on the opposite side of the price range compared to an old thinkpad.
My website - My git repos

"Things are only impossible until they’re not." - Captain Jean-Luc Picard
Reply
#10
(11-22-2019, 07:27 AM)leon.p Wrote: Usually the BIOS / UEFI is proprietary (even CoreBoot, used by Purism and System76, requires proprietary binary blobs) and then there also is Intels IME (and AMDs analog) which literally is a totally opaque, black-box mini-CPU inside your main CPU that has prime access to all of your hardware and nobody really knows what that shitty thing really does.

In other words, if you actually want a "safer" system, get an old IBM thinkpad with libreboot. Every modern laptop is more or less the same when it comes to such things: Not safe from attacks of the hardware / firmware providers.

When I got my Librem13, I knew that it won't actually be much better in regards to privacy than most laptops. I got it for three reasons: It is nice to use a laptop that was primarily designed for Linux, CoreBoot is infinitely better than any proprietary BIOS/UEFI garbage and because it funds a company who is actively working towards the goal of producing fully free/libre computers.

Leon.p, in your opinion, what are the main differences between CoreBoot and Libreboot? Are the differences that significant? Why do you think that Purism and System76 use CoreBoot, instead of Libreboot?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)