From: Mark H Weaver <mhw@netris.org>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: guix-devel@gnu.org
Subject: Re: armhf build machines
Date: Tue, 08 Dec 2015 14:39:01 -0500 [thread overview]
Message-ID: <87zixkybl6.fsf@netris.org> (raw)
In-Reply-To: <87fuzc7tb4.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Tue, 08 Dec 2015 18:18:23 +0100")
ludo@gnu.org (Ludovic Courtès) writes:
> Mark H Weaver <mhw@netris.org> skribis:
>
>> ludo@gnu.org (Ludovic Courtès) writes:
>>
>>> Leo Famulari <leo@famulari.name> skribis:
>>>
>>>> What sort of machine would be appropriate for hydra?
>>>
>>> Something rather big: say 8+ cores, 16+G RAM, fast disk of 3T at least.
>>
>> I would also add that it should run Libreboot, for which the ASUS
>> KGPE-D16 is currently the best supported server-class motherboard.
>
> Right, I would prefer it as well; I hope we can find such rackable
> servers.
>
> If it turns out that all we can buy in practice is an ME-backdoored
> server,
Under what set of circumstances would this be the case? The ASUS
KGPE-D16 is widely available. It's even available pre-flashed with
Libreboot from minifree.org, the company run by Francis Rowe, the
creator of Libreboot.
> I *might* be willing to take it, with the understanding that it
> would become less and less of a single point of trust (assuming more of
> our package builds become reproducible, and other users publish binaries
> as well.)
If hydra is compromised, then its private key could be stolen and
facilitate targetted delivery of malicious binary substitutes to
individual users. The existence of other users who run 'guix challenge'
would not prevent that, afaict.
Anyway, to my mind, the security issues are secondary. We should avoid
running non-free software wherever feasible. It is now fairly easy for
us to arrange for hydra.gnu.org to run 100% free software from the boot
firmware up. Given this, and our commitment to free software, I'm
surprised that we would not make this a priority.
More thoughts?
Regards,
Mark
next prev parent reply other threads:[~2015-12-08 19:39 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-07 9:14 armhf build machines Efraim Flashner
2015-12-07 10:36 ` Andreas Enge
2015-12-07 18:28 ` Leo Famulari
2015-12-07 23:03 ` Ludovic Courtès
2015-12-08 4:07 ` Mark H Weaver
2015-12-08 17:18 ` Ludovic Courtès
2015-12-08 19:39 ` Mark H Weaver [this message]
2015-12-09 13:50 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87zixkybl6.fsf@netris.org \
--to=mhw@netris.org \
--cc=guix-devel@gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).