From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mark H Weaver Subject: Re: armhf build machines Date: Tue, 08 Dec 2015 14:39:01 -0500 Message-ID: <87zixkybl6.fsf@netris.org> References: <20151207111424.6297eea2@debian-netbook> <20151207103646.GA5390@debian.eduroam.u-bordeaux.fr> <20151207182817.GA24951@jasmine> <87bna1svy1.fsf@gnu.org> <87y4d5zips.fsf@netris.org> <87fuzc7tb4.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:56542) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1a6O6U-0001Pg-2d for guix-devel@gnu.org; Tue, 08 Dec 2015 14:39:14 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1a6O6R-0003Ei-Cn for guix-devel@gnu.org; Tue, 08 Dec 2015 14:39:14 -0500 In-Reply-To: <87fuzc7tb4.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Tue, 08 Dec 2015 18:18:23 +0100") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org To: Ludovic =?utf-8?Q?Court=C3=A8s?= Cc: guix-devel@gnu.org ludo@gnu.org (Ludovic Court=C3=A8s) writes: > Mark H Weaver skribis: > >> ludo@gnu.org (Ludovic Court=C3=A8s) writes: >> >>> Leo Famulari skribis: >>> >>>> What sort of machine would be appropriate for hydra? >>> >>> Something rather big: say 8+ cores, 16+G RAM, fast disk of 3T at least. >> >> I would also add that it should run Libreboot, for which the ASUS >> KGPE-D16 is currently the best supported server-class motherboard. > > Right, I would prefer it as well; I hope we can find such rackable > servers. > > If it turns out that all we can buy in practice is an ME-backdoored > server, Under what set of circumstances would this be the case? The ASUS KGPE-D16 is widely available. It's even available pre-flashed with Libreboot from minifree.org, the company run by Francis Rowe, the creator of Libreboot. > I *might* be willing to take it, with the understanding that it > would become less and less of a single point of trust (assuming more of > our package builds become reproducible, and other users publish binaries > as well.) If hydra is compromised, then its private key could be stolen and facilitate targetted delivery of malicious binary substitutes to individual users. The existence of other users who run 'guix challenge' would not prevent that, afaict. Anyway, to my mind, the security issues are secondary. We should avoid running non-free software wherever feasible. It is now fairly easy for us to arrange for hydra.gnu.org to run 100% free software from the boot firmware up. Given this, and our commitment to free software, I'm surprised that we would not make this a priority. More thoughts? Regards, Mark