WEBVTT

00:00.000 --> 00:15.600
If those want to enter the lines afterwards, so everyone as far as possible to the middle, please

00:15.920 --> 00:20.880
Thank you. And right side as well, please get to the middle.

00:23.760 --> 00:25.760
Thank you. Thanks a lot.

00:28.960 --> 00:30.960
Testing.

00:31.360 --> 00:48.560
Okay, we'll be starting as soon as there's enough leeway for the sound in the room, so.

00:48.560 --> 01:04.320
Hello. So, yeah, as was introduced, my name is Leo Roe. I'm here to talk about my projects

01:04.320 --> 01:12.000
Lieberboots. I assume most of you here know what it is, but it's a free corporate distribution

01:12.000 --> 01:19.040
by a slash UEFI firm on replacement. I will also have somewhat of a detour in this talk and

01:19.040 --> 01:30.480
talk about one of my other projects, canoe boots. So, yeah, first of all, who am I, so I've been,

01:30.480 --> 01:38.000
I started the Lieberboot project in December 2013. I started another project called canoe boots

01:38.000 --> 01:44.480
in 2023. I will also be talking about that at some point in this talk. I've been using free software

01:44.480 --> 01:51.520
the next since 2005. I've been an avid supporter of it ever since. I'm also involved quite heavily

01:51.520 --> 01:58.960
in politics. I've been advised by our friends that it's probably not good to be part of a talk.

01:58.960 --> 02:05.840
So, let's just say I'm a digital slash human rights activist. How that translates into free

02:05.840 --> 02:14.240
software. Well, you know, the thing to realize about free software is it's not just for computer

02:14.240 --> 02:23.600
geeks. When you think about it, the way society works, we live in a computer age. We use computers

02:23.600 --> 02:30.160
for everything nowadays. Everyone needs an internet connection. Everyone's got, everyone's got in

02:30.160 --> 02:36.480
their pockets nowadays. What would have been regarded as a supercomputer 50 years ago. So,

02:37.680 --> 02:43.120
everything that you do into in civil society depends on access to computing, access to information,

02:43.120 --> 02:53.280
and how you're computing functions should be, the whole idea with free software is,

02:54.480 --> 02:59.200
you have the freedom to run the software however you want, you can modify it however you want,

02:59.280 --> 03:05.840
you can study it, you can share it. In the context of politics and society in general,

03:06.480 --> 03:15.040
that translates essentially into democracy. If all of the services that you use in everyday life

03:15.040 --> 03:22.000
are proprietary, meaning you don't have control over your technology, then it can be argued

03:22.080 --> 03:32.000
that you don't necessarily have a full, fully democratic society. So, free software is not,

03:32.000 --> 03:38.000
as I say, it's not just for, you know, nerds, it's for everyone. Now, the thing to realize

03:38.000 --> 03:43.520
about software freedom is, it's all well and good. If you know how to install Linux, you

03:44.720 --> 03:49.920
have some idea of what you're doing, but everyone needs to have free software because

03:50.720 --> 03:58.080
if only a small group of people know how to use it, then that's obviously no good. You need,

04:00.320 --> 04:06.720
you need everyone else to work on all of their services that you use. So, they need software

04:06.720 --> 04:12.640
freedom as well. If you've got an entire industry that's all, you know, Windows, Mac or wherever else,

04:13.600 --> 04:21.680
that's no good. So, I'm going to go first into the structure of this talk. So, in previous

04:21.680 --> 04:26.800
talks that I've done, I've been much more sort of theoretical, you know, I've gone on for, you know,

04:26.800 --> 04:33.760
an hour talking about my projects and detail. The first 20 to 25 minutes of service talk is going

04:33.760 --> 04:38.480
to be, you know, going through the history, the technical aspects of the project, but it's not going to be,

04:39.200 --> 04:43.200
it's not going to be overly technical, it's going to be more ideological, and we're going to talk

04:43.200 --> 04:49.520
about the goals of the project, but the focus of this talk is going to be on the second half.

04:49.520 --> 04:55.520
So, I'm going to try to get through the talk itself in about 20 to 25 minutes, and then the second

04:55.520 --> 05:00.880
half of this talk, I'm going to give a live demonstration showing the book itself. So, I'm going to go

05:00.880 --> 05:06.800
through the build system, I'm going to go through, I'm basically just, the first thing I'm going

05:06.800 --> 05:11.040
to start with is I'm going to show, you know, if you're, if you're just a user, you want to use

05:11.040 --> 05:16.320
the book, I'm going to show all of the typical ways that you'd use it, I'm going to show, maybe

05:16.320 --> 05:21.200
go into some of the development aspects, show how certain things it maintains, things like that.

05:21.200 --> 05:28.640
And during that second half, it will also be a question, a Q&A. So, if you have any questions,

05:30.080 --> 05:35.440
like, if I'm doing the demo, if I'm doing the demo and, you know, something that doesn't seem

05:35.440 --> 05:41.520
right, you know, put your hand up, interrupts me, I'll explain, I'll stop and explain, and if you want,

05:42.240 --> 05:46.880
yeah. So, that's assuming, of course, that I stick to this schedule, we don't know how long

05:46.880 --> 05:51.440
this talk's going to go on for. So, what is LibreBoot? As I briefly mentioned in the intro to this

05:51.440 --> 05:56.720
talk, it's a free, or open-source, spios, or UFI firmware replacement. What does it mean?

05:57.680 --> 06:04.880
The bios, or UFI, as some people, as a lot of people refer to it, is the thing that starts

06:04.960 --> 06:10.720
your computer. So, it starts the CPU, initializes memory controller, peripherals, then it comes up with a

06:10.720 --> 06:16.320
nice little interface, you start your boot load, a big reporting system, right? So, you know, Linux,

06:16.320 --> 06:23.760
BSD, whatever it is. LibreBoot is also what's known as a core boot district. So, in the past,

06:23.760 --> 06:30.000
some people have, have wrongly assumed that LibreBoot is a fork of core boot. That's not the case.

06:30.960 --> 06:39.840
You know how, you know how you have, say, Debian, Ubuntu, Arch Linux, I suppose, those are Linux distributions.

06:39.840 --> 06:44.560
So, if you want to use Linux, you don't have to download the Linux kernel. You don't have to download,

06:44.560 --> 06:52.080
you know, GNU Core Utils, or X11, Waylands, and all of the variant, you don't have to do everything yourself.

06:52.080 --> 06:57.520
You have these wonderful projects that package everything for you and make it really, really easy,

06:57.520 --> 07:03.040
and they provide user documentation support. LibreBoot is essentially that, but for core boot.

07:03.040 --> 07:12.880
So, it packages core boot and all of the various programs there. So, why, use LibreBoot? Well,

07:15.280 --> 07:20.080
LibreBoot is a free software project. So, I assume most people in this audience know what free

07:20.080 --> 07:26.240
software is, but free software, I'll just briefly explain again in case any one person doesn't know.

07:27.200 --> 07:32.480
Free software means you have the right to study the program, see, I have worked here,

07:32.480 --> 07:37.600
you can run it on as many computers as you like, share it with your friends, you can do whatever you want with it.

07:39.520 --> 07:47.120
This is an important thing to have from an ideological perspective. It's a matter of civil liberties,

07:47.120 --> 07:53.040
as I explained earlier on in this talk. It democratizes computing essentially.

07:53.360 --> 08:01.280
So, this is really the main aspect of LibreBoot. The main point of LibreBoot is to be a free firmware

08:01.280 --> 08:06.240
distribution, but there are other reasons you might want to use it as well. So, it has quite a lot of

08:06.240 --> 08:13.120
nice encryption features in Grab, for example, if you want to boot Linux and you want to

08:13.120 --> 08:18.720
encrypt everything, you can use full disk encryption on standard proprietary firmware, but

08:18.880 --> 08:25.440
LibreBoot, for example, comes with Grab as one of the boot loader options when you start.

08:25.440 --> 08:33.120
It can read luck's partitions directly. So, you can have an encrypt. So, if you have the

08:33.120 --> 08:39.920
slash boot director, we've got with your Linux kernel, you can decrypt that directly so that nothing

08:39.920 --> 08:47.680
on your disks is in secure. And as other security features as well, I've got into some of

08:47.680 --> 08:55.760
this later on in the talk. No DRM, no anti-features. So, for example, this ThinkPad that I've got,

08:55.760 --> 09:02.080
this is a ThinkPad T580. It was added to LibreBoot last month, actually. On ThinkPad's, for example,

09:02.080 --> 09:09.040
if you want to use your own wireless card, that's upgraded to something better. The Nova usually has

09:09.120 --> 09:17.040
a whitelist in their firmware that means you can't use anything but what they provide.

09:17.040 --> 09:24.560
LibreBoot doesn't have features like that. Another advantage to LibreBoot is, because it's a

09:24.560 --> 09:29.280
free software project, because the community has control over it, because you can study it,

09:29.280 --> 09:35.920
change it and completely understand every aspect of it, you get continued for

09:36.320 --> 09:41.760
LibreBoot also tries to provide security features. You really can't get most of the

09:41.760 --> 09:49.200
firmware projects. And, well, it should go with that saying, if we want free software

09:49.200 --> 09:53.040
on everywhere, if we want everyone to use free software, then that logically must mean that

09:53.040 --> 09:57.200
every computer has to have free firmware, whether it be a LibreBoot or something else.

09:57.920 --> 10:04.160
Our brieflet's explain what a core boot payload is. Now, core boots, as I explained,

10:04.160 --> 10:10.320
is the projects that LibreBoot uses for hybrid initialization. But core boots only does

10:10.320 --> 10:14.960
hybrid initialization. It doesn't provide, you know how when you boot your machine and it

10:14.960 --> 10:20.560
comes up with a nice little, like many, you can select your, I don't know, your SSD or a

10:20.560 --> 10:26.160
flaster over or net those or something like that. Core boot doesn't do any of that. It just

10:26.160 --> 10:31.440
starts your hardware and then jumps to what's called a payload. This payload is typically

10:31.440 --> 10:37.680
what provides your bootloader. So, you can use grab Linux, you can use EDK2, EDK2 is the

10:38.400 --> 10:44.640
Intel's reference implementation for UFI. It is a free software project, it's on the GitHub.

10:45.440 --> 10:53.440
You can, LibreBoot provides, LibreBoot doesn't provide every payload. You can modify it and

10:53.440 --> 11:00.720
add whatever you want, but we provide grab C-bass in Uboots on various boards, and I'll go into that

11:00.720 --> 11:07.120
later on in the software as well. You can use other payloads, and this will be in the demo.

11:08.080 --> 11:12.480
You can actually modify each board to use core boots. So, we have our own

11:13.360 --> 11:18.560
logic in the LibreBoot build system for adding payloads to boards, but you can override that and use

11:18.560 --> 11:23.680
core boots. Logic instead, and core boot has more options. Again, I'll go through this in the demo

11:23.680 --> 11:29.040
in the second half of the talk. So, you can find, if you want to know more about core boot in general,

11:29.040 --> 11:32.640
but there is one of LibreBoot's upstream projects, you can go to core boot.org.

11:34.480 --> 11:40.800
Now, so, I explained earlier on in the talk that LibreBoot is a core boot distribution. Well,

11:41.760 --> 11:51.760
let's compare this to say Debian. If you've got Debian, there's a bootstrap script that makes

11:51.760 --> 11:58.480
the install roomage, and then you've got a package manager. Same with any other Linux distribution.

11:59.280 --> 12:04.400
Naturally, LibreBoot has what, I'll go into this in brief history about the LibreBoot project.

12:04.400 --> 12:12.720
So, I started the projects in December 2013. It wasn't initially a project as such.

12:13.600 --> 12:19.200
I was running, and I'm still running actually, a company on the internet called Mini-Free.

12:19.200 --> 12:23.920
Mini-Free.org. It wasn't called Mini-Free.org back then. It was a different domain name, but

12:23.920 --> 12:30.720
saying same thing. A friend that I was talking to at the time was very excited about what I was doing.

12:30.720 --> 12:35.440
I didn't really have any plans in the early days of the projects. I just had my company,

12:36.000 --> 12:40.000
you know, and I provided corporate images, I provided source code on my company website. There wasn't

12:40.000 --> 12:46.800
really a project when they saw first started. It was just commercial, right? But a friend saw the

12:46.800 --> 12:53.200
potential before I did, actually. Here's previously, I'm not going to actually say his name,

12:53.200 --> 13:00.160
but he contacted the F&F and needless to say the F&F was ecstatic. They're licensing and compliance

13:00.240 --> 13:09.600
manager Joshua Gay. That's his name. I see Nick was Jay Gay at the time. He emailed me personally,

13:09.600 --> 13:14.240
to say that the Free Suffolk Foundation is really happy with what you're doing, and they wanted to

13:14.240 --> 13:24.560
promote my work. So, I initially just went through the certification process. So, the F&F,

13:24.720 --> 13:34.320
they have a process, a certification process, it's called, respects your freedom. It's for hardware,

13:35.360 --> 13:40.880
hardware suppliers, and the idea is that they want to verify that each company selling whether

13:40.880 --> 13:46.640
it be a computer, a 3D printer, I don't know, every 3 player, mobile phone, whatever it is. It has to

13:46.640 --> 13:53.760
be all free software that they can't have any spyware, can't have anything malicious, fully free

13:53.840 --> 14:03.680
in spirit, and actually free. So, I went through the process for that. In the early days of

14:03.680 --> 14:09.920
the projects, I ended up, I actually didn't take this as seriously back then. I mean, I was kind

14:09.920 --> 14:15.120
of aware of it, but you may or may not be aware. Corbyn is nominally a free software project,

14:15.120 --> 14:23.600
but it doesn't always, sometimes in Corbyn, you do need certain binary blobs for certain

14:23.600 --> 14:30.320
boards, and I'll go through that later on, but the original purpose of leapboots, as part of

14:30.320 --> 14:38.560
this certification process, was to provide a fully free, deep blobs, Corbyn distribution, fully

14:38.640 --> 14:45.600
free, few months in 2016, after applying in 2015, LibraBoot was actually referred to as

14:45.600 --> 14:55.600
Gennew LibraBoot, and we did actually did three releases of that then. My rationale for having

14:55.600 --> 15:02.560
LibraBoot joined the Gennew Projects back then was, I didn't possibly see how it could hurt,

15:02.640 --> 15:10.560
I only saw ways that it could be improved simply by virtue of the prestige of the Gennew

15:10.560 --> 15:16.800
infrastructure itself. LibraBoot was, and is a free software project started with the same goals,

15:16.800 --> 15:23.680
we want free software everywhere. So, ideologically, we were compatible. There were some technical

15:23.680 --> 15:30.320
disagreements during this time that were not foreseen during the application process,

15:30.320 --> 15:37.920
so standards relating to documentation, coding styles, also the governance of the projects.

15:39.440 --> 15:46.880
I was very critical at the time, because basically I felt like LibraBoot was LibraBoot's

15:46.880 --> 15:53.760
and the points of the FSF was just to promote it. But long story short, there was a very

15:53.760 --> 16:01.200
ugly breakup from the Gennew Projects in 2016. I regret what happened. Not really going to go into

16:01.200 --> 16:07.920
much detail in this talk. There's actually an article on LibraBoot.org. If you can go to

16:07.920 --> 16:13.920
LibraBoot.org, forward slash news, forward slash 10, date to melt 10, as in 100, date to melt.

16:14.240 --> 16:23.600
But the next few years, LibraBoot then was its own projects. During this time, I actually

16:23.600 --> 16:29.600
stepped down. I'm going into this history of the projects now. So, I actually stepped down

16:29.600 --> 16:35.840
from the LibraBoot projects for a number of years, from 2017 to 2021. I was going through some

16:35.840 --> 16:40.080
of my own things at the time, so I left other people in charge that were in the projects then.

16:40.720 --> 16:50.000
We created a committee that everyone could vote on decisions. It was decided then that the

16:50.000 --> 16:56.160
whole projects would be rewritten. One of the design flaws of the original LibraBoot

16:56.160 --> 17:03.680
build system was, it wasn't really very flexible. It worked, but you type one commands, build one

17:03.680 --> 17:11.600
board, and it wasn't really a concept of configurability back then. So, the purpose of the

17:11.600 --> 17:16.240
rewrite was going to go into some details about what they are. So, I started our split with a

17:16.240 --> 17:21.280
very strict and clear policy that basically says, and this is what I'm going into now, if a

17:21.280 --> 17:28.400
blob can be avoided, avoid it, if it can't include it. Try to minimise the harm that certain

17:28.400 --> 17:32.640
blobs can do. So, for example, on a lot of new Intel systems, if you need, if you have the

17:32.640 --> 17:39.360
Intel management engine, LibraBoot by default will use the ME cleaner utility, and there are some

17:39.360 --> 17:44.560
other examples as well. You can actually read that if you, that's the basic summary. If you want to

17:44.560 --> 17:49.760
read the read it in detail, there's this link on the slide, LibraBoot.org, forward slash

17:49.760 --> 17:56.880
news, forward slash policy, that's to now. Now, I should clarify that this was originally on the

17:56.960 --> 18:05.920
OSBoot website, and I'm going to go into some details later on. I did not use the rewritten design

18:05.920 --> 18:11.520
for the LibraBoot build system, then I took my work from 2016, when I essentially steps down

18:11.520 --> 18:18.240
from the projects and modernised it. So, made it possible to use new machines, added lots of

18:19.200 --> 18:25.440
well, but I did, but I basically said, look, new people have not done releases in five years,

18:26.240 --> 18:32.560
and I've got this built system over here in LibraBoot that works, it's got a ton of new boards

18:32.560 --> 18:38.080
and people are using it, people are happy. So, I decided then, why don't I also do this in LibraBoot?

18:38.160 --> 18:48.000
So, that's exactly what I did. Took, throughout five years of bad code and just to cover.

18:49.360 --> 18:56.720
So, obviously, though, from the perspective, then LibraBoot had been essentially dead for a

18:56.720 --> 19:03.520
number of years. So, getting people involved was very difficult. Yeah, it was a bit. I mean,

19:03.520 --> 19:12.880
we got there in the end, but so, but the problem, as I've explained with LibraBoot, was if you have

19:12.880 --> 19:21.360
this policy of only having fully free software, no blobs, no nothing, you can only support boards

19:21.360 --> 19:30.800
from 10, 15, even, sometimes 20 years ago. So, my thought then was, well, why don't I just merge

19:30.880 --> 19:35.120
the two projects together, just have, we've already got LibraBoot, which has been established for years.

19:35.840 --> 19:41.360
So, with a Canadian developer that I was working with at the time, I'm not, I apologise,

19:41.360 --> 19:46.400
Keleb if I'm risk-pronounceing you know, at Keleb, at Grung, someone maybe someone can

19:48.560 --> 19:54.240
correct my pronunciation. Anyway, he did a lot of work with me on OSBoot in 2022. So,

19:54.240 --> 20:02.640
he was amazing, and you can go on to the LibraBoot.org, at LibraBoot.org forward slash

20:02.640 --> 20:08.000
contribbed by HTML, it's got all of the contributions that people have made, he's on there,

20:08.000 --> 20:15.200
and yeah, so we worked together on that, and so he worked on the build system. He worked on

20:15.200 --> 20:22.640
the documentation, I worked on the build system, and we merged at OSBoot.org was completely removed

20:23.280 --> 20:30.400
and redirected to LibraBoot. There was a release shortly after that post merge, and you can

20:30.400 --> 20:40.080
probably tell what's going to happen next. The FSF being the FSF decided, well, we are not very

20:40.080 --> 20:48.640
happy with this. So, at the LibraBoot Planet 2023 conference, one of their people decided why don't

20:49.600 --> 20:57.120
we make another LibraBoot project, LibraBoot.org. Now, I would be a hypocrite, if I said that I

20:57.120 --> 21:03.680
objects to a thought, I don't. I want people to thought my work, if you want to do your own thing,

21:03.680 --> 21:09.200
and you want to go your own way, that's fine. But they tried to use the LibraBoot name, and

21:09.200 --> 21:15.520
they made it very clear that they wanted me to stop using the LibraBoot name. So, what exactly

21:15.520 --> 21:23.120
was I supposed to do? So, I basically just said, well, okay, so I was aware that this was going to

21:23.120 --> 21:29.760
happen, because one of the people that I work with in LibraBoot was contacted by one of their developers

21:29.760 --> 21:35.520
at the time saying, hey, do you want to work on this new LibraBoot thought with us? And he told me

21:35.520 --> 21:45.360
about it. So, I saw that the FSF was doing a talk from Dennis. He's one of the founders of the

21:45.520 --> 21:50.080
LibraBoot project. He had a talk. He didn't say that there was going to be a LibraBoot

21:50.080 --> 21:55.680
thought. It was called something like, seizing the means of free software, production,

21:55.680 --> 21:59.120
or something like that. Anyway, I anticipated that he was going to,

21:59.120 --> 22:04.320
correctly, that he was going to announce a fork during that talk. So, I did a LibraBoot

22:04.320 --> 22:14.160
thought the same day, hours before his talk. It passed amounts of work much more than we did before

22:15.040 --> 22:22.160
in the same period. We did like three leases in a month. After a month, a drew

22:22.160 --> 22:29.040
defaults, the owner of source hats, they were using source hats to host the website,

22:29.040 --> 22:33.760
the repositories, they're mailing this, everything. As some people may know, drew

22:33.760 --> 22:37.360
defaults is not a fan of the FSF, and I basically went through them and said, look,

22:38.000 --> 22:43.280
can we do something about this? So, long story short, the project was deleted from

22:43.280 --> 22:52.160
source hats and after that they didn't want to. I can probably surmise that they wanted it to

22:52.160 --> 22:58.320
look a bit more grass roots rather than hosting it on GNU.org, and calling it GNU LibraBoot,

22:58.320 --> 23:02.080
which obviously wouldn't fly. They wanted to make it look a bit more sort of independent.

23:02.080 --> 23:07.200
But the FSFs tried again, and they created a new project called GNU Boots.

23:09.200 --> 23:12.640
A bit more respectful this time, they weren't trying to use the LibraBoot name,

23:12.640 --> 23:18.240
but they still had the same rotten attitude. They were going around telling people that

23:18.240 --> 23:25.680
LibraBoot is a proprietary software project. So, I decided, well look, they were also using

23:26.000 --> 23:32.080
LibraBoot from July, 2022. This was a bit 2023 at that point. They were using a version of LibraBoot

23:32.080 --> 23:36.080
that was a year out of date. And I looked at the repository and they didn't really seem to be going

23:36.080 --> 23:42.080
anywhere, so I thought, you know what? Why don't I make a project that does exactly what you want?

23:42.160 --> 23:47.680
So in October, 2023, I launched a new project called GNU Boots. GNU Boots is essentially the

23:47.680 --> 23:53.120
old LibraBoot, the old policy, fully free FSF compliant, all of that.

23:56.000 --> 23:59.760
There's a lot of this talk, there's a purpose of this talk is not to talk about GNU, but obviously

24:00.640 --> 24:05.360
no LibraBoot talk is complete without mentions of the FSF, and this is part of the history of

24:05.440 --> 24:11.280
LibraBoot projects. So, that long story short, a few years later, things come down,

24:12.640 --> 24:18.960
full, well and good now. Anyway, I don't want to keep talking about the FSF.

24:19.760 --> 24:24.640
So, there's been loads and loads of new work over the last few years. So, for example, this

24:24.640 --> 24:31.840
thinkpad that I'm running is a T5, I thinkpad T580. The T480 was added, well, it was also the

24:31.840 --> 24:39.120
Deluxeplex 3050 micro. Yeah, a developer that I work with, Marta Kookley, I hope I'm pronouncing

24:39.120 --> 24:44.240
the name correctly this fun. He works on a utility called D-guards, which, besides, there's a feature

24:45.120 --> 24:49.920
on Intel systems called the Intel Boot Guard, and what that does is, if the manufacturer

24:49.920 --> 24:54.720
enables it, your firmware is cryptographic signs. So, if you change anything in the firmware,

24:54.720 --> 25:00.960
it doesn't boot anymore. So, this makes orbit impossible. On 8th generation, I say 8th generation,

25:01.040 --> 25:08.160
anything that has Intel Management Engine version 11. Any, there are any 11.x.

25:08.960 --> 25:14.480
He wrote a utility called D-guards, which used an existing vulnerability in ME version 11,

25:15.200 --> 25:20.800
who decides to completely, the vulnerability in question on the ME, basically allows you to run

25:20.800 --> 25:26.160
on-time code. So, he used that to disable the, to figure out how to disable the Intel boot guard

25:26.160 --> 25:30.800
and from that, we can now support a lot of newer machines, because a lot of newer new machines

25:30.800 --> 25:40.320
are used, but good. Yeah. So, I'm going to go briefly through the future roadmap of the projects.

25:40.320 --> 25:45.600
So, at the moment, there's a lot of work needed on the documentation of the boot. A lot of people

25:45.600 --> 25:50.400
that got back to me and saying, it's all over the place. If I want to figure out how to flash

25:50.400 --> 25:55.120
one machine, I've got to read this page, then that page, and it's all one of the things that we

25:55.120 --> 25:58.960
really need to do in the projects that the moment is, is audit the documentation and make it a bit

25:58.960 --> 26:07.360
more fluent for the, for non-technical people. One of the things I also want to do with

26:07.360 --> 26:15.120
Libre boot is Ad Tiana Core. There is a Tiana Core, or if you're okay to, on lots of modern

26:15.120 --> 26:22.080
desktop systems now, you need to have URIFIRE, because if you're in particular, alongside

26:22.080 --> 26:28.720
the core boot, allows you to have a feature called real okay-table bar, or base address register.

26:28.720 --> 26:33.280
If you want, if your graphics card needs to use a lot more memory, as a lot of them do now,

26:33.280 --> 26:37.600
as you need to have this feature, and we currently don't have this feature, but with a long

26:37.600 --> 26:44.080
side, you need to pay two. If you have like an Intel arc or modern video and the work wherever

26:44.080 --> 26:49.200
it is, a lot of graphics cards just simply don't work anymore. You need URIFIRE, so we're looking

26:49.200 --> 26:58.160
into that. I'm currently working on integrating a bunch of other projects, so there's another

26:58.160 --> 27:04.640
project called Mr Chromebox, which supports a lot of Intel-based Chromebooks. I've been working

27:04.640 --> 27:09.920
with, well, not working with, but the developer of that project has provided me with some advice,

27:09.920 --> 27:15.280
and I'm currently working on integrating those in Libre boot. Libre boot also became part of

27:15.840 --> 27:21.760
a nonprofit organization called Software in the Public Interest last year. They essentially

27:21.760 --> 27:25.680
provide fiscal sponsorships of projects, so if you want to make a donations paid or something

27:25.680 --> 27:30.880
like that, then they can also provide a lot of legal related services. They provide support for

27:30.880 --> 27:35.280
a lot of big projects like Debian, Arch, I think. Yeah, Arch Linux is a member.

27:38.080 --> 27:44.160
If you want to, I said in Ireland, in this talk, I'm not going through the technical aspects of

27:44.160 --> 27:49.360
Libre boot in detail, and I'm not going through it. If I wanted to talk about every

27:49.360 --> 27:55.120
contributor that has ever done anything for the project, it'll be like a hundred slides. If you

27:55.120 --> 28:00.480
want to go on to, if you go on to Libre boot.org forward slash a contract that HTML, you can find

28:00.480 --> 28:06.960
a list of people who have contributed to the project. I am wrapping up the talk part now, and

28:06.960 --> 28:13.440
I'm going to do the demo a little bit. If you want to help Libre boot, some generic advice

28:13.440 --> 28:19.840
is, use it. Tell people about it, tell your friends, tell going line, log about it. If you're

28:19.840 --> 28:24.320
technically inclined, you can work on corporates itself, you can add your main boards, you can

28:24.320 --> 28:29.280
as explained before you can also work on improving use of documentation, also provide use of

28:29.360 --> 28:35.840
this bottom LC. This is obviously obligatory of this part, I've used some images from other

28:35.840 --> 28:42.560
projects. Thank you, and as I explained before, the next part of this talk will be a demo,

28:42.560 --> 28:46.880
and a Q&A. So, yep, thank you.

28:46.880 --> 28:59.120
Now, I am mindful of the facts that I'm currently holding this microphone, but I

28:59.200 --> 29:04.800
need to be able to type to do the demo. So, would it be possible for me to wear the thingy, yeah,

29:04.800 --> 29:07.760
thank you.

29:29.120 --> 29:58.800
Okay, so I'm going to sort of improvise.

29:58.880 --> 30:09.760
So, I'm going to go in. Okay, so if I go now into the, let me put that terminal on the other screen.

30:10.880 --> 30:18.800
Oh, yeah, if anyone wants to ask questions, so as I said before, I'm going to do a demo now on Libre

30:18.800 --> 30:24.160
boot itself on the build system, how it works, but if you want to ask anything,

30:24.640 --> 30:30.160
this is the Q&A session now. So, if you have any questions, I'm sure someone wants to

30:30.160 --> 30:35.680
pass around the mic or ask any questions you have, it can be about the demo itself, or

30:35.760 --> 30:56.480
I can't see up. Okay, hopefully you can see this. So, I see what, I've got an idea. Can you

30:56.480 --> 31:01.520
stand with me and hold the mic to my mouth so I can speak and use both hands? This is me improvising.

31:02.080 --> 31:15.120
So, thank you, thank you very much. Yeah, yeah. Really difficult to do anything on this screen.

31:15.120 --> 31:19.680
Yeah, if anyone has any questions, if I pass around the mic and you can ask what if you want

31:19.680 --> 31:27.280
about Libre roots, yeah, if you have any questions I want to. I can't see my mouth on the second

31:27.280 --> 31:35.680
screen, so it's kind of difficult to. I was wondering, how safest Libre boots to use on my

31:35.680 --> 31:40.480
laptop that I use every day and that I don't want to crash and keep booting?

31:42.880 --> 31:50.400
Relatively safe, so we have a testing process, so we do testing releases first and then we do

31:50.400 --> 31:56.000
stable releases. If you want to have some assurance that you won't break your machine, I recommend

31:56.080 --> 32:02.720
sticking to stable releases of Libre boots. Generally, that will not pose an issue. If you do have

32:02.720 --> 32:08.400
problems, you can report them immediately and we will try. Okay, I can't see what I'm doing.

32:08.400 --> 32:12.320
So, should I then first check all the hardware if it's all supported or...

32:17.520 --> 32:22.320
Sorry, so I'll say again. Should I then first check if all my hardware is supported by Libre

32:23.280 --> 32:30.480
Oh yeah, so if you go to Libre boot.org forward slash dot forward slash in store, there is a compatibility

32:30.480 --> 32:40.560
list there. Okay, thank you. Hello, could everyone see the screen clearly before? Like when it was

32:40.640 --> 32:46.960
black and white? We'll try to ask somebody from this half,

32:46.960 --> 33:10.240
um, well, it's right, I'm trying to just, I can't literally see what happened.

33:11.200 --> 33:13.280
If there's any questions, feel free to ask.

33:16.400 --> 33:23.120
Hello, so from what I understood by scheming the website aside from Chromebooks,

33:23.840 --> 33:29.360
basically every other machine requires you to open it in order to connect an external flash at

33:29.360 --> 33:37.680
to install it. Is there like any plans to deal with it? Because like, well, I probably can do that,

33:37.760 --> 33:42.960
but if we are targeting basically the entire world, it's more complicated for them.

33:45.440 --> 33:50.800
Yeah, really, I think it just, it really just depends on the machine that you're flashing.

33:50.800 --> 33:55.200
So, some are easier than others. Some you can just run software to install Libre boot. Some you

33:55.200 --> 34:00.880
do need to take apart. Unfortunately, it's just one of those things that's currently unavoidable.

34:00.880 --> 34:05.360
Okay, I have a light mode and I wouldn't mind someone on now. Okay, can people see that terminal

34:05.360 --> 34:10.000
better now? Okay, much better, right. So we've got, I don't know if we've got left.

34:11.840 --> 34:16.080
Any other question, maybe? Okay, we've got about 10 minutes. Okay, 10 minutes should be enough time.

34:16.080 --> 34:21.760
So I'm just going to briefly go through, I'm going to, and I know, how do I actually enable mirror mode?

34:26.080 --> 34:30.240
Yeah, just keep asking questions. If you have any questions, I'll be happy to ask them.

34:31.200 --> 34:35.200
I don't need normally doing mirror mode in front of us.

34:39.680 --> 34:43.920
Okay, I'll just, I'll just do it this way. Okay, so if you want to use Libre boot,

34:43.920 --> 34:52.080
I'm going to give you a brief tech demo. So let's say what you have, sorry, what is the single

34:52.080 --> 34:59.520
the most powerful device currently compatible with Libre boot? It really depends on what you want to do.

34:59.520 --> 35:06.880
So if you want a laptop, for example, the most powerful laptop you want to use right now is probably

35:06.880 --> 35:13.200
I think pad T48 or T580. If you want a desktop machine, it really depends on what you're doing.

35:15.200 --> 35:23.040
If you're mostly concerned with multi threading, for example, there's an older boards that we

35:23.040 --> 35:31.440
supports, the ASUS KGB D16 is really old now, but you can use large 16, that's who 16

35:31.440 --> 35:36.320
course, if you're using, if you don't, that's a compiling building, then it's kernels.

35:37.200 --> 35:42.640
Anything that needs a lot of thread. If you're building a modern desktop for workstation use,

35:42.640 --> 35:50.720
you might use one of the has-well systems that we support. We are looking to add more

35:51.360 --> 35:56.960
modern older desktop boards at some points in the near future. There's really no concrete answer

35:56.960 --> 36:02.160
to your question, the most powerful or viable system to use really depends on your use case scenario.

36:03.200 --> 36:05.120
That sounds like a great question, okay, thank you.

36:05.120 --> 36:10.880
Okay, so yeah, brief tech demo, so there's really not much to it. So let's say you want to

36:11.920 --> 36:16.560
feel, again, feel free to interrupt me anytime. If you want to use another question here.

36:17.440 --> 36:23.200
Okay, so I'm just going to briefly go through, so if let's say you just want to use

36:23.200 --> 36:29.520
a little bit, right? Let's say I want to install a little bit on a think-pad T580.

36:30.800 --> 36:38.320
So if I do this command, m, s, m, s, m, k, b, co-book list, or less, you can get a list of boards,

36:38.320 --> 36:44.960
and you can search T580, and actually we'll do know what's in the output here, but let's say now I want

36:45.040 --> 37:08.320
to build for the device that you can do, like, like, blah, okay, it's very difficult to see what I'm doing here, so, okay, go ahead, ask your question.

37:09.280 --> 37:18.880
One of the question is, like, how easy is it to, like, make it possible for, like, a new device?

37:18.880 --> 37:25.360
If I have, let's say, a modern think-pad, and I want to try adding support for that, how long do you

37:25.360 --> 37:30.800
think it would take? Is it, like, a lot of reverse engineering and things, or just go look at

37:30.800 --> 37:37.920
documentation, specs, and just write? Yeah, so if it's not already supported in the corporate

37:37.920 --> 37:44.240
projects, then there are going to be certain questions you have to ask. So it's the chipset already supported,

37:44.240 --> 37:52.640
like, what, what, what Intel Gen is, is the platform, like, is everything supported properly?

37:53.680 --> 37:58.880
Generally speaking, on laptops, there's also an extra chip called the EC, the embedded controller,

37:58.880 --> 38:04.240
which is very different per machine, and you usually have to do a bit of reverse engineering there.

38:05.200 --> 38:12.320
Corby tries to generalize as much as possible for each platform, such that each mainboard

38:12.320 --> 38:18.560
has its own quirks to find in code, but then you have universal code that's you reused on

38:18.560 --> 38:23.680
that hundreds of different mainboards. Go to the corporate projects first, work with then,

38:23.680 --> 38:28.720
add, add the boards. When you add a board to the labor boots, it's essentially, by virtual

38:28.720 --> 38:33.120
configuration, the labor boots supports what the corporate already has, and it provides

38:33.920 --> 38:40.960
the pre-configures, things that you can use. Yeah, there's no real set answered to your question,

38:40.960 --> 38:47.840
yeah, that I would advise that you contact the corporate projects about this. Okay, so I'm going to go through

38:48.960 --> 38:54.960
so I just built one of the the main things you have to realize about every talk is there is going

38:54.960 --> 38:59.040
always going to be an error when you do a commands that works perfectly, that morning,

38:59.600 --> 39:05.120
you're always going to have something. Okay, so I'll ask another question if you want five.

39:05.120 --> 39:11.760
Oh, yeah, for the recent inclusion of the top ten router, is that indicative that there might be

39:11.760 --> 39:18.400
more, sorry, again, what router? Oh, the top ten one. Oh, yeah, yeah, sorry. Oh, sorry,

39:18.480 --> 39:23.680
just to finish, sorry, get you off. Is that indicative that there might be more support for

39:23.680 --> 39:28.960
like older lake twin lake products down the line? Yes, and this is something that we're actively pursuing.

39:34.800 --> 39:42.560
You're asking if we're looking at more, more boards, more from that same generation, right? Yes.

39:43.520 --> 39:48.880
Great presentation. I have a question here. You mentioned that you are supporting

39:49.600 --> 39:59.600
a generation of core i5 i7 CPUs from Intel, such as the ThinkBat T480 and T480s,

39:59.600 --> 40:05.680
what about T490 and 90s, which are using the same generation of Intel CPUs?

40:05.920 --> 40:12.720
Ah, yes. I believe you said the ThinkPad T490, the T490 uses Intel management engine version 12,

40:13.520 --> 40:20.400
for which hack to disable the Intel boot guard has not yet been found. So that's currently not feasible

40:20.400 --> 40:31.120
in reboot. Thank you, great talk. So if I want to use a TPM and ideally something like

40:31.120 --> 40:35.600
measured boot through reboot, can I do that? How is it? Is it?

40:36.640 --> 40:43.120
Libreboots has no facility for use of a TPM. There are other projects that use it. You can look at

40:43.120 --> 40:49.840
a project called heads, for example, which uses TPM and has what it calls measured boot.

40:50.560 --> 40:56.240
It uses the Linux kernel as a payload and it uses K exec for its own interface to boot your

40:57.200 --> 41:02.720
system. It's very similar to using something like, say, grub or something like that. And yeah,

41:02.720 --> 41:07.120
it has that feature. Libreboot currently does not facilitate this in any way. That's not

41:07.120 --> 41:14.960
to say it can't, just that it currently doesn't. You could probably modify whatever you want to

41:14.960 --> 41:21.600
do that. TPM is enabled on some boards, but we don't really use it for anything at the moment.

41:22.560 --> 41:30.560
Okay, so the tech demo is a bit of a nightmare actually because I can't see what I'm doing

41:30.560 --> 41:34.720
because I'm looking at the screen. Anyway, I can't really show it running because we've

41:34.720 --> 41:39.520
run a few minutes left. So let's say you're a user. You want to do Libreboot. Let's say you're

41:39.520 --> 41:47.520
in deviant, right? You got like that NK dependencies, deviant. That will run all your, that will

41:47.520 --> 41:51.680
install all the build dependencies. And then if you want to build for your board, you do.

41:52.880 --> 41:57.600
But this is Doc, you can, you can go on to Libreboot.org forward slash docs forward slash build.

41:57.600 --> 42:02.880
There's also documentation about the build system itself on forward slash docs forward slash main

42:02.960 --> 42:12.960
team. But if you want to, so go ahead and ask more questions if you want, I'll be

42:12.960 --> 42:20.960
up side if you want to crowd around me afterwards as well. So you do that in KB,

42:20.960 --> 42:25.840
call it this, it shows you that a bunch of boards and then you do. And then you just, you can just

42:26.080 --> 42:32.640
call those, you know, build every board. We can add target nine here. I can't, I don't know.

42:32.640 --> 42:40.160
Hello, maybe if we. We have time for one last question. Yep.

42:42.160 --> 42:50.320
I question, I have a Libreboot on X 200 laptop, which I'm really happy about that, about

42:51.200 --> 42:58.080
two, that five seconds. But I have a problem, maybe it's not a feature already implemented with

42:58.080 --> 43:06.720
a QMU and instruction to have hardware acceleration. So, of course, we have the machine

43:06.720 --> 43:13.120
really slow. So when you say hardware acceleration, what you're referring to? I'm talking about

43:13.920 --> 43:24.560
the WXM. Yeah. Well, it's a fairly out the, the most efficient answer is it's a very old machine.

43:25.280 --> 43:30.880
If you want modern hardware acceleration features and what not, you need to upgrade your hardware.

43:32.240 --> 43:37.360
I hope, I know that's not probably not what most people want to hear, but think Pad X 200 is

43:37.360 --> 43:46.960
18 years old. So, yeah, but if I use it, the normal wheels, I have acceleration,

43:46.960 --> 43:52.320
be my virtual machine. Oh, sorry, I misunderstood. Are you referring to virtualization?

43:52.880 --> 43:58.880
Exactly. Oh, okay. Yeah, that is something that we can look into. So, what's, if you have a bug

43:58.960 --> 44:05.360
relating to that, you can send it to the bug tracker on code bug, code bug, dot or forward slash

44:05.360 --> 44:12.000
reboot, forward slash, I'll be in K and you can information about that. Thank you for your talk.

44:12.800 --> 44:21.760
Okay. Yeah, I do apologize. Anyway, yeah. So, basically, if you want to, I briefly alluded

44:21.840 --> 44:29.440
to it in this somewhat Ubisoft successful tech demo, but as you saw from some of these commands,

44:29.440 --> 44:34.240
if you want to build Libre boot and install it on the machine, it's usually just like one or two

44:34.240 --> 44:39.280
commands. If you were going to build your own firmware from scratch, you'd need to download

44:39.280 --> 44:46.080
core boot and tackle the, of the commands you'd need to know which cross compilers to, to build.

44:46.480 --> 44:51.840
You'd need to download grab, you need to download this, download that, and it'd be hundreds of

44:51.840 --> 44:57.120
commands you'd have to go through 50 different configuration files of 50s probably hyperbole, but you get

44:57.120 --> 45:05.440
the point. One commands and it just does everything. That would have been what I was going to,

45:05.440 --> 45:11.040
that I would have demonstrated that, but as I've, as I'm informed, run out of time. Again,

45:11.040 --> 45:25.200
thank you for coming to my presentation. If you have any more questions, we have all day. So,

45:25.200 --> 45:31.040
feel free to crown around me in the corridors outside or ambush me at your leisure during the

45:31.040 --> 45:34.080
rest of the frosttime conference. Thank you again for coming to my talk.