Libreboot X200 laptop now FSF-certified to respect your freedom

Libreboot X200 laptop now FSF-certified to respect your freedom

BOSTON, Massachusetts, USA -- Thursday, January 29, 2015 -- The Free
Software Foundation (FSF) today awarded Respects Your Freedom (RYF)
certification to the Libreboot X200 laptop. The RYF certification mark
means that the product meets the FSF's standards in regard to users'
freedom, control over the product, and privacy.

This is the second Libreboot laptop from Gluglug (a project of
Minifree, Ltd.) to achieve [RYF certification][1], the first being the
[Libreboot X60][2] in [December 2013][3]. The Libreboot X200 offers
many improvements over the Libreboot X60, including a faster CPU,
faster graphics, 64-bit GNU/Linux support (on all models), support for
more RAM, higher screen resolution, and more. The Libreboot X200 can
be purchased from Gluglug at <http://shop.gluglug.org.uk/product/libreboot-x200/>.

The Libreboot X200 is a refurbished and updated laptop based on the
Lenovo ThinkPad X200. In order to produce a laptop that achieved the
Free Software Foundation's certification guidelines, the developers at
Gluglug had to replace the low-level firmware as well as the operating
system. Microsoft Windows was replaced with the [FSF-endorsed][4]
[Trisquel GNU/Linux][5] operating system, which includes the GNOME 3
desktop environment. The free software boot system of Libreboot and
the GNU GRUB 2 bootloader were adapted to replace the stock
proprietary firmware, which included a BIOS, Intel's Management Engine (ME)
system, and Intel's Active Management Technology (AMT) firmware.

The FSF has previously [written][7] about Intel's ME and AMT, calling
attention to how this proprietary software introduces a fundamental
security flaw -- a back door -- into a person's machine that allows a
perpetrator to remotely access the computer over a network. It enables
powering the computer on and off, configuring and upgrading the BIOS,
wiping the hard drives, reinstalling the operating system, and
more. While there is a BIOS option to ostensibly disable AMT, because
the BIOS itself is proprietary, the user has no means to verify
whether this is sufficient. The functionality provided by the ME/AMT
could be a very useful security and recovery measure, but only if the
user has control over the software and the ability to install modified
versions of it.

"The ME and its extension, AMT, are serious security issues on modern
Intel hardware and one of the main obstacles preventing most Intel
based systems from being liberated by users. On most systems, it is
extremely difficult to remove, and nearly impossible to
replace. Libreboot X200 is the first system where it has actually been
removed, permanently," said Gluglug Founder and CEO, Francis Rowe.

"This is a huge accomplishment, but unfortunately, it is not known if
the work they have done to remove the ME and AMT from this device will
be applicable to newer Intel-based laptops. It is incredibly
frustrating to think that free software developers may have to invest
even more time and energy into figuring out how to simply **remove**
proprietary firmware without rendering the hardware nonfunctional. On
top of that, the firmware in question poses a serious security threat
to its users -- and the organizations who employ them. We call on
Intel to work with us to enable removal of ME and AMT for users who
don't want it on their machines," said FSF's executive director, John
Sullivan.

In order to remove the ME, AMT, and other proprietary firmware from
the laptop, the Libreboot developers had to first reverse engineer
Intel's firmware. They then created a small software utility to
produce a free firmware image that conforms to Intel's
specifications. Finally, to install their firmware on the device, they
used special hardware (an SPI flasher) that they directly connected to
a small chip on the motherboard itself. After many months of work, the
Libreboot developers managed to completely overwrite the proprietary
firmware with Libreboot and GNU GRUB 2. Those who purchase a Libreboot
X200 from Gluglug will receive a laptop that has had all of this work
already done to it and will be able to update or install new firmware
to their device without needing to make use of any special hardware or
complicated procedures.

To learn more about the Respects Your Freedom hardware certification,
including [details][2] on the certification of the Libreboot X200,
visit <http://www.fsf.org/ryf>. Hardware sellers interested in
applying for certification can consult
<http://www.fsf.org/resources/hw/endorsement/criteria>.

Subscribers to the FSF's [*Free Software Supporter*][8] newsletter
will receive announcements about future Respects Your Freedom
products.

[1]: https://www.fsf.org/ryf
[2]: https://www.fsf.org/resources/hw/endorsement/gluglug
[3]: https://www.fsf.org/news/gluglug-x60-laptop-now-certified...
[4]: http://www.gnu.org/distros/free-distros.html
[5]: https://trisquel.info/
[6]: http://libreboot.org/
[7]: https://fsf.org/blogs/community/active-management-technology
[8]: http://www.fsf.org/fss

### About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to
promoting computer users' right to use, study, copy, modify, and
redistribute computer programs. The FSF promotes the development and
use of free (as in freedom) software -- particularly the GNU operating
system and its GNU/Linux variants -- and free documentation for free
software. The FSF also helps to spread awareness of the ethical and
political issues of freedom in the use of software, and its Web sites,
located at fsf.org and gnu.org, are an important source of information
about GNU/Linux. Donations to support the FSF's work can be made at
<https://donate.fsf.org>. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for
journalists and publishers, is at <https://www.fsf.org/press>.

### About Gluglug and Minifree, Ltd

Francis Rowe is the Founder and CEO of Minifree Ltd in the UK, which
owns and operates Gluglug, a project to promote adoption of free
software globally. To purchase products sold by Gluglug, visit
<http://shop.gluglug.org.uk>.

### Media Contacts

Joshua Gay   
Licensing & Compliance Manager  
Free Software Foundation  
+1 (617) 542 5942  
<licensing@fsf.org>  
  
  
Francis Rowe  
Founder & CEO  
Gluglug  
<info@gluglug.org.uk>  

-- 
Follow us: https://status.fsf.org/fsf | Subscribe to our RSS feeds: https://fsf.org/blogs/RSS
Join us as an associate member: https://www.fsf.org/jf

Sent from the Free Software Foundation,

51 Franklin St
Boston, Massachusetts 02110-1335
United States