I’m in Hanoi now.
I just wanted to give an update on the hardware-- I should have taken a more MAID like approach to giving a date for a spec. While it’s not the most complicated build, I’ve thus far run out of time. It was my objective to give you a gorgeous, even pornographic photo of a lil box with a big hard disk and a tiny computer and so far I’ve come short.
I’ll keep at it though. The seed of this concept has me thinking about open hardware more generally again, and how to approach that. As the recent Intel bugs show, we’re sorely in need of secure hardware. Taking a page from software development, I think it’s fair to say that the only adequately secure hardware is going to be open hardware.
The BEST possible MAID farmer would be open from the bottom–
- CPU (see: RISC-V/LowRISC/OpenRISC as examples of open cores)
- PCB (various PCB sharing communities exist but none is big because most PCB designs are made by the same companies that make the CPUs)
- Memory Modules (There’s no even kinda open source RAM)
- Board Components (capacitors, resistors, ports, jacks, etc…)
top (maybe not in that order)
Now, what I just laid out there is in fact impossible today. I think getting there could take ten years. So, probably we’ll of course start with something less-than-perfect. My main point here is that the trustworthiness of well-reviewed and understood open software has actually eclipsed that of most any hardware out there. And since software sits on top of hardware, it’s pretty tough to protect software from hardware that doesn’t perform to spec. Most hardware doesn’t even have an open spec, so it’s difficult to validate weather it does or does not perform according to its spec.
The above is a bit of a rumination that I’d like to take action on. But this won’t be the “next month” kind of action. Luckily, it can start by simply releasing well-understood hardware that uses proprietary components, and documenting the source of those components.
What you’d want to do is create a new standard for hardware openness and security by honing in on the reality that closed hardware is deeply damaging to the software systems that run on top of it.
Thanks for listening. I’d love feedback.