Hi all, I bought a Lenovo Ideapad 100S before Christmas. My old netbook is not reliable (loose LVDS connector inside the glued screen frame, it seems) and I need a lightweight and trustworthy laptop when on call. So the idea was installing a proper OS on it but the UEFI is castrated to a point that I cannot even boot from USB (after SecureBoot is off). "System does not have any USB boot option" I get if I jump through all hoops and restart with USB device chosen. With a 32GB eMMC I do not have an option to replace that either it seems..(or do I have another option?) So I went to the Lenovo support website. A form with e-mail support - but the submit button does not work. Firefox is specifically mentioned as compatible with this website. Okay, chat. The support apologized for the system limitations and recommended to return it to the shop. Well, I will try my luck with this in my hands. I claimed that the device violates UEFI specification. Well, I actually do not know,and it may a bit bogus: http://www.uefi.org/faq --- Can all systems disable UEFI Secure Boot? While it is designed to protect the system by only allowing authenticated binaries in the boot process, UEFI Secure Boot is an optional feature for most general-purpose systems. By default, UEFI Secure Boot can be disabled on the majority of general-purpose machines. It is up to the system vendors to decide which system policies are implemented on a given machine. However, there are a few cases—such as with kiosks, ATM or subsidized device deployments—in which, for security reasons, the owner of that system doesn’t want the system changed. --- It does not mention the range of devices to boot from at all. My wife has another Lenovo netbook bought half a year earlier where I am able to boot from USB (well, the FreeBSD 10.2 UEFI memstick kernel panics shortly after that but that may have another reason). In general, I see the lockdown as a serious threat for open source. I wonder whether there are ways to alert the ACCC or other venues. At least locked down devices should be clearly marked to be aware of this. Any ideas in that regard? Should we do something on organisational level (via Linux Australia)? I think this is serious. We loose the ability to run open source on modern hardware completely, if we do not act, I think. Regards Peter
Hi all, at least I could return the "faulty" device without problem. Leaves me with the question what else I can buy.. BTW: Lenovo Ideapad 100S is more a generic than an exact model description. Some come with Windows 8, some with 10, and the booting is different. Regards Peter On Wed, Jan 6, 2016 at 11:25 AM, Peter Ross <petrosssit@gmail.com> wrote:
Hi all,
I bought a Lenovo Ideapad 100S before Christmas. My old netbook is not reliable (loose LVDS connector inside the glued screen frame, it seems) and I need a lightweight and trustworthy laptop when on call.
So the idea was installing a proper OS on it but the UEFI is castrated to a point that I cannot even boot from USB (after SecureBoot is off).
"System does not have any USB boot option" I get if I jump through all hoops and restart with USB device chosen.
With a 32GB eMMC I do not have an option to replace that either it seems..(or do I have another option?)
So I went to the Lenovo support website. A form with e-mail support - but the submit button does not work. Firefox is specifically mentioned as compatible with this website.
Okay, chat.
The support apologized for the system limitations and recommended to return it to the shop.
Well, I will try my luck with this in my hands.
I claimed that the device violates UEFI specification. Well, I actually do not know,and it may a bit bogus:
http://www.uefi.org/faq --- Can all systems disable UEFI Secure Boot?
While it is designed to protect the system by only allowing authenticated binaries in the boot process, UEFI Secure Boot is an optional feature for most general-purpose systems. By default, UEFI Secure Boot can be disabled on the majority of general-purpose machines. It is up to the system vendors to decide which system policies are implemented on a given machine. However, there are a few cases—such as with kiosks, ATM or subsidized device deployments—in which, for security reasons, the owner of that system doesn’t want the system changed.
---
It does not mention the range of devices to boot from at all.
My wife has another Lenovo netbook bought half a year earlier where I am able to boot from USB (well, the FreeBSD 10.2 UEFI memstick kernel panics shortly after that but that may have another reason).
In general, I see the lockdown as a serious threat for open source.
I wonder whether there are ways to alert the ACCC or other venues.
At least locked down devices should be clearly marked to be aware of this.
Any ideas in that regard? Should we do something on organisational level (via Linux Australia)?
I think this is serious. We loose the ability to run open source on modern hardware completely, if we do not act, I think.
Regards
Peter
My personal recommendation would be to avoid Lenovo completely... https://en.wikipedia.org/wiki/Superfish On Wed, Jan 6, 2016 at 3:41 PM, Peter Ross via luv-main <luv-main@luv.asn.au
wrote:
Hi all,
at least I could return the "faulty" device without problem.
Leaves me with the question what else I can buy..
BTW: Lenovo Ideapad 100S is more a generic than an exact model description. Some come with Windows 8, some with 10, and the booting is different.
Regards Peter
On Wed, Jan 6, 2016 at 11:25 AM, Peter Ross <petrosssit@gmail.com> wrote:
Hi all,
I bought a Lenovo Ideapad 100S before Christmas. My old netbook is not reliable (loose LVDS connector inside the glued screen frame, it seems) and I need a lightweight and trustworthy laptop when on call.
So the idea was installing a proper OS on it but the UEFI is castrated to a point that I cannot even boot from USB (after SecureBoot is off).
"System does not have any USB boot option" I get if I jump through all hoops and restart with USB device chosen.
With a 32GB eMMC I do not have an option to replace that either it seems..(or do I have another option?)
So I went to the Lenovo support website. A form with e-mail support - but the submit button does not work. Firefox is specifically mentioned as compatible with this website.
Okay, chat.
The support apologized for the system limitations and recommended to return it to the shop.
Well, I will try my luck with this in my hands.
I claimed that the device violates UEFI specification. Well, I actually do not know,and it may a bit bogus:
http://www.uefi.org/faq --- Can all systems disable UEFI Secure Boot?
While it is designed to protect the system by only allowing authenticated binaries in the boot process, UEFI Secure Boot is an optional feature for most general-purpose systems. By default, UEFI Secure Boot can be disabled on the majority of general-purpose machines. It is up to the system vendors to decide which system policies are implemented on a given machine. However, there are a few cases—such as with kiosks, ATM or subsidized device deployments—in which, for security reasons, the owner of that system doesn’t want the system changed.
---
It does not mention the range of devices to boot from at all.
My wife has another Lenovo netbook bought half a year earlier where I am able to boot from USB (well, the FreeBSD 10.2 UEFI memstick kernel panics shortly after that but that may have another reason).
In general, I see the lockdown as a serious threat for open source.
I wonder whether there are ways to alert the ACCC or other venues.
At least locked down devices should be clearly marked to be aware of this.
Any ideas in that regard? Should we do something on organisational level (via Linux Australia)?
I think this is serious. We loose the ability to run open source on modern hardware completely, if we do not act, I think.
Regards
Peter
_______________________________________________ luv-main mailing list luv-main@luv.asn.au http://lists.luv.asn.au/listinfo/luv-main
-- Dr Paul van den Bergen
On Wed, Jan 6, 2016 at 3:42 PM, Paul van den Bergen via luv-main < luv-main@luv.asn.au> wrote:
My personal recommendation would be to avoid Lenovo completely...
Probably, although this problem is avoidable as long as you get rid of Windows. I just had the funny thought, in case I really can't, to install VirtualBox with a bridged network adapter and an internal switch connecting Windows and VirtualBox. Finally I make VirtualBox (internal) the gateway for Windows and block all traffic there (and probably have a proxy if you need selected access from Windows). Next time I will try that.. I find it quite frustrating to be back in the 90ies where it was hard to find a PC manufacturer who would care for anything but Windows, installations again are hit and miss. And the fiddling with monitor mode lines is replaced by figuring out what this UEFI "standard" implementation is doing wrong this time.. It is actually worse this time because MS has these days the right to bully manufacturers to block open software, it seems. Regards Peter
Peter Ross via luv-main <luv-main@luv.asn.au> writes:
at least I could return the "faulty" device without problem. Leaves me with the question what else I can buy..
I have had a good experience with the Acer C720. It ships coreboot and cros; jumping through a few hoops[*] let me reflash it with Debian, which Just Works. It needs a binary blob for bluetooth. Some guy (https://johnlewis.ie) compiles turnkey stock coreboot firmwares for it, they also include a 2MB live linux environment with a script to bootstrap the debian/ubuntu/fedora installers, which is cute. The showstopper for you will probably be its keyboard. They did a hardware rev bump recently with a better screen; dunno when Australia will get those. [*] IIRC I had to give cros access to the internet, AND create a google account, before I could get to the "just let me boot off USB" knobs.
While its at a higher performance/price point than the netbooks and chromebooks, it might be worth taking a look at the crowd-funded Librem laptops at https://puri.sm/, they also ship with coreboot, and your choice of PureOS[1] or Qubes[2] pre-installed. Otherwise, if you want something capable of booting with libreboot, then there's always http://minifree.org/product/libreboot-x200/ There's still some way to go before completely freeing firmware, but I'm hoping this is just the beginning of a bigger trend towards more open hardware. [1] https://puri.sm/pureos/ (Debian-based, minus binary blobs) [2] https://www.qubes-os.org/ (Security focused)
On Sat, Jan 23, 2016 at 09:13:28AM +1100, Joel W. Shea wrote:
While its at a higher performance/price point than the netbooks and
sorry, but this is just one of the language things that bug me. why do people say "price point" when they mean "price"? Is it because prices are somehow vulgar, and you can diminish the vulgarity by making it not a "price" but a "price point"? "price point" has a very specific meaning in economics, and it's not synonym for "price". craig ps: followups should go to luv-talk if you're subscribed. -- craig sanders <cas@taz.net.au>
On 23.01.16 17:46, Craig Sanders via luv-main wrote:
On Sat, Jan 23, 2016 at 09:13:28AM +1100, Joel W. Shea wrote:
While its at a higher performance/price point than the netbooks and
sorry, but this is just one of the language things that bug me.
why do people say "price point" when they mean "price"?
No idea. Joel's "performance/price point" defines a two dimensional point, so does not refer to price alone. My preferred point in the plane may not coincide with yours - on either axis. ...
ps: followups should go to luv-talk if you're subscribed.
I'm not. Erik
participants (6)
-
Craig Sanders -
Erik Christiansen -
Joel W. Shea -
Paul van den Bergen -
Peter Ross -
trentbuck@gmail.com