smartypants wrote on February 27, 2021 at 12:30 AM (edited on February 27, 2021 at 2:31 AM)

In 2021 the answer is NO because the public is not allowed to review all lines of source code and all workalike-fpga code to fabbed open source cpus like RISC-V project.

RISC-V projects in 2021 , meant for desktop use, for sale omit any right to :

examine source code of USB controller chip, let alone logic gate to the USB chip (keyloggers?)
examine source code of SATA controller chip, let alone logic gate code to the SATA chip
examine all bytes of a GPU graphics driver source code and prove it can built to match MD5 hash of existing blob binaries, less internal date stamp ranges.
examine source code of DMA engines, PCI bus controllers, memory module cache controllers, controller chip, let alone code to workalike-fpga code of all those... basically a open source RISC-V is a tiny card with a huge non-open-source daughter card, already infiltrated by various NSA teams.

This includes whitepaper pushing, handwaving "Silex Insight who only wants to protect fabbed boards from chines spy chip insertion on boards hidden as subcomponents, by introducing crypto handshakes to PROPRIETARY CLOSED SOURCE controllers for USB and SATA. Their solution? store only encrypted blocks on storage and use chinese/nsa/russian/NSA/mossad SATA chips... and use a different SALT for encryption on each machine. They want you to use NSA hacked SATA and USB chips in 2021.

Basically... RISC-V is a total dumpster fire until they rise $500,000 dollars for a couple engineers to create a OPEN SOURCE sata chip and OPEN SOURCE usb chip

FUCK RISC-V and its infected rooted support chips

THE ONLY PRIVATE COMPUTERS LACKING BUILT IN BACKDOORS are those built more than 14 years ago, and they are only secure if you keep them physically locked up when you are away, and do not use them to surf internet.

AMD has equivalent to ME and for safer Intel...
System76 company can only turn off 2 of the three built in Minix OS backdoor hypervisors running on all Intel chips, but System76 do sell semi-castrated intel, but that still leaves countless other spy chips. And if you have a Super Micro Computer Inc motherboard (likely), then it has high chance of spy chips on it tapping into JTAG and equivalent bus probe debug techs :

For years, U.S. investigators found tampering in products made by Super Micro Computer Inc. The company says it was never told:
https://www.bloomberg.com/features/2021-supermicro/

FUCK!!

In 2010, the U.S. Department of Defense found thousands of its computer servers sending military network data to China—the result of code hidden in chips that handled the machines’ startup process

NOTE: the machines are rooted at boot in PCI space, and walk around your inserted primary interrupt levels shrouding code if machine debugging. BOOT TIME is the main target, and of course all AMD and INTEL cpus the last 10 years are loaded with similar mystery boot time code inside the fucking cpus and support ships. PowerPC from apple was used by military heavily in 2010 and earlier, but now only used on subs in navy for specialty purposes.

IF YOU DIG INTO RISC-V , you will find that all vendors sell CLOSED SOURCE SATA and CLOSED SOURCE USB support ships

Luckily there is a lot of people working on open source FPGA SIMD GPUS and shader source, but they all if sold might step on NVIDIA patents. Not all 2021 open source FPGA SIMD GPUS are yet listed here :
https://awesomeopensource.com/projects/fpga

TCPIP scsi boot (iSCSI)?:

All linux since 2012 supports booting over TCPIP conencted to a SCSI device on other end of TCPIP cable.

RISC-V could use a TCPIP scsi boot in linux via risc-V ethernet chip or serial chip connected to a raspberry pi simulating a scsi controller hooked to a large legacy SCIS storage device, then connected to a SCSI to SATA 25 dollar adapter..... There are also hand made fully open source SCSI controllers using 26 gpio pins in parallel at over 1.5 million gate flips a second and a daughter card to convert 3.3 volts to 5.0 volts, that are run from raspberry pi, and this month it works POST BOOT on all apple and commodore machines, but pre boot, they have bugs because they dont know how to properly code SCSI protocols and rules and also dont know how 1984 macs throw away bus clocks on the first SCIS boot sector to allow a 4096 byte block to be read in 512 byte payloads and vis versa. They dont care about booting, but people wiht real 1984 hardware do, and they can get it fixed in a day using people like me and a SCSI probe made using another bus device, including a second raspberry pi setup. I am digressing. I am just pointing out that following this link, a RISC-V vendor could sell a raspberry i, with a 3.3 volt to 5 volt 25 dollar riser card and open source and some simple code on both ends and a SCSI to SATA adapter to connect either scsi or sata to a raspberry pi and trampoline all i/o across a short TCPIP cable to allow bootup, but would soon have to port the code aeay from CLOSED SOURCE raspberry i, and use a open source arm board that copies most of closed source raspberry pi 4. (even the camera on a raspberry pi is fully closed source in 2021).
RaSCSI (and its various forks) :
https://www.retrorgb.com/rascsi-raspberry-pi-based-scsi-device-emulator.html

soon we will have risc-v with video, but still lack safe way to use mouse or keyboard, or safe way to connect sata or usb storage. RISC-V has wasted 10 full years with no viable products for desktop. 10 fucking years down the toilet because engineers like me are hard to hire and find. And yes.. I have made multiple storage controllers, and raid controller cards, and all sorts of storage chip drivers for many companies... but whatever. I would not work on risc-v unless I trusted the path from my keyboard to the development machine, so USB needs to come first. At least you can mount a USB "Storage class" device on USB. In fact I created and wrote the code for the first 16 megabyte sized usb storage flash device, when 16 megabytes was huge.

USB and SATA for risc v as open source can be developed with open source fpga simultaneously, but I would refuse to accept a job to work on one if NSA code was still hiding in the other path.

NO SECURE MODERN DESKTOPS EXIST in 2021 !

spc50 wrote on February 27, 2021 at 6:12 AM

Can't forget the BIOS issues too... Allegedly infested with backdoors and exploits, by design.

That's why we see 'open source' drop in replacements.

I'll say, QUBES OS did a good run for a while on the OS layer to attempt to shield and isolate things.

Been a while since I ran it because in recent versions it is damn needy about what it will run on. At point where you have to buy a System76 model, Lenovo specific model or a few others or no real chance of getting it to run.

With Qubes OS would continue momentum and direct sell machines ready to run their OS. It's a bit odd to get use to but it's definitely a worthy project in my opinion.

smartypants wrote on February 27, 2021 at 6:23 AM (edited on February 27, 2021 at 6:39 AM)

buy a System76 model

until you can buy System76 model in cash on foot at a big store with face coverred... you will be put on a "suspicious person" list, I predict, if shipped to you, or bought using credit card.

WORSE: System76 REFUSES TO ACCECPT cryptocurrency at any price at any markup EVER. Bitcoin banned by System76 and its because FBI/NSA/CIA wants to know all owners of Syystem76 machines. Petitions for bitcoin do no good for 7 straight years :

https://www.gopetition.com/petitions/system76-accept-bitcoin-as-a-payment-option.html

They wont accept cash in Denver Colorado if you tried to buy it in person somehow, but saslemen allow anything at big companies so i bet if you looked like you might want to buy lots in the future a salesguy you meet up with will probably setup a cash purchase of an initial machine. Salesguys in silicon valley even do SWAPS between companies for barters. Salesguys just like to make deals in general.

Lots of ways to get business cards of head sales guys of system76 : https://linuxunplugged.com/articles/system76-superfan-3

spc50 wrote on February 27, 2021 at 6:40 AM (edited on February 27, 2021 at 6:40 AM)

That's amazing. Who knew? You knew. Rocking!

There are ways to do these transactions. Just have to get creative and certainly is going to be a cost premium. Not for the pedestrians.

COVID'noia has been interesting with the whole face covering thing.

Legit can go full nut paranoid and wear a helmet and people may look but zero they are going to do. Cash and carry in your astronaut suit :)

But yep, no retail buy of System76. Shame.