[Freedombox-discuss] why choose new OSHW (Open Source HardWare)
> Opinions are quite welcome.
While it is early to pick hardware for vapor, it would be useful to plan
on the firmware requirements, not just the OS. UEFI, Coreboot, or
something else (what?). As well as if box should have TPM or not, if
Intel, and TrustZone or not, if ARM, for OEM hareware requiements, and
potentially for OS security stack requirements.
For example, I'd hope FreedomBox Foundation is looking for an OEM
that'll build ARM-based boxes with TrustZone, using UEFI, which properly
uses Secure Boot feature to load OS. And uses TPM/TrustZone to Securely
Boot Linux-based FreedomBox, and to attest the software stack is still
intact (like strongSwan's ipSec does).
I don't know if Linux-IMA is ready for ARM TrustZone. So you might only
have a solution for x86 boxes at the moment. But, it'll be years before
FBF is talking to OEMs, so perhaps time to fix that. :-)