Today we are proud to announce the porting of coreboot, an open-source firmware, to the Supermicro X11SSH-TF server platform.
This is the first time a modern off-the-shelf server platform gains coreboot support, and it is an integral part of realizing our vision of transparent and independently auditable VPN servers.
Running coreboot on our VPN servers is one of many parts which, when combined, will allow us within some constraints to prove what our VPN servers do and don’t do with your internet traffic. This work was made possible thanks to 9elements Cyber Security, our technology partner in the System Transparency project.
It is important that firmware is open source because it is the software that provides low-level control of a computer’s hardware. Such a critical component must be secure, but as most firmware is closed source, we are unable to verify its security and it can therefore not be trusted.
Modern Intel and AMD processors unfortunately still require some closed-source (and encrypted!) firmware in order to boot. This insanity is unfortunately very much a part of the technological foundations on which we rely daily.
We hope and believe that this situation will change. Either Intel and AMD will change their technologies because the market demands it, or a viable alternative will emerge, or both. In any case, closed -source firmware has no place in a modern computer system.
Today marks the day when (mostly) open-source firmware for off-the-shelf modern servers becomes an option.
Open-source firmware is the right choice for humanity. As our devices effectively become extensions of our minds, it becomes critical that the hardware and software we use are trustworthy. We and others are working to make sure that the technological foundations on which we rely serve us all as users, and no one else. It is the way our devices SHOULD work, because the trustworthiness of our devices is critical for privacy, and privacy is fundamental to a well-functioning society.
To all VPN users, security experts, VPN providers, and reviewers:
Read our paper on System Transparency.