On 17.7.23 23:38, Luke Kenneth Casson Leighton wrote: ~~~
On ~[month 7, day] 24, 2017 at 2:07 AM, chadvellacott@sasktel.net wrote:
~~~
"EOMA68-A20"-card.
one option is to get a very small card (512mb, 1gb) and put a "loader" OS on that. if they're $0.25 or $0.50 in qty 1000 then that's worth considering. instead of $4 for an 8GB card. say.
~~~ (Quoting Luke)
and/or to offer much smaller 128 MB or 256 MB microSD cards which have an absolute bare minimum OS on them, with scripts that will download an OS
~~~
How secure would this "bare minimum OS" be, for both down-loading AND installing onto a microSD-card (supplied by me)?
if it's designed properly, none.
I do not understand this response. I understand being tired.
Ideally, I hope that (1) it does not permit any connections other than downloading one of several particular "OS"-images, via "URLs" which are white-listed as part of the "bare minimum OS",
not whitelisted: hard-coded.
that is good too. But, if not significantly more work, then I hope that the mini-"OS" can be modified by A TECHNICALLY-MINDED user, to download and "install" a different one of the particular "OSs/images" offered. Something like a "config"-file whose content is like this:
BEGIN FILE 0 # lines like this, are comments # to download and install a different OS (to the microSD-card which you supply), change the number on the first line, as follows: # # 0 for Parabola 4.3 (3.9 GB) (comes with the RYF Libre Tea card) # 1 for Devuan 3.2 (4.1 GB) # 2 for Debian 2.1 custom without systemd (4.2 GB) # 3 for Fedora 1.0 (3.8 GB) # # but make sure that the microSD-card which you supply, is big enough! END FILE
(Of course, the sizes and version-numbers for the sample above, are largely just place-holders, not things which I checked for realisticness.)
This way, a user can try or use several different "OSs". It might even make it easier for Luke preparing the "microSD-cards" with the loader-"OS", because the difference between preparing a card for someone who backed a "Parabola"-card, is only one byte (one key-press) different from preparing a card for someone who backed a different card.
Furthermore, if one or more backers end up unhappy with what they receive for the "OS" which they backed, then this method probably makes it FAR easier to help those backers try a different "OS".
As long as the change requires manually editing a configuration-file, it should be an adequately-technical task to satisfy the "RYF"-criterion of not offering non-libre "software" to average users.
and (2) it afterwards checks the image to see whether the crypto-graphic hash (better than MD5) matches the hash which the "bare minimum OS" says is valid for that image.
bittorrent would automatically do that. command-line version is btdownloadheadless.
sounds good. I imagine that any necessary further details on using this, can come later. but I hope that "headless" does not mean that we do not even get a statement of progress with numbers, something like Downloading. done 1% ... or Downloading. amount left to download is 10 mb ... or Downloaded 3990 mb of 4000 mb ...
and I hope that we get something similar for "installing". Some such estimate of progress, is valuable (1) for trouble-shooting if necessary, and (2) for backers to judge when they should next come back to check whether it is done, like 5 minutes later or 1 day later.
very tired. stopping here. sorry. please do carry on the conversation. i'll pick it up later.
l