before one thinks about repurposing intel ME, maybe try to repurpose its (near) equivalent on AMD first. A Czech guy gave a talk on this, he found a way into it.

Should probably go to Zlatan, or maybe Kyle.

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Due to all recent events, grsec will be impossible to support and we will actually actively remove it from our archive. We will gradually improve security, probably first step by enabling AppArmor by default. Closing all grsec related packages.

Closing, as we won't use grsec anymore.

We do have some refurbished Librems (as I mentioned it already here) but to get it you need to show some work already. Feel free to ping me on IRC (zlatan on freenode) or mail me directly so we talk about it.

If you have any smashed up, deformed, or otherwise defective librem laptops missing a battery and disk and have no chance of selling them, I wouldn't mind taking it off of your hands for me to do some experimental PureOS development! :)

This is all so exciting!

For the custom kernel - yes, I have for some time that in mind basically called on my TODO list as "PureOS kernel optimization" - the thing is that I wanted to have grsec enabled kernel by default before digging into that (as vanilla grsec is not meant for proper desktop usage) but now we faced the dawn of grsec so I am not sure yet how we will approach all that. If you have the skillset, I would gladly chat about it (I refurbished 6 Librem15v2 (prototypes and returns) which would end up maybe missing one components (such as disk or battery) but they are enough for development for future contributors to PureOS).

And I absolutely love that PureOS is developed with the Librem hardware in mind primarily. The Librems are without a doubt the standard of freedom and quality. This makes them highly-secure, but is still low-assurance, undeniably.

I feel you. For now, I will experiment with virtualizing PureOS with both sel4 and nova and see if interesting things develop nicely, and relay my results. Since all of the hardware is freed, device drivers will not be a problem for Genode to run perfectly on the Librem device (I wish I had the beefy cash to buy one :/).

While this could be something to think about, at this moment it is way off the charts. It is undeveloped/untested proposal which would require quite a bit effort to achieve and we are currently overwhelmed with work. Besides manpower/manhours we would need to check against all freedom components (is all free and possible and if not what would require to create free alternative) and how much would impact performance and user experience of the device and OS. PureOS welcomes contributions and proof-of-concept demos if someone does (if you have the skills, feel free to join the community).

this is not reproducible after apt-get update; apt-get upgrade

this is not reproducible after apt-get update; apt-get upgrade

please try setting the pax extended attributes

I am not able to reproduce this issue on the latest beta.

Todd, can you try adding your username to the following additional groups , this should solve the packagekit failing and will prompt for the authentication.

OK, what configuration change do we need within PureOS to have this be the default?

The following works
$ su -

1. export DISPLAY=:1
2. gnome-software