this post was submitted on 11 Feb 2024
77 points (85.3% liked)

Privacy

31800 readers
356 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hello. Many of the older thinkpads were regarded as being peak for the ability to repair and easily see into them at both the hardware and software levels.

I was wondering, what PC, if any, is similar in this regard? Aside from building your own PC ofc. Any opinions are welcome. Thank you.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 57 points 8 months ago* (last edited 8 months ago) (9 children)

Idk, but I’ll tell you Dell and HP desktops are the opposite of the Thinkpad. Every part they can make proprietary, they do make proprietary.

  • Case
  • Motherboard
  • Power Supply
  • CPU Cooler

Cannot be upgraded or replaced with off the shelf parts.

If your system dies, you’re expected to just buy a new one and chuck the old one in the bin.

[–] [email protected] 19 points 8 months ago (1 children)

I haven't been in a Dell in a long time but I can confirm HP is still the WORST.

load more comments (1 replies)
[–] [email protected] 4 points 8 months ago (1 children)

I have had several used dell / hp motherboards, the only thing proprietary was that some were 12V only and needed a 6 usd adapter to work with regular atx psus.

And also the power button connector, you have to figure out which pins are the ones that turn the PC on.

[–] [email protected] 6 points 8 months ago* (last edited 8 months ago) (3 children)

New models integrate all the front IO into the motherboard, so they really only work with the case from the manufacturer. Like this and this.

load more comments (3 replies)
[–] [email protected] 4 points 8 months ago (3 children)

the opposite of the Thinkpad.

To be fair, everything about a Thinkpad is proprietary too. It's accepted because it's a laptop.

load more comments (3 replies)
load more comments (6 replies)
[–] [email protected] 33 points 8 months ago (1 children)

Any PC you build yourself?

load more comments (1 replies)
[–] [email protected] 29 points 8 months ago (3 children)
[–] [email protected] 17 points 8 months ago (1 children)

Just carefully read the manual for the model you're interested in. Switching out a keyboard on T14s Gen1 is hell, as an example.

[–] [email protected] 14 points 8 months ago (1 children)

Jesus, it'd be easier to list the parts you don't have to remove.

[–] [email protected] 6 points 8 months ago (1 children)

And with how easy it has traditionally been to do that same replacement on ThinkPad T-series I was shocked the first time I encountered it.

[–] [email protected] 3 points 8 months ago (1 children)

holy shit, it's not just 4 screws anymore?

load more comments (1 replies)
[–] [email protected] 12 points 8 months ago (8 children)

Not really true any more. The build quality isn't as good as it used to be and the upgradability has suffered too.

load more comments (8 replies)
load more comments (1 replies)
[–] [email protected] 29 points 8 months ago (1 children)

Aside from building your own PC ofc.

Are you talking about a pre-built PC that has decent repairability? If so you'd really just want to avoid brands that use proprietary or irregular parts. For example Dell Optiplex computers can be bought cheap but they use their own power supply and some have smaller cases that might not fit most graphics gards.

Is there any reason you are posting this to a privacy community? Were you hoping for something that is Libre/Core boot compatible like some ThinkPads are?

[–] [email protected] 4 points 8 months ago (5 children)

I was looking for something that I'm confident doesn't spy at the hardware level.

I used Thinkpads as an example because after the early 2010 ones, they got those weird i7 (I believe) processors and we don't know much of what they do but some speculate they record keystrokes and phone data home.

What PC can you trust has good hardware in privacy? I don't want to buy a PC and run Linux, trying my best, and the thing spies at the hardware level.

[–] [email protected] 11 points 8 months ago* (last edited 8 months ago) (2 children)

They absolutely do not record keystrokes and phone that home. You’re talking about the Intel Management Engine, which is completely useless to almost everyone, but there’s no evidence that it spies on you. There have been security vulnerabilities found in it that could let someone else compromise your system (notably: only if you’ve provisioned Intel Standard Manageability), but there is practically zero chance that Intel is doing that or even selling that sort of capability.

[–] [email protected] 7 points 8 months ago

Pretty sure this section of the Libreboot website talks about what you mentioned if OP wants more info

https://libreboot.org/faq.html#intel

load more comments (1 replies)
[–] [email protected] 7 points 8 months ago

How confident do you need to be? I don't think I've seen any convincing evidence of any firmware spying in PC components.

Well, except the NSA's Clipper chip, but I don't think that really ever got implemented.

[–] [email protected] 7 points 8 months ago

Well you can find a list of Libreboot compatible hardware here. I feel like your biggest issue, especially if you are relying on a prebuilt Windows PC, is all the bloatware they come with on top of Windows itself.

[–] [email protected] 4 points 8 months ago

Lenovo uses proprietary, closed source firmware. There's no way to know what it's doing.

[–] [email protected] 3 points 8 months ago* (last edited 8 months ago) (2 children)

Then all you need is to network <insert worst computer EVER> through an OpenWRT router. No matter how bad the ring access is for Intel ME or AMD PSP or whatever else, all of it is stopped on your network router. No amount of spying paranoia or folklore bypasses that.

You can buy any computer in the world with this strategy/method, even something CIA or MI5 themselves manufactured.

If you are not a top secret journalist or activist talking to some high profile entity, or someone running a leaker or drug website on darknet, you are going to be just fine with Linux on a ThinkPad, with (Medium mode) uBO/Firefox, a good systemwide HOSTS ruleset, GUFW turned on and a decent DNS provider.

I should just add that even though I am one of the fiercest critics of USA and its entities, NSA does not get constant access to your keystrokes or other stuff. The amount of data transmission for it would be staggering and noticeable instantly, even if we assumed they hypothetically collected such text data, compressed it as TAR.GZIP and sent it. The main function of Intel ME is for enterprise management and remote control of computers by businesses.

load more comments (2 replies)
[–] [email protected] 21 points 8 months ago* (last edited 8 months ago)

By PC do you mean a desktop? Guess any desktop you build yourself. Are there features you want like the best Linux support or something?

[–] [email protected] 19 points 8 months ago* (last edited 8 months ago) (1 children)

Framework is the best option these days for upgrades and repairs

[–] [email protected] 10 points 8 months ago (4 children)

Aren't they really expensive? Sure if you have the money, but what do you recommend as a budget option?

[–] [email protected] 17 points 8 months ago (1 children)
[–] [email protected] 8 points 8 months ago (1 children)

Many people just don't have £2000 to spend on a laptop, no matter how much it could save them in the log run.

[–] [email protected] 14 points 8 months ago (1 children)

The most recycling friendly laptop is the one you already on, isn't it? In addition, if somebody dropped a quarter of that price on a laptop, then used It's in exchange for a different laptop every couple years, couldn't they have a half decent system for around a decade without having to worry about a laptop that's expensive up front but easy to upgrade?

I'm not very good with hardware replacement myself, but based on some of the comments here, if I needed a laptop I might consider a used ThinkPad

load more comments (1 replies)
[–] [email protected] 13 points 8 months ago

Well ThinkPad back in the days weren't cheap either but then even a 2nd hand one could still last a while and one could still get them fixed.

[–] [email protected] 9 points 8 months ago

I got my PC built for me by a local computer shop for $100. Worth it to me for the time it saved plus they did a 24 hour stress test on it to make sure all the components worked.

[–] Ilandar 4 points 8 months ago

There is no "budget option" if you value repairability, nor has there ever been. The best you can do is buy a secondhand ThinkPad or other workstation laptop. If you don't like that option, make more money.

[–] [email protected] 17 points 8 months ago* (last edited 8 months ago) (2 children)

Are you looking for a laptop or a desktop machine?
Framework laptops seems kinda cool but they don't ship to me yet so I have no personal experience. https://frame.work/
Many computer stores offer to build your computer from parts for a fee, that would give you the custom PC without building yourself.

[–] [email protected] 12 points 8 months ago* (last edited 8 months ago)

Can recommend a framework as a laptop. It also allows you to just use the motherboard as a standalone machine. But it being laptop hardware and only having one m.2 slot might be a deterrent for OP.

[–] [email protected] 7 points 8 months ago

For a laptop, Framework is absolutely peak for repair and upgradability. They even offer newer generation motherboards that continue to work with older generation framework laptops. Enabling you to upgrade the core components while not having to rebuy the chassis, monitor, etc.

For a desktop, either build one yourself or buy from one of the companies that assemble it for you. Companies like Maingear.

[–] [email protected] 11 points 8 months ago (1 children)
[–] [email protected] 5 points 8 months ago (2 children)
load more comments (2 replies)
[–] [email protected] 9 points 8 months ago* (last edited 8 months ago)

If you're interested, the Dell T1650 is currently supported by Libreboot. I use it for everything; it has a Xeon E3 1275 V2, 32GB DDR3L ECC RAM, NVIDIA 2080 SUPER, 2x4TB HDD (RAID 1), 1TB NVMe M.2 (PCIe x4 adapter needed), and a 700W PSU (EVGA 700BR). It handles all my games, and I use Proxmox VE as my host, allowing me to create virtual machines where I can passthrough my GPU and use anything proprietary in the VM. Even the GPU drivers can be passed through (no need to install on the host), so essentially, I'm running 100% free software on my host.

Obviously, nothing can be 100% FOSS in the hardware (proprietary ECs, proprietary CPU microcode, proprietary storage firmware, etc.), BUT you can free the BIOS. There is currently a blob needed for the PCIe x16 slot, but it can be reverse-engineered in the future – not sure if there is anything else; I'll have to ask. There is one board coming soon that I know can be made blobless in the BIOS, and that is the Dell Optiplex 9020 MT. It's a Haswell board capable of using an i7 4790K with AVX2 instructions. I'm actually the first person to use this board, as I'm the one who made the port along with some help from the Libreboot team. The board is currently in its testing phase still, but soon in the next couple weeks we will make it freely availble.

This is super cheap hardware; you can find the whole PC on eBay for like $50-$60, or you can just buy the motherboard for like $15-$25. I bought only the motherboard because I'm using it in my gaming computer case. Also, you don't even need any fancy flashing equipment, all you need is a insulated screwdriver to short one of the SERVICE_MODE pins on the motherboard to unlock the BIOS chip, which then allows you to flash Libreboot through your OS. Libreboot is more secure than any non-free BIOS/UEFI. At least with Libreboot, you can have transparency, and you get new updates with better features coming out.

For example, Libreboot supported Argon2 encryption in GRUB for fully encrypting your storage drive. This allows you to encrypt the /boot partition and fully encrypt your disk with ease when installing a fresh operating system. Also, you can run Windows on the host with Libreboot, it is supported but not officially. I highly recommend Libreboot, as you can tell.

[–] [email protected] 9 points 8 months ago* (last edited 8 months ago) (1 children)

I recommend NOT getting a PC in a fancy thin case. Had to cut a hole when upgrading.

[–] [email protected] 3 points 8 months ago

A friend of mine once had fancy thin Fujitsu computer with all sorts of non-standard shenanigans. Upgrading anything other than the HDD (yes, it was many many years ago) and RAM was a complete nightmare. In the end, it was easier to sell the whole thing and spend to money + some extra on a better computer.

[–] [email protected] 7 points 8 months ago (1 children)

Honestly, any enterprise OEM will be similar, such as Dell or Lenovo. Yes, their mainboards are proprietary, but you can easily source them from legitimate parts vendors. That's why there are so many refurbished Optiplexes and ThinkCentres on Amazon. They're trivial to repair and most don't even require tools.

You cannot easily upgrade to a dedicated GPU unless replacing an existing unit, which is standard for laptops as well.

load more comments (1 replies)
[–] [email protected] 6 points 8 months ago (1 children)
load more comments (1 replies)
[–] [email protected] 6 points 8 months ago (1 children)

System76. 3mdeb.com also sells corebooted Desktops which are using MSI motherboards, brobably well repairable too.

load more comments (1 replies)
[–] [email protected] 6 points 8 months ago (1 children)

This tread is full of random comments about framework, when the op clearly asked about PCs

[–] [email protected] 12 points 8 months ago

Framework absolutely makes PCs. Most notably in the laptop form factor.

[–] [email protected] 5 points 8 months ago (11 children)

I don't have a recommendation but I can point you to Gamers Nexus YouTube channel / website and filter on prebuilts to see reviews.

Big names like Dell HP and Lenovo are bad for ability to repair/upgrade. Although I do love buying their old servers because there are so many cheap ones on eBay.

load more comments (11 replies)
[–] [email protected] 4 points 8 months ago

Custom PCs are one, but if you want to get mainstream off the shelf, Lenovo is where it's at. Lenovo has the best aftersales, best customer support, you do not pay the proprietary Apple/Dell tax, and you can considerably modify your PC hardware. M Though beware, your PC will have a hard time getting onsite customer service after 10ish years. Anything under 7-8 and it will stay easy, mostly because new generation of PC components make old ones hard to procure.

This Lenovo AIO we have is 13 years old, last month dualboot installed Debian 12 alongside Windows 7. 7 is untouched due to legacy hardware and peripherals, made an image backup, installed Kaspersky Free and an anti-executable and it chugs well. Debian 12 GNOME runs really well on 4 GB RAM, though just another 4 GB would really improve things. Not even SSD is needed, just a HDD replacement after 13 years.

[–] [email protected] 3 points 8 months ago
[–] Ilandar 3 points 8 months ago (7 children)

Framework.

But if you are really opposed to that option for whatever reason, you can maybe take a look at iFixit's repair scores.

load more comments (7 replies)
load more comments
view more: next ›