-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Qubes Power ISA Port Statement of Work Project Objectives and Reasoning: The objectives of this project is to port the Xen Hypervisor to the Power Architecture so that QubesOS can run on Power ISA CPUs. The purpose behind this objective is that QubesOS (in our collective opinion) is one of the most secure operating systems available today, due to its open source nature and its security by compartmentalization. However, QubesOS today can only run on the x86 instruction set, which is unauditable and insecure firmware. This represents a serious security concern; both theoretical and historical. Firmware affects all code above it (the BIOS, bootloader, kernel, OS, and all applications). No matter how secure those segments of the computer are, if the firmware is malicious, all levels above are fully compromised as well. The Vault 7 CIA leaks are a perfect example of this. Therefore, we currently can't consider QubesOS secure at all. However, The Power Instruction Set Architecture (ISA) is completely open source, and currently has open source 'implementations' (SBC's) on the market. This project would enable users to run QubesOS on a secure CPU and auditable firmware. Unlike with x86, hardware initialization firmware, boot firmware, and management firmware are all open source. In addition, all the family of CPU speculative execution vulnerabilities are not successful on Power CPUs. End Goal: The end goal of completed project will have the same user experience, security, and features of Qubes 4.1.0. However, please note that this is not what payment is contingent on. Current Status: Funds available as of May 6th, 2022: I (Robert Spigler) have 1 bitcoin & Blackbird Bundle available @Rudd-O has pledged 0.5 bitcoin (confirmed) @leo-lb has pledged 0.8 btc (need to confirm) Total 2.3 btc We have made a Mailing List and Matrix Room: qubes_port@lists.riseup.net; https://lists.riseup.net/www/info/qubes_port https://matrix.to/#/#qubes-port:matrix.org Developer: Timothy Pearson (Raptor Engineering) tpearson@raptorengineering.com Contributors: Robert Spigler (RobertSpigler.com) Management/Fundraising Olivier Lambert (olivierlambert) is doing project mgmt via Marc, but also acting as a liaison between Qubes, Xen Project and OpenPOWER. Marc Ungeschikts (marcungeschikts) from Vates helping with project management. Piotr Król (3mdeb, OpenPOWER firmware: hostboot, coreboot etc.) Simon Gaiser (Qubes/ITL) Thierry Laurion (Insurgo) @insurgo:matrix.org insurgo@riseup.net Demi Marie Obenour (Invisible Things Lab) Alyssa Ross (Spectrum) (Matrix: @qyliss:fairydust.space, Mail: hi@alyssa.is, IRC: qyliss (libera, oftc) Marek Marczykowski-Górecki (ITL) (Matrix: @marmarek:matrix.org, IRC: marmarek (libera, oftc, through matrix anyway), marmarek@invisiblethingslab.com) Frédéric Pierret (fepitre) (ITL) (IRC: fepitre/fpierret (librera, oftc)) Milestones: Phase 1: 0.65BTC. Build tooling, minimal boot to serial console of a Xen kernel on a single core (no SMP, missing drivers, core locked at 100% power). Phase 1.5: 0.65BTC: SMP, some driver integration (possible power state management?) required to get a usable system in preparation for Phase 2 -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEUUn9BY4ZnowjgNibWZnBtXu9hDYFAmJ25J0ACgkQWZnBtXu9 hDZGcA/+PTIup0cgTGIl8IkzXJt9ZBErkKTpOVTSOa4/z4t4WkPzJ6dRYJ03bu4N IIpJeFhrZAvYt4V6Dnk3anDVgge6DQIAq2T8RNAwUu97G2Fwwt7voGcw+FEOjeRZ H8FY6BZqLY+hpakenKyzIB6buRyQZ9RkjGt3/eyG3tYlLzuhQhVDCT1VtiYclvzb dQaWhcPeA1UpDnb//Als9RPx5fAo85F/n2blRkDMu5fVr2PgtaMYwksTkCsG2gpW PFsn8G7blp3spxn0byqPsXJUeyIhFZx2O4wYrFgcVZIDSLGqNta/CyTPtcEh3gYv d/FMhpyQZhIsX2yMxeMcOuli5mjlYxYK6jXXSsFoMb0XfvLZeWyhbqo7H64F/WLg UATTuKZ4MX8qyxRujMtHAhx5wupMejkmwTc5ZVtyUjot/3//ZLrj6urnNOk0A/eX apYNXpubV7RWHNrwTeZTJ6x73syybI9SAK4ZSPbE44bd0RLJmv22KvT3b69jfgz9 R45e2Qc0UUJeqllBkHweeukYNT3b/IUjxYvqT9PzN5OSvvGcHza95WgOBEpRRxa2 8SYfJiQ+Et3uHLVebDIKWLnwqAUe3wIyKhV+DTNPjBNBgeLrmAIg60h1UUMq9uxa L+EGAAiY9QR/7+9WAPGzMxX1PpqpeCSh+TmiU+dukIhV2gRCULI= =0mge -----END PGP SIGNATURE-----