In my personal opinion: Instead of banning, say, Chinese companies from delivering infrastructure components like the EU is pondering with Huawei and mobile networks, the ultimate goal should be to demand open source software/firmware for these components and reproducible builds of all software components so #DigitalSovereignty becomes default.

@jwildeboer
> the ultimate goal should be to demand open source software/firmware for these components and reproducible builds of all software components so #DigitalSovereingty becomes default

So, so, so much this!

@jwildeboer Ah, but, see, they *don't* want Open Source firmware for those chips and radio modules.

They just don't want them from somewhere else.

@jwildeboer and we should enforce apple to unlock the bootloader, at bare minimum when they stop supplying operating system updates :-)

@jwildeboer Gotcha. No banning Chinese.

How about banning Jews, wildeboer?

Fully open hardware as a stretch goal, if enough companies, governments, people buy ;)

@jarkko ❤️‍🔥 @jwildeboer

@jwildeboer you never know if the open software/firmware source code you have, is the one running on the chips. good luck reverse engineering...

Watch the last arte doc on this topic. BSI is doing exactly this.

I mean you can get the code and the blueprint for the chips and build it yourself but this isn’t what you meant right?

@ChristophWolff Good point.
I think you could flash it and stuff but still hard to really *truthly* validate.

@jwildeboer

@finlaydag33k @ChristophWolff @jwildeboer it is still better that what we have now 😅

@christopher Yes but also no.
It's better in terms of combatting backdoors and vendor-lockins but can cause problems in terms of overall support.
And requiring to give away "your special sauce" to all your competitors also decreases your competitive edge, which also is likely to cause its share of problems.

@ChristophWolff @jwildeboer

@jwildeboer For networking equipment, it feels like it would be too easy to embed a purely hardware back door; so you'd need verifiable silicon and that's pretty hard. I'm thinking of something like a magic packet flag that would just cause the contents to DMA over code space.

@jwildeboer would we accept this if things were the other way around? ”Yes we Chinese would love to buy a huge amount of French trains (or whatever), but you have to give us the blueprints too”, I really don’t feel that would go down very well.

@jwildeboer maybe my understanding of the term is wrong, but isn’t that two parties collaborating in production, so not really the same as purchasing a large amount of vehicles or something? I would assume the only transportation infra china buys from Europe are airplanes, do they have the schematics for those too?

I mean, if this goes one way then clearly that’s an issue that should be resolved regardless of any question of sovereignty.