In my personal opinion: Instead of banning, say, Chinese companies from delivering infrastructure components like the EU is pondering with Huawei and mobile networks, the ultimate goal should be to demand open source software/firmware for these components and reproducible builds of all software components so #DigitalSovereignty becomes default.

@jwildeboer
> the ultimate goal should be to demand open source software/firmware for these components and reproducible builds of all software components so #DigitalSovereingty becomes default

So, so, so much this!

@jwildeboer Ah, but, see, they *don't* want Open Source firmware for those chips and radio modules.

They just don't want them from somewhere else.

@jwildeboer and we should enforce apple to unlock the bootloader, at bare minimum when they stop supplying operating system updates :-)

@jwildeboer Gotcha. No banning Chinese.

How about banning Jews, wildeboer?

@bp@social.bennypowers.com Welcome to my blocklist.

Fully open hardware as a stretch goal, if enough companies, governments, people buy ;)

@jarkko ❤️‍🔥 @jwildeboer

@jwildeboer you never know if the open software/firmware source code you have, is the one running on the chips. good luck reverse engineering...

Watch the last arte doc on this topic. BSI is doing exactly this.

I mean you can get the code and the blueprint for the chips and build it yourself but this isn’t what you meant right?

@ChristophWolff Good point.
I think you could flash it and stuff but still hard to really *truthly* validate.

@jwildeboer

@finlaydag33k @ChristophWolff @jwildeboer it is still better that what we have now 😅

@christopher Yes but also no.
It's better in terms of combatting backdoors and vendor-lockins but can cause problems in terms of overall support.
And requiring to give away "your special sauce" to all your competitors also decreases your competitive edge, which also is likely to cause its share of problems.

@ChristophWolff @jwildeboer

@finlaydag33k But especially for critical infrastructure components, full transparency should be a requirement, not an option. Fully open components for that market could be a profitable market in itself. @christopher @ChristophWolff

@jwildeboer For networking equipment, it feels like it would be too easy to embed a purely hardware back door; so you'd need verifiable silicon and that's pretty hard. I'm thinking of something like a magic packet flag that would just cause the contents to DMA over code space.

@jwildeboer would we accept this if things were the other way around? ”Yes we Chinese would love to buy a huge amount of French trains (or whatever), but you have to give us the blueprints too”, I really don’t feel that would go down very well.

@o_O That’s actually quite exactly how joint-venture deals with China typically work since many years.

@jwildeboer maybe my understanding of the term is wrong, but isn’t that two parties collaborating in production, so not really the same as purchasing a large amount of vehicles or something? I would assume the only transportation infra china buys from Europe are airplanes, do they have the schematics for those too?

I mean, if this goes one way then clearly that’s an issue that should be resolved regardless of any question of sovereignty.

@o_O China almost always insists on the final production steps taking place in China, as joint-venture. See, for example, there are many, the joint-venture between China and Alstom on trains. When it comes to buying planes, that also includes maintenance, so yes, teh schematics and a lot more also go both ways.