Recently there was a blog post by MALIBAL, a disgruntled laptop vendor who attempted to port coreboot to their rebranded white label laptop. The cause of the kerfuffle they describe is that they failed in their own attempt to port coreboot to their laptop, then approached a few of our consultants and community members claiming the code was “80+%” complete and that they just needed help with “debugging.”
Each attempt was terminated in the evaluation phase, however, as the consultants and vendor disagreed on the amount of remaining effort and the supplied hardware had problems (flash read/write problems, UART access barely possible) which could not be resolved easily. Additionally, this person’s attitude and communication style was, to put it mildly, very off-putting.
We won’t do a point-by-point rebuttal of their screed since others have already done so in various other forums. However, it is important to emphasize that aside from NDAs which are common for new product development, no contracts or statements of work were signed and no money changed hands. Any suggestion from this vendor’s blog that a coreboot consultant failed to deliver on work they were hired or paid to do is false and defamatory.
Our consultants have a strong track record of delivering for their customers on a variety of platforms including embedded systems, laptops and desktops, networking equipment, and servers. They’re also very friendly and will be happy to help scope out your next product needing simple, fast, and secure firmware.
Update: 9elements Cybersecurity has posted their side of the story here: https://9esec.io/blog/response-to-recent-malibal-blog-post-regarding-9elements/