Recently there was a blog post by MALIBAL, a disgruntled laptop vendor who attempted to port coreboot to their rebranded white label laptop. The cause of the kerfuffle they describe is that they failed in their own attempt to port coreboot to their laptop, then approached a few of our consultants and community members claiming the code was “80+%” complete and that they just needed help with “debugging.”
Each attempt was terminated in the evaluation phase, however, as the consultants and vendor disagreed on the amount of remaining effort and the supplied hardware had problems (flash read/write problems, UART access barely possible) which could not be resolved easily. Additionally, this person’s attitude and communication style was, to put it mildly, very off-putting.
We won’t do a point-by-point rebuttal of their screed since others have already refuted it in various forums such as in this Reddit thread and this Youtube video. There were several places where this vendor linked to their blog and for obvious reasons they got severely ratioed.
It is important to emphasize that contact with this laptop vendor was terminated early in the process. Aside from NDAs that are common for new product development, no contracts or statements of work were signed and no money changed hands. Any suggestion from this vendor’s blog that a coreboot consultant failed to deliver on work they were hired or paid to do is false and defamatory.
Our consultants have a strong track record of delivering for their customers on a variety of platforms including embedded systems, laptops and desktops, networking equipment, and servers. They’re also very friendly and will be happy to help scope out your next product needing simple, fast, and secure firmware.
Update: 9elements Cybersecurity has posted their side of the story here: https://9esec.io/blog/response-to-recent-malibal-blog-post-regarding-9elements/