I just got a msi pro z790-p motherboard and saw renehoj say that you could it was possible to use the flash rom button and usb port to flash dasharo on this post:
I’m new to bios software since it’s very niche, I can’t find a place to download the rom but I’ve heard it can be downloaded with a pro subscription or built from source. I’m fine with any option not including money.
How might i find a rom to do it this way or is there a method just as simple?
It seems you answered your own question. If what you heard is correct and you don’t want to spend any money then you need to build from source.
If you don’t know much about bios then I’d guess you don’t have much experience building from source. Personally I wouldn’t build it from source and use that to flash BIOS. I’m happy to pay Dasharo for their work.
Nevertheless, here’s the link to dasharo build instructions
Thanks for the fast response!
Looks like this is my best option
for context:
I’ve been on linux mint for 2 or so years now so I’ve built a few things from source.
I’ve only got 2 brief follow up questions
Should I not build from source due to lack of experience or because the alternative is reasonably supporting the cool dasharo devs. (Not trying to be rude if that sounds wrong)
(Just for some better perspective on why this is the way it is, not trying to be accusatory)
Is putting the binaries behind a paywall and putting building roms behind a skill wall, a symptom of being an understandable financial decision in a small niche or a bad user interface/experience oversight?
Some other ways of looking at it, from a non-user of Dasharo firmware (but maybe in the future), with a little bit of microprocessor experience:
DIY build gives a lot of what-ifs
What if the build is bad? Can I just press a button to go back? (I don’t think that sounds very secure, but maybe it’s OK!)
Will it need a flash programmer?
What type? Is it 3.3V or 5V?
What if I mis-connect and destroy the flash chip? Do i feel sure I can source and solder a new one?
The paid-for version comes with some guarantees,
and support and upgrades,
and it has been tested, probably tested a lot. Maybe some of the testing was expensive.
It will also increase the incentive for future work
The skill wall is not put there by the devs, it was already there, and they put a lot of work into learning how to climb over it. Just having the source allows us to benefit from their effort, but they need to eat. And they need to save for retirement one day.
For me, there’s not only a wall, but I am starting at the bottom of a hole. And I don’t even know how deep my hole is.
Showing that there is real interest in better firmware is important for stimulating outside investment in it. Maybe even the hardware manufacturers will get the hint, one day.
And it IS a cool thing to support, if you can, especially if you aren’t at the experience level of the Dasharo gang! Respect!
Agreed, Respect!
I hope my previous post came off more self deprecating than entitled, because a self deprecating tone was the intention, and meant it when I said that they have reasonable asks.
I’d like to provide some more situational context as to why I still find this a little atypical (But not unreasonable!)
According to what renehoj said in the thread I linked in the initial post I made, he could flash the rom using a usb with the rom on it and a button press with the “flash bios button” (I think this is a MSI feature but I’m unsure if it’s common). So no flash programmer required and easy user experience
I don’t have lots of low level microprocessor experience so you might be able to give good commentary here but is there no difference to making the rom file from source on a user device vs the dasharo team doing it and posting the binary? They posted the sha256 on their website for the binaries that they don’t provide (Trying to say directly and not at all spitefully)
It’s completely reasonable for them to ask for the money they ask for, I just find it unconventional in opensource software. I can download GrapheneOS, CalyxOS, QubesOS, GIMP, Krita and Mullvad’s Software, just to name a few with no direct paywall or build requirement and then give them a donation. I guess this more just rests on the point made in 2 but if a user ends up with an identical piece of software through the same process I’m confused why they don’t have it available for direct download with a donation page popup but let you build it anyways, other than giving the ability for others to check what it does under the hood this feels weird for something privacy, security and/or anonymity oriented.
Here’s something I thought was interesting but didn’t know how it would fit in to this topic but thought is worth mentioning, from 3mdeb founder talking about something similar to whats being discussed here on nitrokey forums
Would love and welcome to be corrected/clarified on points made or shown any alternative perspectives that pertain to them
It’s both. Personally I think that bios software is extremely important and I don’t think that my expertise is sufficient to trust myself to build it 100% correctly (I’ve been using qubes for 5 years). It’s also a risk reward thing. Paying 100 euro on top of the hundreds I spent to build the unique computer I need for dasharo… it seems a reasonable expenditure. I don’t mind that you don’t want to pay… Dasharo is offering the instructions for building from source
I’m not sure of Dasharo devs reasoning. Frankly I find a lot of their decisions and the way they organize information to be hard to understand. Which is another reason I don’t trust myself to build from source. I’m also not sure if building from source makes an actual working rom for the bios. I wonder if it just for the process of verifying reproducible build.
There are other choices, dasharo probably want to offer a specific product. Core boot is open source and available but taking it and customizing to work on a specific motherboard as well as adding features (like me hap disable), testing diff configurations and offering technical support is all a lot of work.
I’m thankful for your answers, they’re very informative.
I’ve got 2 small follow up questions
What errors could be encountered in the build process that would not make it 100% correct and why might they occur? From what I see on the build instructions page it seems like only a few commands
I don’t know if this is too much to ask but I figure I should so other people who come across this thread have a point of reference past dasharo being esoteric. Since you seem to have a copy of the version behind a paywall could you do a build from source and check if they are the same and show/say the results.
That’d clear up everything and I can’t find an answer anywhere else on the web
(Small edit: If anyone else could test this out I’d also be very appreciative, renehoj could be very helpful here)
I have some MB with “flash bios button”, but I was always too “chicken” to use it like this, because I was never 100% sure it can recover all mistakes.
I think reproducible build is not solved for these firmwares. There is a mention somewhere on their site. It can be a lot of work, I think. Without it you can (I hope) get identically functioning firmware but different hash. If you get identical hash, then yes, you can benefit from all that testing.
Reasons for diffrences of build: maybe only some datestamps or unimportant build info; maybe some subtle change of compiler behaviour that makes my build be the one that burns my hardware. I do not know how to tell.
It is a little unusual to have no free download, but for me it is “their work, their choice” and it will be their time to clear up if users of their work have unrelated problems and then start badmouthing them. I guess some recent posts on here can be a good illustration of that. Even from GPL2 license -from very early open source activists- there was always the right to sell the build, only the source must be available.
I think donations are unlikely to be a big help… nice to have, but probably not enough to finance further support (only guessing!)
Some closing remarks, thanks phcaec and corny you’ve both been helpful, active and insightful.
I built dasharo and the project was a different hash the ones provided on the website. For ultra paranoid privacy reasons I won’t put it here but it starts with an “a” , since it’ slightly unofficial or unintended I’m crowning it the “wheredarom crasharo fork” so far it works fine.
I also used the flash bios button with no problems so renehoj’s method is fine. (don’t be a chicken)
If my computer bursts into flames I will post about it and blame 3 letter agencies
To anyone who hits a dead end and ends up here, there’s no free binary download link, it’s easy you just have find the instructions, so have fun and happy hap bit hunting