| 1 |
On 12/09/2018 01:57 PM, J. Roeleveld wrote: |
| 2 |
> On December 9, 2018 6:23:07 PM UTC, "Taiidan@×××.com" <Taiidan@×××.com> wrote: |
| 3 |
>> On 12/07/2018 06:47 PM, Nikos Chantziaras wrote: |
| 4 |
>>> On 07/12/2018 09:30, Dale wrote: |
| 5 |
>>>> Nikos Chantziaras wrote: |
| 6 |
>>>>> If you want to see all of the installed packages that are affected, |
| 7 |
>>>>> you need to set CPU_FLAGS_X86 to an empty string: |
| 8 |
>>>>> |
| 9 |
>>>>> CPU_FLAGS_X86="" |
| 10 |
>>>>> |
| 11 |
>>>>> and then do "emerge -puDN --with-bdeps=y @world". This is because |
| 12 |
>>>>> CPU_FLAGS_X86 is not empty by default. It contains sse and sse2 by |
| 13 |
>>>>> default, because these are supported by all 64-bit CPUs. |
| 14 |
>>>>> |
| 15 |
>>>> |
| 16 |
>>>> What I did, I commented out the whole line and ran it that way. |
| 17 |
>>> |
| 18 |
>>> If you comment it out, it will have default values. If you set it to |
| 19 |
>> an |
| 20 |
>>> empty string, you should be able to see which packages make use of |
| 21 |
>> the |
| 22 |
>>> default flags (like sse and sse2.) |
| 23 |
>>> |
| 24 |
>>> Note it's a pretend emerge (-p). Just to check which packages you |
| 25 |
>> have |
| 26 |
>>> installed that make use of these flags. |
| 27 |
>>> |
| 28 |
>>> |
| 29 |
>>>> One last question for anyone who has done this recently. When |
| 30 |
>> finished, |
| 31 |
>>>> I'll have a FX-8350 CPU with 8 cores at 4.0/4.2GHz, 32GBs of memory |
| 32 |
>> all |
| 33 |
>>>> on a Gigabyte 970 series mobo. Would there be any point in |
| 34 |
>> upgrading to |
| 35 |
>>>> a whole new rig or is what I have about as fast is reasonable to |
| 36 |
>> build? |
| 37 |
>>>> I don't do gaming or anything. Even the GTX 650 video card is |
| 38 |
>> likely |
| 39 |
>>>> overkill for what I do here. The older 200 series card is working |
| 40 |
>> just |
| 41 |
>>>> fine. On one hand, my current build is several years old. On the |
| 42 |
>>>> other, computers seem to have reached their peak. I'm sure there is |
| 43 |
>>>> more powerful systems out there but would I be any better off with |
| 44 |
>> one? |
| 45 |
>> |
| 46 |
>> Since the AM3+ and its C32/G34 Opteron counterparts are the last and |
| 47 |
>> best x86 cpus without ME/PSP I would say you are better off with what |
| 48 |
>> you have - the best piledriver cpus like the FX-8350+ are still able to |
| 49 |
>> play the latest games and in a VM via IOMMU-GFX if you want. |
| 50 |
>> |
| 51 |
>> In any case I would consider a OpenPOWER (ppc64/ppc64le) arch system |
| 52 |
>> (like the blackbird or talos 2) as an upgrade path instead of any |
| 53 |
>> futher |
| 54 |
>> x86 stuff as there aren't any black boxes, there is |
| 55 |
>> documentation+firmware sources and the cpus are made in usa. |
| 56 |
> |
| 57 |
> Made in USA isn't necessarily a good thing when talking about not wanting any hidden back doors. |
| 58 |
|
| 59 |
Hell of a lot better than buying black box hardware from china. |
| 60 |
|
| 61 |
x86 is definitely backdoored due to the ME/PSP and various other DRM |
| 62 |
features that mean you no longer own your x86 computer. |
| 63 |
|
| 64 |
In the US you aren't going to prison for telling the government you |
| 65 |
won't put a backdoor in your hardware whereas in china and many others |
| 66 |
you would go to jail without even a trial even in western europe people |
| 67 |
are jailed for saying the wrong things on the internet. It is currently |
| 68 |
the hardest place for an authority figure to lean on you. |
| 69 |
|
| 70 |
Since the only users of POWER are fortune 500's and the government |
| 71 |
itself it needs to be secure and not fucked around with, ironically the |
| 72 |
chinese government is buying OpenPOWER now as they want a secure, owner |
| 73 |
controlled, highly documented and non-x86 high performance CPU (there is |
| 74 |
absolutely no hardware code signing not even for the cpu microcode and |
| 75 |
no blobs are required for hardware initiation unlike with new x86 stuff) |
| 76 |
|
| 77 |
One doesn't have to put an actual func_backdoor backdoor in a CPU since |
| 78 |
something so complex will have exploitable bugs that even the |
| 79 |
manufacturer doesn't know about such as the (fixed via microcode) 2014 |
| 80 |
AMD Piledriver NMI to root exploit where you could get root and SMM |
| 81 |
access from a tiny userspace script and that was in there for years |
| 82 |
without anyone noticing. |
| 83 |
|
| 84 |
> Not sure which country would be a reliable location though, I wouldn't trust Western European countries either. |
| 85 |
|
| 86 |
USA is currently the best option since there have never been proven |
| 87 |
backdoors in made in usa hardware but plenty in chinese made hardware |
| 88 |
such as the recent motherboard hack chip scandal. |
Archives