| 1 |
On 05/15/2019 01:26 AM, Adam Carter wrote: |
| 2 |
> Here we go again; |
| 3 |
> https://mdsattacks.com/ |
| 4 |
> |
| 5 |
> I notice a microcode update for skylake came through yesterday after being |
| 6 |
> unchanged since the late June 2018, so i'm guessing this is patched for |
| 7 |
> this issue. Just waiting for the gentoo sources ebuild to be bumped to |
| 8 |
> 5.1.2 to try it out. |
| 9 |
> |
| 10 |
> Sounds like AMD not affected. |
| 11 |
|
| 12 |
x86 isn't the only game in town. |
| 13 |
|
| 14 |
There's also the raptorcs OpenPOWER systems which is the only new high |
| 15 |
performance hardware that is owner controlled, has foss firmware and no |
| 16 |
PSP/ME DRM. |
| 17 |
|
| 18 |
The new amd x86 are just as problematic due to having the PSP (AMD's ME) |
| 19 |
and all the problems that come with that. |
| 20 |
|
| 21 |
I don't include RISC-V since it is just as expensive as OpenPOWER for |
| 22 |
much less features and performance and it currently doesn't have an IOMMU. |
| 23 |
|
| 24 |
For laptops the only decent non-intel IOMMU having option right now is |
| 25 |
the G505S which has an IOMMU and supports coreboot with open cpu/ram |
| 26 |
init (note many companies sell shady "open source firmware coreboot" |
| 27 |
systems that have an entirely blobbed hw init process) Heres to hoping |
| 28 |
for a POWER or RISC-V+IOMMU laptop! |
| 29 |
|
| 30 |
A libre-firmware OpenPOWER Blackbird system is less expensive than a |
| 31 |
fully pimped libre-firmware KGPE-D16 and is many times faster even with |
| 32 |
just the base 4 core cpu (4 threads per core :D) and has the IBM version |
| 33 |
of OpenBMC which is better than the facebook version that was ported to |
| 34 |
the KCMA-D8/KGPE-D16's less powerful BMC. |
| 35 |
|
| 36 |
POWER is also the only high performance general computing CPU that is |
| 37 |
made in usa so you support jobs that pay a living wage at a fab that |
| 38 |
isn't messed around with by the PRC. |
| 39 |
Raptor claims their boards are us made as well although that is a lofty |
| 40 |
claim claim in the technology sector as the legal standard is "all or |
| 41 |
virtually all" components and many companies get shady like a certain |
| 42 |
one that claims their "linux focused" system is "us made" but the only |
| 43 |
part made here is the metal case. |
| 44 |
|
| 45 |
I would say the best and most secure setup would be: |
| 46 |
OpenPOWER Blackbird workstation |
| 47 |
KCMA-D8 for VM gaming (POWER only has a few indie games right now not |
| 48 |
anything commercial) which can max out the latest games in a VM at 1080p |
| 49 |
with a 4386 cpu and a RX590. |
| 50 |
G505S laptop for mobile computing running qubes |
| 51 |
|
| 52 |
Ideally you wouldn't run any programs on bare metal and everything would |
| 53 |
be done in a VM which is what I do even for gaming, watching movies etc. |
Archives