Hello,
Off-topic: Top-posted as Protonmail Android App is still unable to correctly use inline answers without correct quote layout/line breaks. Bug has been reported months ago :-/
Taiidan wrote:
"(...) CPU's....without a fix there will be only one coreboot compatible laptop with open source hardware initiation that is remotely secure (...)"
Currently I am using two laptops for my work setup: A 12.5" Lenovo X230 and a 15.x" Lenovo W540 both machines are running with Qubes OS 4rc3 and 16GB RAM. The W540 is a Dual-Boot system with Win10, the x230 is running Coreboot.
Honestly I am shocked and angry if there will be no Intel Updates for the X230 and W540. On the other hand, if I am running Qubes and Coreboot, wouldn't this reduce the risk of Meltdown/Spectre attacks as Coreboot will protect me against remote attacks (stripped down AMT/Intel ME) and Qubes might reduce the attack surface as I am using several VMs and DVMs for browsing?
If I compare the Lenovo X230 to Lenovo G505s this looks like a step back: the G505s is targeted at another audience that Lenovo ThinkPad Users. It looks to me like an entry level desktop, which is also very bulky (without the additional performance of a W540).
CPU comparison X230 CPU vs G505s http://www.cpu-world.com/Compare/725/AMD_A6-Series_for_Notebooks_A6-5350M_vs...
Also the G505s has less cores/no HT
Frustration. Can't "we" build one or maybe two crowd founded secure Laptops (12", 15.x") with reasonable specs, good keyboard, hardware kill switches, internal wan (kill-switchable)? I can't think that choice is limited in 2018 to only 1 (in words "one") laptop modell, which is no nearly 5 years old (08/2013).
Brave new world.
[799]
Gesendet von ProtonMail mobile
-------- Original-Nachricht -------- An 11. Jan. 2018, 03:55, Taiidan@gmx.com schrieb:
I am curious of any intel insiders know if there will be microcode updates released for older intel CPU's (ex: sandy/ivybridge) and failing that, what can be done in regards to securing them from meltdown/spectre.
I believe this is a relevant coreboot topic considering how many coreboot boards have these and older CPU's....without a fix there will be only one coreboot compatible laptop with open source hardware initiation that is remotely secure (lenovo g505s as has a pre-PSP AMD CPU) and theoretically owner controllable (as the previous C2D/C2Q's such as the X200 are now permanently insecure without intervention from intel apparently)
At this point even a massive performance loss is better than having to throw out so much now-useless hardware.
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot