On 02/01/2014, mrnuke mr.nuke.me@gmail.com wrote:
On Thursday, January 02, 2014 09:16:25 PM Sam Kuper wrote:
My earlier question about the Acer C7/C710 and HP Pavilion 14 was motivated by the following consideration: if they have not been found to have CPU errata warranting uploading of CPU microcode, then they might be (at least in this respect) preferable to the X60 which forces the user to choose between uploading microcode or running with known vulnerabilities.*
x86 Chromebooks ship with microcode updates.
On the C7/C710 and Pavilion 14 as shipped, where are those microcode updates stored?
And how exactly is a CPU different if the microcode update is patched in the factory rather than uploaded at boot? It's the same microcode in the end.
First of all, if some microcode is in the CPU from the factory rather than being uploaded into the CPU's "microcode-patchable space"[1] then it's not "*patched* in".
If no errata have been reported for the 847 and 1007U for which microcode updates have been released, then that's one less thing to keep on top of when building Coreboot or installing an OS. Personally, I'm in favour of having one less thing to keep on top of in such a situation.
Also, if no errata have been reported for the 847 and 1007U for which microcode updates have been released, then it's possible those two models are - at least compared to Core Solo, Core Duo, Core 2 Duo, etc - not lemons. Personally, I'd rather not buy a lemon.
Additionally, if no errata can be found by people outside Intel in the 847 and 1007U for which a microcode update would be justified, then Intel/whoever would be less likely to be able to convincingly foist compromised microcode for those CPUs on anybody in the future.[2][3]
This microcode discussion is ridiculous.
Well, that's the problem with proprietary systems; you have to just make a guess about which of several black boxes is the least worst. Might as well at least try to make that an educated guess instead of a blind guess.
Regards,
Sam
[1] https://web.archive.org/web/19990219103606/http://eetimes.com/news/97/963new... [2] http://www.forbes.com/sites/steveblank/2013/07/15/your-computer-may-already-... [3] http://www.afr.com/p/technology/intel_chips_could_be_nsa_key_to_ymrhS1HS1633...