[coreboot] Microcode updates for slightly older intel CPU's re: meltdown/spectre
Timothy Pearson
tpearson at raptorengineering.com
Thu Jan 11 23:27:51 CET 2018
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
What I'm more concerned about right now is something I'd term "security
apathy". We just learned 99% of the world's computers are insecure in
one way or another; security is now something that (to most people)
apparently cannot be purchased. In such an environment, the cheapest
system per unit performance always wins, even if it happens to contain
rampant abuses of privacy / backdoors.
Probably a discussion best had over coffee, since it's largely
unfixable, but suffice it to say we're already starting to see this even
in our original customer base.
On 01/11/2018 04:22 PM, Taiidan at gmx.com wrote:
> On 01/11/2018 05:05 AM, Nico Huber wrote:
>
>> you seem to be misinformed about the G505s. There is no open-source gfx
>> init for AMD (not in firmware, not in the OS), so within your require-
>> ments it's not usable as a laptop.
> I forgot to include my usual suffix mentioning that blobs are required
> for video (and power management)
>
> I believe it is still much better than the C2D laptops in terms of
> security despite the video blob as it has an IOMMU [1] and no ME/PSP.
> [1] with the high end quad core CPU option
>>> (as the previous C2D/C2Q's
>>> such as the X200 are now permanently insecure without intervention from
>>> intel apparently)
>> It depends on the software you run. Please read more about Meltdown and
>> Spectre. When you understood it, you can still start to worry.
>>
>>> At this point even a massive performance loss is better than having to
>>> throw out so much now-useless hardware.
>> Yes? and that can be accomplished without microcode updates, AFAIK.
> I was and still am under the impression that fixing both issue classes
> requires microcode updates, can you link to a better explanation?
>
- --
Timothy Pearson
Raptor Engineering
+1 (415) 727-8645 (direct line)
+1 (512) 690-0200 (switchboard)
https://www.raptorengineering.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJaV+TkAAoJEK+E3vEXDOFbghEH/ivQ84bm11KHSDs8+EIWSP1J
XeQvhxHlsz5ZNYA16a7QU+dWhn8vOo6es3yBmTgOPsVzu1PUgXwgX1QnfUyAzrml
59d7TZE7p8MtgCAmsUruNgVdPgXEPK/Qh/6uUarVh8U7bRpaOEVcc2thJZCRDLQw
U4m8+Z5RudnDz9ZiPVfMKhpqSVJ+FTBzr3uCp+Mqr9CFIV3GxbwWCkoEPbo1hNrq
O+ZfCk24GseFfI8fjfpP523nARd8bX0WEUodRaw/l58+vspjGo3DyvjrWpcdJRHg
X+dg0I9CKVPt7doFh4NscPmNAhia9R8JfeTj3qCoMiFAvSHcBgb7p8Q8xitIkw0=
=gkEr
-----END PGP SIGNATURE-----
More information about the coreboot
mailing list