/tech/ - Technology★

Or maybe should nuke x86 and move to something else?

But how to run existing software and everything? In emulator? That's going to be slow

> But then, won't that be uncomfortable to use? It will be a pain to move data between both machines.

just network them and firewall it on both ends. make sure the offline computer has no direct internet access or it's only available through a proxy that isn't on a default port.

There are some ARM boards that can run without blobs, so long as you don't need the GPU. Someone listed them in a recent thread (sorry I don't have url). They should run most software for *nix. For Windows stuff like games or whatnot, you'll probably need a separate machine that's without network (disconnect wifi radio/antenna if you can't remove the card). To transfer data, optical disk works and also gives you a backup. USB flash/disk is more risky.

It's not ideal, but it's better than having a full botnet Intel/Windows machine connected to Internet. I'll be unfomfortable if you're constantly moving data back-and-forth though.

Another option to transfer data is to use an intermediary tightly-controlled system from old hardware, connected via serial ports only. This acts as a file store or BBS you can send/receive stuff over zmodem or similar protocol, and doesn't allow anything else (and especially doesn't route TCP/IP). But it will be slow if you want to send big files, even at 115200 baud rate.

>>818074 (OP)

>anti-ME anti-UEFI anti-backdoor CPU

AMD FX-83xx FX-63xx

Last decent CPUs without hardware backdoors.

Shit thread. Stop LARPing about being a leet NSA avoider. If you had any fucking clue what to do about anything, you'd be doing it.

>>818116

>AMD FX-83xx FX-63xx

>Last decent CPUs without hardware backdoors.

How do you know they don't have backdoors?

They don't have PSP/ME or UEFI (mobos), but they could contain other backdoors. Also they have huge TDP/heat/power. And they are too fast anyway. Who would need so fast CPU?

>>818118

>Shit thread. Stop LARPing about being a leet NSA avoider. If you had any fucking clue what to do about anything, you'd be doing it.

Fuck you FBI nigger. We're moving from PSP/ME and UEFI and you will be able to do shit to us.

>>818161

nigger I have 3 libreboot machines; an intel atom board, the D945GCLF; an X200, for a laptop; and a KGPE-D16 server

>>818161

>Who would need so fast CPU?

You are retarded.

>>818161

There is only one way to avoid the NSA. Get rid of your computer. There is no other way. Libreboot will not help you.

>>818177

so if your so skilled why you sage and negate the thread instead of giving advice?

>>818178

<Who would need so fast CPU?

>You are retarded.

Care to explain?

I do most things that can be done on PC, including CPU intensive things like video encoding, and I think FX cpus are overpowered. I don't understand why 90% of people would need CPU as strong as FX's.

The only thing that is slow no matter what CPU I feed it to is web browsing - and I don't mean how fast page loads, I mean how slow and shit, non-responsive browser is.

>>818184

<There is only one way to avoid the NSA. Get rid of your computer. There is no other way. Libreboot will not help you.

>YES GOYIM you cannot run from us, just accept us and install Google chip under your skin, there is no difference if you use non-ME non-UEFI PC and 2017 botnetted PC with Microsoft Windows 10

>>818184

If there is no way then why do they invented ME and UEFI backdoors? Why they needed them if you claim that they already had everything?

Why did Truecrypt work and they were unable to decrypt people's drives?

Hackers manage full access to Intel ME via USB

https://www.golem.de/news/security-hackern-gelingt-vollzugriff-auf-intel-me-per-usb-1711-131065.html

> Security researchers analyzing Intel's Management Engine (ME) for more than a year now report: "Game over!" for Intel. Researchers have full debug access to the ME via a dedicated USB interface.

> For about a year, the researchers of the security company Positive Technologies caused a stir with their reverse engineering of the Intel Management Engine (ME). Recently, the researchers succeeded in executing unsigned code on the ME. Details will be presented at Black Hat Europe in early December. The involved in these works Maxim Goryachy now reports on Twitter : "Game Over!" , because the team has apparently managed to gain full access to the ME.

> According to the rather brief announcement, the researchers have access to the functions of the ME via JTAG. The latter is a standardized method for debugging hardware and any integrated circuits during operation and thus also for changing their mode of operation. For this JTAG access, the team also probably uses the USB Direct Connect Interface (DCI) from Intel.

> The DCI is intended primarily for the manufacturers of embedded systems with Intel chips and is used for a comparatively simple debug access to the hardware. Thus, the current UEFI and the hardware such as CPU or the so-called Platform Controller Hub (PCH) of the supported devices can be easily analyzed via USB 3.0 cable. The review of the actually specially protected ME and especially the complete programming access via JTAG are probably not planned.

> For devices that have DCI enabled despite explicit warning from Intel, can be constructed from the findings of an extremely profound attack. The security researchers have already been able to locate some of these devices. Users or the operating system used have no way to detect or avoid this attack. Since the ME itself has full access to RAM and CPU, passwords or private keys can be read out and transferred.

> ME may jeopardize safety

> The Positive Technologies team also found out this year that the system was apparently derived from Minix, for which Minix inventor Andrew S. Tanenbaum thanked Intel . However, in an addendum, Tanenbaum also writes: "Many people, including me, do not like the idea of ​​an omnipotent management engine at all, because it's a potential security hole and a dangerous idea in the first place ."

> Google's coreboot developers are therefore working with colleagues from Cisco and other companies to make the Intel ME and other proprietary firmware components as harmless as possible and, if possible, replace them with free software. The manufacturer Purism also sells equipment with its Librem laptops on which the ME is completely switched off. The ability to shut down the ME has also been discovered by Positive Technologies researchers this year.

>>818210

Oops - Forgot the twitter link

https://twitter.com/h0t_max/status/928269320064450560

Here's a list I've been making with the help of halfchan.

Findings so far

x86:

For desktops, there's lots of C2Ds and atoms listed, but also some very nice opterons and apparently an iMac

https://libreboot.org/docs/hardware/#desktops-amd-intel-x86

https://libreboot.org/docs/hardware/#serversworkstations-amd-x86

For Laptops, you have the CD and C2D memepads

https://libreboot.org/docs/hardware/#laptops-intel-x86

Purism doesn't do libreboot, but their roadmap includes this as a future goal.

https://puri.sm/learn/freedom-roadmap/

ARM:

Obviously there's a shit ton of SBCs (Pi, Olimex, etc).

For a laptop option with an open firmware, try ARM Chromebooks.

I'm dead serious. Open it up, unscrew the write protection screw, reflash coreboot, install loonix of choice.

https://www.coreboot.org/Chromebooks

In general, your biggest concern with ARM is the GPU drivers.

Mali is fucked. Don't use it. PowerVR too. Vivante GC, Qualcomm Ardreno, and Broadcom VideoCore are fine.

https://en.wikipedia.org/wiki/Free_and_open-source_graphics_device_driver#ARM

Some anons have reported that lighter environments like XFCE are usable on stuff like Mali without the driver, but it's not ideal.

One anon said he couldn't remove the ChromeOS on his libreboot C201. This github issue talks about a solution.

https://github.com/altreact/archbk/issues/3

OpenPOWER:

Raptor Engineering sells POWER9 workstations, that may soon be getting RYF certification.

They're expensive as fuck, but probably the most powerful non-botnet computers that exist.

https://www.raptorcs.com/TALOSII/

PowerPC:

Here is a project for a Libre PowerPC laptop, shooting for RYF certification.

https://www.powerpc-notebook.org/faq/

MIPS:

The /csg/ of desktops. Lemote is a chink company that sells libre MIPS boards, using PMON firmware.

http://www.lemote.com/html/product/

RISC-V:

Only SBCs here. SiFive has some.

https://www.sifive.com/products/freedom/

There's also LowRISC

http://www.lowrisc.org/

new CPUs aren't even getting faster, they just get more features, instruction set extensions, maybe some bigger caches, etc. you need the latest CPU to run goy apps because they're bloated pieces of shit that have been QA'd/debugged into existence using only the latest most popular hardware. i have several 10 year old machines and they are still in the multi GHz range and can run extremely intensive applications, yet cannot run something like agar.io, hipchat, discord, skype, etc without a terrible user experience

>>818373

10 year cpu can easily do video encoding, 3D modeling, graphics/video editing, using old optimized software. but somehow it's not possible to smoothly run (((modern))) web browsers on same cpu

>>818373

javascript and vp8 is the only difference between modern processors and athlon/pentiums of old in terms of general performance

we still can't multithread everything

You don't have to multithread everything. Stop trying to cram everything into web browser and just use the native hardware and OS. Then, your stuff runs plenty fast, even on a decade old machine. And it it's still slow, you can get rid of stupid desktop environment bloat and just use a plain old window manager. Even an old i386 Pentium 4 should be fast enough today for most tasks (maybe not video editing, but not everyone needs that).

>>818622

how long does it take to compile gentoo on an old i386 pentium 4?

>>818645

About 2 weeks. Those things only have like 16mb RAM.

>>818645

I doubt the kernel will take much longer than a couple of hours. It's all the other software you compile (like web browsers) might take days.

>>818645

Dunno, but I used to build OpenBSD kernel & userland overnight on weaker hardware (Pentium II). It didn't take all night either, just several hours.

>>818657

My 33 MHz 486 maxed out at 16 megs. My last i386 was a P4 with 512 megs, and that mobo could take 1 gig (and it wasn't anything fancy at all).

>>818659

This. Most Unix software is pretty lean, and I built all kinds of stuff on my 486 (which I only had 8 megs on). But when they started doing all this bloated desktop and browser shit, even powerful machines take a while. If anything this makes lean software much more desirable, since you can comfortably build it yourself on old non-botnet hardware. That's in addition to it being easier to audit, etc.

>>818076

>what is compiler

>>819796

it's "computer," retard

Pqoeojfxownsuhxueldocuhrkixwpwkfic

>anti-botnet cpu

The only one you can get like that is the one your make yourself

/thread

>>820289

I don't even have enough computer to do that.

>>818076

Why do you want to run existing software in a different CPU? Why not fork your software and port it to the different CPU?

>>818074 (OP)

>I am scared of backdoors, the older hardware the better

older processors have vulns because they just didn't have sophisticated security.

>>829341

Those graphs clearly show that IPC is no longer improving in a significant way. A 0.4% improvement is not worth upgrading for.

>>829344

>x86

system management mode is the backdoor

>powerpc and openpower

side channels and debug ports

>arm

debug ports and system management mode like functions

>RISC V

Debug ports

If you want to avoid hardware backdoors then avoid x86 and ARM based proccessors of any age. If you want to avoid software based backdoors you best use anything pre core2 duo x86 and anything pre ARMv7 for ARM. If you want secure hardware, it doesn't exist.

>>829352

Those improvements add up, as you'll notice the first graph shows a 20% cumulative improvement from the ancient Core 2 chips you're talking about to modern ones, and the second graph shows the improvements can be several times greater yet for some applications. That's all without counting other improvements included in newer CPUs, like much more aggressive clocking thanks to process shrinks and better dynamic clocking, bigger caches, and faster system buses (particularly for RAM).

Such old x86 chips are so slow, you'd get better performance emulating it on a modern tablet SoC.

>>829367

If you are going to upgrade to anything botnetted go to the intel haswell generation. As it is the last proccessor before the un-removeable version of ME and graphics blobs for intel gpu's. Haswell added more execution units to the proccessor for more throroughput.

>>818210

Oh gosh, people can do nasty things when they have physical access to the machine!

>>829375

Broadwell is fine too, (((Librem))) laptops are based on Broadwell chips that run free graphic drivers.

>>818074 (OP)

No need to get that old.

You can get a AM3+ FX-8370e, these are the 90w under volted processors, specially binned for it. They are the best of the process and will overclock to about 4.4/4.6 Ghz on air and will reach 5GHz on water. Much better than the FX-9590 which is shit because it will not go 5GHz on all four cores because of its settings, the 8370e will. This will make run like the faster I5 from April this year, so still pretty good.

You can get the last fastest BIOS motherboard the GA-990FXA-UD3/UD5/UD7 with the lower revisions 1.0/1.1/1.2. They basically have all of the modern connectors present except for for M.2 support. But add about 4 Samsung 850 Pro's/Evo's in raid 0 and you will have M.2 speed with 2 GB/s read and write. hould not be to expensive now.

Then get 1866 DDR3 with the lowest CAS of 8 or 9. These have the best true latency and perform better than 2400 DDR with higher CAS that have shittier latency as well. The FX processors work better with 1866.

You can add any modern latest video card in SLI etc.

This will be a very fast system that can still play all modern games at good settings.

>>818161

>PSP/ME or UEFI (mobos),

Get GA-990FXA, they still have BIOS, FX-83** do not have PSP

>>818161

>And they are too fast anyway. Who would need so fast CPU?

And 640k should be enough for everyone.

>>829354

How is debug port a backdoor? That's like saying IMSAI and Altair are backdoored because you can view/toggle cpu registers at the front panel. It's only a backdoor if this capability is available to the entire world over the network, such as in the case of Intel ME.

>>829354

If you want to avoid SMM in x86, you have to go back to 80386 chips (and avoid the SL variant).

https://en.wikipedia.org/wiki/System_Management_Mode