taii...@gmx.com: > On 11/14/2016 03:12 PM, Eric wrote: >> On Monday, November 14, 2016 at 11:58:32 AM UTC-8, entr0py wrote: >>> Eric: >>>> On Sunday, November 13, 2016 at 10:44:33 PM UTC-8, >>>> tai...@gmx.com wrote: >>>>> Forgot to say: Purism is just an overpriced quanta/oem >>>>> whitebox laptop, it takes 5mil+ of startup funds to do a >>>>> small run of *just a motherboard* let alone an entire laptop >>>>> computer including the fab for a fancy aluminum case - it is >>>>> quite obvious that their components are not "hand selected" >>>>> and that they just called up some chinese OEM and asked them >>>>> what they had kicking around. >>>>> >>>>> I can't understand if they are scammers or just really >>>>> naive, Instead of making an OpenPower or ARM laptop and >>>>> having it be 100% libre from the start they instead do the >>>>> dishonest "you'll go to disneyworld one day poor johnny" - If >>>>> google can't convince intel to open up FSP/ME then nobody can >>>>> - coreboot with FSP is just shimboot (black box FSP - 95% of >>>>> the bios work) >>>>> >>>>> It bothers me quite a lot that they are on the list of >>>>> approved vendors when they are a dishonest company. >>>> Whoa. Ok, hold on a sec. I did not buy a Purism computer, >>>> though not for those reasons - putting a 28W TDP proc in a >>>> 15inch "workstation" is absurd to me. as is their lack of a >>>> screen configuration. I hear your anger at the gap between what >>>> they promise and what they deliver; I'm more displeased on the >>>> hardware side of things (though I do like HW kill switches. >>>> I've looked into what they promise and understand very well >>>> that they don't actually have a very free computer at all, >>>> especially on the bios/firmware side. >>>> >>>> What I actually ordered (and have now cancelled), was a Dell >>>> XPS 15". There is no vPro option in the configure menu, though >>>> it does support VT-d and SLAT. I've read all of Joanna's >>>> papers, and understand the concerns about Intel ME very well. >>>> However, on the Dell order, it claimed "ME Disabled." Perhaps >>>> they simply meant that vPro/AMT/TXT was disabled, and that was >>>> mine and Dell's fault for wishful thinking and false naming, >>>> respectively. Please see linked photo: https://d.pr/Q0YZ >>>> >>> Moral considerations aside, why not buy that Dell and pair it >>> with a portable router/firewall like this >>> (https://www.compulab.co.il/utilite-computer/web/products)? >>> Shouldn't that effectively block out any ME-related mischief or >>> do I have a fundamental misunderstanding? It doesn't seem >>> possible otherwise to get the type of processing power you're >>> looking for in a laptop form-factor. >> Also, the concern for me is not ME shenanigans. I'm more concerned >> about having TXT for AEM and measured boot, and the consumer Dell >> model does not have that (the processor and chipset don't support >> it). The other option aside from the Precision 5510, would be a >> ThinkPad T460 or T460p, but the downside there is performance (only >> SATA-3 SSD), and also the screen quality is terrible. >> >> Much as I dislike proprietary anything, I might take a second look >> at the new MacBook Pros, and run things that need higher security >> in a VM or in Whonix. > > Why would you buy a macbook? You realize those have regular intel processors > and ME too right? > > Lenovo is owned by the chinese, and dell business laptop (their consumer line > is garbage) is a way better choice than either. > > It seems you do have (as you said) a fundamental misunderstanding of how > security actually works, and how a router/firewall operates. - thus I don't > think that anyone would be targeting you specifically with a ME exploit.
(top-posting fixed) Despite my "fundamental misunderstanding of how security actually works", I am able to read a thread and keep track of who said what - a skill you seemed to have misplaced in all your wizardry. Also, on your crusade to dismantle Intel and Google, it might behoove you to take a slightly less agressive tack with people who generally share your beliefs cause it seems you're significantly outnumbered as it is. Now if you'd like to respond without the obligatory disdain and actually explain something, my questions was: "Is Intel ME/AMT able to bypass firewalls that haven't been specifically configured to support those services?" This entry: https://en.wikipedia.org/wiki/Intel_Active_Management_Technology#Communication leads me to think that ME TCP/IP traffic isn't automatically passed-through, but like *I* said, I may have a fundamental misunderstanding of that. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1fa38532-a531-def1-03d8-50df0a9d5c9f%40gmail.com. For more options, visit https://groups.google.com/d/optout.
