On 02/02/2017 04:50 AM, Vít Šesták wrote:
Choosing the right CPU is about choosing the right tradeoff. The tradeoff is not only between price, power consumption and performance. We can also balance single-core performance to multi-core performance, or we might want some enhancements for some specific tasks, like AES-NI. And many more.
I'd say its the details that the PC vendor execute on the motherboard that matter more than anything. The specific way chipsets are wired, the way the BIOS initializes certain features, peripheral chips that might not be FOSS-friendly, etc. Plus, the number of USB controllers and the way the keyboard is wired (PS2 vs USB). These things make or break compatibility with secure Qubes configurations.
So, until we have a running pre-release of R4, we won't really know which models work.
As for the CPU itself, AES-NI seems like the must-have to me. IIRC it can prevent side-channel attacks whereas software AES cannot. Luckily, its a common option on x86 processors aimed at PCs. Of course, I'll also recommend TXT and TPM if it makes Anti Evil Maid work.
RAM is also a security issue because of attacks like rowhammer. Some people recommend an ECC-capable CPU or chipset to help mitigate them.
4. Is there anything else I should be aware of when looking at recent i7 (or maybe i5) CPUs? Hmmm... 'Evil Inside' perhaps? Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bd53a3a7-6c43-dffa-41a8-39647763af7a%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.