On 03/02/2018 12:12 PM, andrewashbac...@gmail.com wrote:
On Wednesday, January 13, 2016 at 5:15:06 AM UTC-8, mariusz...@gmail.com wrote:
Same as topic name. I am currently running mac os with heavy virtual machines
usage to get more security/privacy. I will probably switch to linux soon but
since i plan on using a lot of one time use VMs or even whonix i would rather
get as secure host as possible. So i figured why not use Qubes OS since i
already do everything manually.
If not mba what high end ultrabook would you recommend ?
If I was you I would buy a refurb G505S (owner controlled, with open
source hw init coreboot, blobs for video and power, no ME/PSP) plus a
high performance workstation which you can connect to remotely such as a
the libre hardware/firmware TALOS 2.
An alternative laptop choice is the X230 (open source hw init but it has
ME - which can be nerfed but not disabled/removed via me cleaner) I have
one and it is very light while still having a variety of ports to use
and a nice docking station.
Apple products don't have usable ports (macbook "pro") and you have to
have both the battery and the power cord at the same time for the CPU to
reach its highest frequency...until it downclocks due to insufficient
cooling.
There aren't really any laptops that have truly good security unlike on
the workstation realm where you have:
OpenPOWER9:
TALOS 2 (very fast)
x86_64:
KGPE-D16 (the best G34/C32 CPU's are just fast enough to play modern
games in a VM, but are very slow vs OpenPOWER9)
KCMA-D8
Unfortunately now POWER is the only owner controlled performance CPU
arch, modern x86_64 can't ever be owner controlled and ME/PSP can't ever
be disabled.
Have you seen the Purism Libre laptops? https://puri.sm/products/librem-13/
Purism is a scam, their laptops are not at all libre or open source and
they never will be for a variety of reasons.
https://www.reddit.com/r/linux/comments/3anjgm/on_the_librem_laptop_purism_doesnt_believe_in/
https://goblinrefuge.com/mediagoblin/u/onpon4/m/what-purism-s-road-to-fsf-ryf-endorsement-chart-should-look-like/
Don't buy from them, you gain no security and you are supporting a bunch
of scumbags.
It isn't as if it is impossible to make a libre computer with modern
hardware, a variety of other companies make them (eg: bunny huang -
novena, raptor cs - talos 2, etc).
OK so lets say you have millions to spend on reverse engineering (they
don't) and for some reason you don't consult actual hardware engineers
who would tell you to spend it on making a high performance POWER laptop
like a laptop of the TALOS 2 (downclock the 95W CPU + custom mobo =
POWER laptop).
Years later your reverse engineering guys you somehow figure out how to
run code on the ME core but it doesn't matter because you would be
breaking the law to actually use this in both the US and EU as breaking
DRM is illegal and ME is DRM (PAVP, HDCP, intel insider etc)
By then the hardware would be too old to be useful therefore anyone with
a brain can figure out whats really going on (hint: its about stealing
money from real projects like novena and talos 2 by selling faux libre
laptops)
ME Cleaner nerfs ME it doesn't disable it (and purism didn't make ME
cleaner - they simply profit off the work of others)
Coreboot doesn't mean open source firmware like it used to, the hardware
init for modern x86-64 hardware is all done by binary blobs.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/4ea3ab65-059f-bf4c-0271-91b32e93443a%40gmx.com.
For more options, visit https://groups.google.com/d/optout.
