On Monday 17 January 2011 12:12:08 Mark Knecht wrote: > On Mon, Jan 17, 2011 at 11:57 AM, <meino.cra...@gmx.de> wrote: > <SNIP> > > > So...why should I try unknown code patched into my CPU. > > > > It looks like "install this virus" from the security point > > of view, doesn't ist? > > That was my point. > > I think the idea Volker is suggesting is the micro-code updates go > from AMD (who understands what the issue is with their processor) to > the BIOS manufacturer (Phoenix or whoever did yous) and get > incorporated in a secure way. They are 'known good' in the BIOS update > we receive and write into a Flash drive. It's just a choice whether > you want to use that part of BOIS or now. > > After all, _any_ BIOS update represents an opportunity for someone to > really mess you machine up. Doesn't matter if it's micro-code or > something else. > > That's my reading of this so far.... > > - Mark
also the microcode you download is from amd's servers. If you don't that stuff - you can't use CPUs because they might be loaded with 'hacked' microcode from the start. Or motherboards, because the bios might be hacked. Or the linux kernel because maybe somebody incorporated code into linux. gcc and binutils that looks innocent but combined will kill your machine. On the other hand, CPU bugs can result in miscalculations. Very, very expensive miscalculations. So what is worse - an instable, incorrect CPU or paranoia?
