On Wed, 15 Jul 2015 14:20:06 -0400 Josh Grosse <[email protected]> wrote:
> On 2015-07-15 11:52, Chris Cappuccio replied to Michael McConville. > First, a quick reply to Michael: > > > Michael McConville [[email protected]] wrote: > >> > >> Someone correct me if I'm wrong, but it seems that the days of i386 > >> images being reasonable to run on amd64 hardware are coming to an > >> end. i386 support appears to be a fading priority for most > >> projects and the subset of amd64 features used is growing quickly. > > I still have several OpenBSD/i386 machines, and they work very well. > > In the years to come, long after they are eventually replaced, I > assume that OpenBSD may still have i386 in the active pantheon, for > testing the robustness of its multi-architecture code base, if > nothing else. > > On 2015-07-15 11:52, Chris Cappuccio wrote: > > > I've never even ran across one of these very early 64-bit Intel > > chips without N^X (those are the primary ones that you'd want to > > run i386 on). > > Even my oldest 64-bit Pentium 4 chips claim NX support. The story > > goes that Intel didn't want to copy AMD's NX support but implement > > it differently. Microsoft told Intel they would only support one > > implementation and AMD's was it. > > I believe I have one in inventory -- it is currently not in use, and > is powered off. If memory serves the OS last installed on it was > i386, due due to the warning in the FAQ. > PIE and ASLR other security features are either turned off on i386, in compatibility modes, or are dialled down versions. It's not just about a small speed difference, there are big security differences between the architectures. OpenBSD adds most of the security features for amd64 first, or in its strongest iteration for amd64 anyway. So, while i386 isn't poisonous, you should really use amd64 if you are able to.
