The problem is that this laptop will have to be somewhat mobile, while having atleast the performance to act as a decent hypervisor for everyday use. (will be running qubes). I was thinking about a 12-16gb ram quad core with integrated Intel Iris 5xx graphics. Single (Opal 2.0) SSD would be sufficient, as long as its 256-512gb. This would mean that I would be forced to use one of the newer intel chipsets, are these really so flawed that you would recommend against them?
What about an mobile xeon based platform? Think something like Xeon Intel® Xeon® Processor E3-1515M v5 <https://ark.intel.com/products/93358/Intel-Xeon-Processor-E3-1515M-v5-8M-Cache-2_80-GHz> . Would you guys really say that modern intel processors can not be trusted enough for situations where very high security is required ? By the way, what about intel Vpro? I heard this has some kind of backdoor in it? Some even stating there is a 3g cellular backdoor in it, but I find this hard to believe. Could someone give me some further explanation on these matters? Lets say that I lose the laptop requirement, and go for something that acts as a server that I ssh into with my dedicated remote client, what would my possibilities be in that case? Seems to me there is actually no high performance open-source hardware available that is truly open-source and secure.... That just makes me sad when I think about it. Oh, and the Power8 Talos project is doomed, there funding failed big time, so thats not an option neither. Hope to get some more input on this matter. HQE On Friday, 30 December 2016 14:32:26 UTC+1, [email protected] wrote: > > Desktops: > Libreboot is entirely possible on a decent CPU, you can use a KGPE-D16 > with a 62xx series CPU, I do that and I play the latest high end pc > games with only 25% CPU usage of 8 cores. > > I am tired of people spreading mis-information, if you do not bother to > do basic research you shouldn't comment on a topic. > > Laptops: > For laptops I would get a novena, it lacks IOMMU but you can use a > non-DMA capable networking device. > > If you want a "mobile workstation" that isn't custom built your best > option is to get a slightly older coreboot compatible pre-FSP thinkpad > and use ME-Cleaner. > > Info: > New intel and amd is entirely impossible however due to a variety of > reasons including ME/PSP. > SGX etc are things designed for DRM, they take control away from the > user who no longer has absolute authority over the device they paid for. > > There is also POWER8 machines from IBM which have open firmware and easy > virtualization out of the box, although you wouldn't be running qubes as > there is only x86-64 arch available at the moment. > https://www.crowdsupply.com/raptorcs/talos - power workstation > motherboard, expensive but lots of bang for your buck, more than you > would get from intel/amd for the same price. > > > If you don't mind me asking what exactly are those "highly sensitive > files"? > -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/40eaa978-aeeb-447d-937a-081090e52423%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
