26 December 2016 г., 18:00:43 UTC-5 tai...@gmx.com написал: > Lenovo is a shitty company if you care about security, they have stuck > irremovable rootkits their BIOS 4 separate times and they are partially > owned by the PRC government
Having a PRC backdoor is better than NSA one! (most laptop companies are American, so...) By the way, why not to get a Lenovo G505S laptop? 1) It is the latest AMD-based laptop which is supported by coreboot open source BIOS (so no closed source BIOS backdoors), and it does not have Intel ME backdoor. G505S's APUs are Richland - the last generation before AMD started to embed their own version of Intel ME, "AMD Security Processor" or PSP ( http://www.extremetech.com/wp-content/uploads/2013/11/AMDRoadmap-Mobility.png ) Although a closed source vga blob is still required for working graphics, luckily a coreboot's YABEL prevents the possible undocumented accesses of vga blob to other PCI devices 2) Supported by Qubes 3.2 - see HCL, https://groups.google.com/d/msg/qubes-users/TS1zfKZ7q8w/JQFkVF4xBgAJ . Most likely to be supported by Qubes 4.0 ( HVM=y, IOMMU=y, SLAT=y) and seems to meet its certification criteria so far - https://www.qubes-os.org/news/2016/07/21/new-hw-certification-for-q4/ <-- webcam could be covered, speakers and wireless card are not soldered and could be removed, and just checked the last concerning thing - embedded microphone is a PCI device, not USB connected ;) 3) High end version of G505S has a top of the Richland generation A10-5750M APU, 3352 score at Passmark cpu-benchmark. If to compare with i5-6200U of Lenovo T460s, 3933 score - 17% faster. But i5-6200U is dual core, while A10-5750M is quad core. Also, despite being three years older, A10-5750M integrated graphics is faster than of i5-6200U. According to Passmark: Intel HD 520 - 844 G3D score, AMD HD 8650G - 950 G3D score, 13% faster. 3) In contrast with many modern laptops, G505S has two slots for RAM (instead of one) and its RAM is not soldered. That means: when your RAM fails a memtest after some years, instead of paying a fortune for the RAM chips replacement you could just remove RAM and install a new one. Also you could easily upgrade to 16 GB RAM (2x8GB), which helps not to think of RAM usage while using Qubes (currently running 14 VMs at the same time, with a lot of applications started, and they eat just 13 GB out of 16 GB) 4) G505S has either integrated or both integrated and discrete graphics (depends on G505S version). In any case, it is AMD only - which has great open source drivers for Linux. No need for NVIDIA closed source proprietary drivers with telemetry... 5) Almost all the components could be replaced by user, even a CPU is not soldered. Easy to tear down a laptop and assemble it back. Thanks to open source BIOS, no WiFi card whitelist, so possible to install any wireless card which has open source drivers for Linux (such as AR9462) Currently it is almost impossible to buy a new G505S, but the used ones are selling for cheap (e.g. 3 auctions currently at eBay for G505S version with A10-5750M APU, 1 UK and 2 US-based, one of them with buy it now price $250 - half of the original $500) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9e475d58-682b-4a38-973e-f19d45521cab%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
