On 12/12/2018 09:11 PM, Sphere wrote: > On Thursday, December 13, 2018 at 9:59:27 AM UTC+8, [email protected] wrote: >> On 12/12/2018 03:56 PM wrote: >>> New to Qubes with basic Linux knowledge i installed successfully a desktop >>> system with follwing configuration: >>> >>> Qubes 4.0, CPU Ryzen 5 2400G, MB ASRock B450 Pro4, GPU Radeon R7 370, 32 GB >>> RAM >>> >>> I can update templates and install appvms without issues. Everything works. >>> >>> My question is now: On Boot screen i get some error messages (see following >>> screen). Possibly there is a lack of safety i can not estimate. Everything >>> works but under the surface i did not know if it is as safe as it should >>> be. Are there some basic tests which should be made? Or is it enough when >>> the system works? >>> >> >> Well you are stuck with a system that has a very obvious frontdoor >> backdoor called AMD PSP platform "security" processor (as in security >> from you) that prevents you from doing as you please with the system >> firmware hence it is not really your computer. >> >> If you want one that is owner controlled and has free (as in freedom) >> open source firmware I have written many walls of text on this subject >> so just use a non-google search engine to find my previous posts. >> >> You also are using gmail which is really bad if you care about not being >> put of of work or murdered by a robot - your emails and re-captcha >> solves are fed in to a massive database that helps googles AI research >> including killer robots like project maven and also of course sold to >> advertisers and anyone else who can pay. >> >> I do not load images from random people if you want help you have to >> send text only. > > How about give us keywords to help us search this and have it at the first > search result?
KGPE-D16 KCMA-D8 g505s coreboot - your keywords :D Just search my email address and look at what I post on threads asking for board recommendations > > As for stefanne's inquiry, here are my thoughts: > It's usually normal to see error messages on start of a linux system cause > consumer motherboards production processes still have no proper arrangement > to fully support Linux operating systems much to our dismay. > To check the level of your safety, I recommend you produce one of these and > see the results: > https://www.qubes-os.org/doc/hcl/#generating-and-submitting-new-reports > > If it's a yes on HVM, IOMMU, and SLAT then that means your hardware works > very well on Qubes. To further increase security, I recommend you to turn off > SMT (Simultaneous Multi-threading) as recently there's been a high surge of > vulnerabilities involving multi-threading/hyperthreading and will probably > haunt us for years to come. Nah that only applies to intel's HT and he has an AMD system. > > Additionally, if you have an entry of IOMMU=no > Go search around your BIOS setup for an option like AMD-Vi or IOMMU and set > that to enabled. > Product another report to check and see if the entry changes to IOMMU=yes > IOMMU is essential because it protects you from alot of complex attacks like > Direct Memory Access (DMA) attacks. > > Lastly, check for updates everyday and never neglect them for maximum > security! > After all this, you may want to configure a VPN. > > As for the Platform Security Processor, well it's an option for people > whether or not they would go with it. It is not an option - it can't be disabled! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b7cb4ce5-550e-27f2-6a16-8339cfc47658%40gmx.com. For more options, visit https://groups.google.com/d/optout.
