Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On Mon, May 1, 2017 at 7:22 PM, taii...@gmx.com wrote: > On 05/01/2017 06:44 PM, ron minnich wrote: > > On Mon, May 1, 2017 at 1:17 PM Rene Shuster >> wrote: >> >> Yes Puri.sm has been debunked. >>> >>> I disagree. I've seen the systems. From what I

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On Mon, May 1, 2017 at 4:22 PM taii...@gmx.com wrote: > > > Name one thing that they have done themselves? > > Until you've done a port of a new board and taken it all the way through manufacturing test and verification, interfacing with folks at the vendor, and dealing with all

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On 05/01/2017 06:44 PM, ron minnich wrote: On Mon, May 1, 2017 at 1:17 PM Rene Shuster wrote: Yes Puri.sm has been debunked. I disagree. I've seen the systems. From what I can see, Puri.sm has made a good faith effort to go as far possible *with modern x86

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On Mon, May 01, 2017 at 10:44:45PM +, ron minnich wrote: > On Mon, May 1, 2017 at 1:17 PM Rene Shuster > > Yes Puri.sm has been debunked. > > I disagree. I've seen the systems. From what I can see, Puri.sm has made a > good faith effort to go as far possible *with

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On Mon, May 1, 2017 at 1:17 PM Rene Shuster wrote: > Yes Puri.sm has been debunked. > I disagree. I've seen the systems. From what I can see, Puri.sm has made a good faith effort to go as far possible *with modern x86 chipsets* toward getting rid of the blobs. They

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On Mon, May 1, 2017 at 2:54 PM Raphael Jacquot wrote: > > > what kind of performance can be expected from RiscV ? > > Performance is not the issue. The issue is when it will be ready, and in a laptop you like, and the answer is "not for a while". Further, while the RISCV

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On 05/01/2017 11:44 PM, taii...@gmx.com wrote: Once my opteron systems are no good anymore my next computer purchases will be POWER and ARM for sure, I refuse to buy insecure intel/new amd garbage. POWER is reasonably priced for what you get, it simply isn't meant for the entry level server

[coreboot] PCI-e hot plug on KGPE-D16 [SR-5690]

I checked the SR-5690 datasheet and I noticed it supports PCI-e hotplug, I was wondering if anyone has done this and if so how I can do it? I want to be able to hard reset cards don't play nice with VFIO and end up non-responsive and requiring a system reboot to be assigned again (nvidia of

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

Once my opteron systems are no good anymore my next computer purchases will be POWER and ARM for sure, I refuse to buy insecure intel/new amd garbage. POWER is reasonably priced for what you get, it simply isn't meant for the entry level server market for 10K you're getting comparable power

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On Mon, May 1, 2017 at 1:43 PM Timothy Pearson < tpear...@raptorengineering.com> wrote: > > > As an unofficial poll, if POWER server hardware were ever to come down > in price to more reasonable levels, would you consider switching given > the vulnerabilities in Intel hardware? > In many places

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/01/2017 03:32 PM, Trammell Hudson wrote: > On Mon, May 01, 2017 at 05:13:10PM +0100, Sam Kuper wrote: >> Has anyone here got a link describing or including the fix, either >> directly from Intel, or from an OEM? > > Intel just posted one: > >

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On Mon, May 01, 2017 at 05:13:10PM +0100, Sam Kuper wrote: > Has anyone here got a link describing or including the fix, either > directly from Intel, or from an OEM? Intel just posted one: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075=en-fr -- Trammell -- coreboot

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/01/2017 03:15 PM, Rene Shuster wrote: > Yes Puri.sm has been debunked. Can someone confirm that if you want > recent hardware without Intel ME then Chromebooks with MrChromebox.tech > SeaBIOS ( https://mrchromebox.tech/#devices ) is the way to

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

Yes Puri.sm has been debunked. Can someone confirm that if you want recent hardware without Intel ME then Chromebooks with MrChromebox.tech SeaBIOS ( https://mrchromebox.tech/#devices ) is the way to go? On Mon, May 1, 2017 at 3:34 PM, BogDan Vatra wrote: > Ah, I thought it's

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

Ah, I thought it's something inside the CPUs :) It sound so familiar ... On May 1, 2017 21:38, "mdn" wrote: > > > Le 01/05/2017 19:59, BogDan Vatra a écrit : > > Hi Ron, > > > > If anyone can *prove* that it is/was possible to remotely access *any* > > Intel (from

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

Le 01/05/2017 19:59, BogDan Vatra a écrit : > Hi Ron, > > If anyone can *prove* that it is/was possible to remotely access *any* > Intel (from 2008+) based computer, it's the beginning of the end of > Intel. > > BogDan. > > P.S. I know what Intel ME and AMD PSP are*, but I have no idea what >

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

Hi Ron, If anyone can *prove* that it is/was possible to remotely access *any* Intel (from 2008+) based computer, it's the beginning of the end of Intel. BogDan. P.S. I know what Intel ME and AMD PSP are*, but I have no idea what WEP is. So, sorry for my stupid question, but what is WEP? *

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On Mon, May 1, 2017 at 10:30 AM BogDan Vatra wrote: > Maybe this is a new fools' day joke? May fools' day joke? > This looks way too bad to be true ... > > Not too bad to be true, not surprising to many of us who have been warning of this since, say, 2004. It's just that nobody

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

I don't like that article because they shill for purism at the end. Nothing that purism does is special they're just an overpriced quanta laptop that they ran someone elses tools on - they'll never figure out how to really disable ME because it can't be done. I can't understand why they

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

Maybe this is a new fools' day joke? May fools' day joke? This looks way too bad to be true ... BogDan. P.S. I didn't found any Intel patches from April 25th... 2017-05-01 18:38 GMT+03:00 Shawn : >

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

I use a KGPE-D16 for gaming and it works great, why? why not? libre firmware should be the expected default. I updated the wiki article a few months ago to include recommended CPU's. C32 - dual channel max G34 - quad channel + more RAM The only reason to use C32 is the EE cpu's for routers

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/01/2017 11:16 AM, persmule wrote: > > We could just remove or cleanse > the ME to seal this loophole. This particular hole, perhaps. Do we know that "cleansing" the ME doesn't simply introduce a bigger

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

The ME is the WEP of motherboards. On Mon, May 1, 2017 at 9:18 AM persmule wrote: > We could just remove or cleanse the > ME to seal this loophole. > > > 在 2017年05月02日 00:13, Sam Kuper 写道: > > On 01/05/2017, Shawn

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

We could just remove or cleanse the ME to seal this loophole. 在 2017年05月02日 00:13, Sam Kuper 写道: > On 01/05/2017, Shawn wrote: >> https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ > The piece states, "on

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

On 01/05/2017, Shawn wrote: > https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ The piece states, "on April 25, Intel released a firmware fix for this unnamed issue. It affects every Intel machine from Nehalem in 2008 to Kaby Lake in 2017." Has

Re: [coreboot] Remote security exploit in all 2008+ Intel platforms

how can this be? Intel has promised me for 15 years now that this would never be an issue! There just has to be some mistake. Oh, right, now I remember. The ME is the mistake. ron On Mon, May 1, 2017 at 8:39 AM Shawn wrote: > >

[coreboot] Remote security exploit in all 2008+ Intel platforms

https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

Hi BogDan, > Run *dmidecode* and search for "Interleaved Data Depth" to check if > the ram is running in quadchnnel mode you (check > https://unix.stackexchange.com/questions/215206/detect-number-of-ram-channels > for more info on this matter). In your case you should have two > "Interleaved Data

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

Hi Daniel, Run *dmidecode* and search for "Interleaved Data Depth" to check if the ram is running in quadchnnel mode you (check https://unix.stackexchange.com/questions/215206/detect-number-of-ram-channels for more info on this matter). In your case you should have two "Interleaved Data Depth: 4"

[coreboot] ASUS KGPE-D16 Automated Test Failure [master]

The ASUS KGPE-D16 fails verification for branch master as of commit 0a4a4f7ae4188bccf4147196f08620453ef0633c The following tests failed: BOOT_FAILURE Commits since last successful test: 0a4a4f7 mb/*/mainboard.c: Get rid of SPI AFC register See attached log for details This message was

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

Hi Bogdan, I am running my KGPE-D16 with 2x6276 and 16 of these 8GB Samsung RDIMMs: M393B1K70DH0-YK0 They work fine in coreboot. If you want to run them at 1600MHz, you need to raise the voltage to 1.5V even if the vendor bios clocks them at 1600MHz with 1.35V. They work fine in this setting

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

Hi BogDan, Your build is going to be really nice :). My comment was simply a generalized curiosity about how the Opterons stacked up against each other. Also as far as I can tell, the G34 motherboards seem to be somewhat easier to source. On 05/01/2017 03:42 PM, BogDan Vatra wrote: Hi,

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

Hi, Well, as I said I already bought the motherboard and the CPUs and now is too late for me to consider other configs. IMHO it will be nice to have a wiki entry with coreboot friendly (full?) configs. Regarding the CPU power, I hope that my yocto/qt builds will be faster on 2 x 16 Core 6276

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

Thank you for the clarification... And help provided to Coreboot community. :-) Zoran On Mon, May 1, 2017 at 9:21 AM, BogDan Vatra wrote: > Hi Zoran, > > Is not for gaming only :), it's *also* for gaming. I play games once > per week and then I want my games to run ok. > I'll

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

Hi, Apart from features such as greater memory bandwidth, more cores, and more CPUS in an MP configuration (2/4), what are the advantages of the G34 vs C32 sockets? The C32s have CPUs with TDPs as low as 35w and more cores with higher clocks in a dual CPU configuration, i.e. the 4340 has 6

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

Hi Zoran, Is not for gaming only :), it's *also* for gaming. I play games once per week and then I want my games to run ok. I'll usually using it for programming. Regarding why use coreboot instead of (AMI) BIOS, well, I think the question is why to use (AMI) BIOS when I can use coreboot ;-). I

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

On 05/01/2017 01:51 AM, BogDan Vatra wrote: 2017-04-30 23:49 GMT+03:00 taii...@gmx.com : On 04/30/2017 04:46 PM, taii...@gmx.com wrote: On 04/30/2017 08:05 AM, BogDan Vatra wrote: Hi, I'd like to build desktop/workstation for my personal use (lots of compilations + of

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

Hello Bogdan, One question for you: why you are using specifically Coreboot as boot-loader, instead of (AMI) BIOS? The question is because you are using desktop with AMD CPU for gaming. No specific needs for Coreboot, which is mainly for embedded applications. Any specific reason why you are

Re: [coreboot] Recommended memory for coreboot + ASUS KGPE-D16

2017-04-30 23:49 GMT+03:00 taii...@gmx.com : > On 04/30/2017 04:46 PM, taii...@gmx.com wrote: > >> On 04/30/2017 08:05 AM, BogDan Vatra wrote: >> >>> Hi, >>> >>> I'd like to build desktop/workstation for my personal use (lots of >>> compilations + of course gaming on linux) >>> I