Re: [qubes-users] Another "Best Hardware" 4 VMs setup question.

2018-01-20 Thread taii...@gmx.com

On 01/20/2018 04:14 PM, Davidson H wrote:

As I understood it, its not *totally* disabled but is *partially* 
disabled (like the TCP/IP stack).
Anyway. Your KGPE-D16 suggestion is interesting (thx!), and that mobo+ 
a 12core 2014 opteron seems like it would be fairly speedy? Certainly 
compared to my old i3/8gb tower. This may sound silly but in the VM 
context, would a 12 core processor be excessive or would it be "fully 
utilized" by Qubes?



16 cores, 32 if you use dual 16 core CPU's.

As always it depends on how many VM's you run and how much CPU juice 
they need.

With 16 cores and 64GB RAM you would truly want for nothing.

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/852eb1f0-1335-49db-747e-7ae6858f9e49%40gmx.com.
For more options, visit https://groups.google.com/d/optout.


AW: Re: [qubes-users] Another "Best Hardware" 4 VMs setup question.

2018-01-20 Thread '[799]' via qubes-users
Davidson wrote:

> I am running 3.2, have 16gb mem, and a
> Samsung ssd drive and it still takes 10 sec
> (timed it) to put up a terminal in a new vm

I am also interested in comparing App(VM) start times, to compare the 
performance.

I have run the following test after boot and with only sys-firewall and sys-net 
running:

Test on my Lenovo x230
Intel Core i5-3320M @ 2.60Ghz
16 GB RAM
500 GB SanDisk SSD
Qubes 4.0rc3
Coreboot'able

startup/boot till xterm window = 17sec (normal AppVM)
startup/boot till xterm window = 21sec (Disposable AppVM)

Test on my Lenovo W540
Intel Core i7-4900MQ @ 2.8 Ghz
16 GB RAM
480 GB Samsung SSD
Qubes 4.0rc3
Not Coreboot'able

startup/boot till xterm window = 15sec (normal AppVM)
startup/boot till xterm window = 16sec (Disposable AppVM)

If the AppVM is already running launching new applications is done within in 1 
or 2 sec.

Your question regarding hardware recommendation:
I would look at the Coreboot HCL/Compatibility List and choose a model which 
fits your preferred display size and resolution.
https://www.coreboot.org/Supported_Motherboards

Using Coreboot you can also remove large parts of Intel ME.

Then as a 2nd test check the Qubes HCL
https://www.qubes-os.org/hcl/

[799]

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ZZb07xj5Bxb2MPWCOFsK9ggitygqGD_gIUiIs59RUxbFXiTR7ldGL9wqatBqd0Xynbp09egpUOUwCXSTwZHO_fZ8eWHB-y_FjGB_6PXo_Dw%3D%40protonmail.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Another "Best Hardware" 4 VMs setup question.

2018-01-20 Thread Davidson H



On 20.01.2018 20:16, taii...@gmx.com wrote:

On 01/20/2018 02:08 PM, Davidson wrote:



I just forgot. I noticed that some places (librem I think, and 
System76 
) 
are selling computers with ME (partially) disabled on their intel 
procs, does anyone know about either buying just procs or mobo/proc 
combos with (partially) disabled intel ME procs?



Purism is a scam, ME can't be disabled.
Please note their "coreboot" is simply a shim loader layer, the
hardware init is done by the intel FSP binary blob moving the trust
layer from the vendor+intel to just intel which I argue is not a real
improvement to justify the high price of their devices.

https://www.reddit.com/r/linux/comments/3anjgm/on_the_librem_laptop_purism_doesnt_believe_in/
https://goblinrefuge.com/mediagoblin/u/onpon4/m/what-purism-s-road-to-fsf-ryf-endorsement-chart-should-look-like/

Google tried to get intel to free ME, if they can't do it then no one 
can.


System76, Purism etc are all using me_cleaner a tool which they didn't
develop so you can buy pretty much any laptop and get the same results
if ME is your only concern although considering the massive security
problems with intel CPU's now I wouldn't buy one.

My laptop recommendation as always is a lenovo G505S, no ME/PSP and
coreboot with open source cpu/ram init (blobs for video/power, but are
removable due to no hardware code signing enforcement unlike intel or
new amd stuff). It works with Qubes 4.0.

For a desktop/workstation I recommend the libre firmware available
KCMA-D8/KGPE-D16 (coreboot with entirely open source hardware init)
they also feature OpenBMC for libre remote management.


As I understood it, its not *totally* disabled but is *partially* 
disabled (like the TCP/IP stack).
Anyway. Your KGPE-D16 suggestion is interesting (thx!), and that mobo+ a 
12core 2014 opteron seems like it would be fairly speedy? Certainly 
compared to my old i3/8gb tower. This may sound silly but in the VM 
context, would a 12 core processor be excessive or would it be "fully 
utilized" by Qubes?


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/663a4163cee48ba6c31a1f9c548f0185%40posteo.net.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Another "Best Hardware" 4 VMs setup question.

2018-01-20 Thread taii...@gmx.com

On 01/20/2018 02:08 PM, Davidson wrote:



I just forgot. I noticed that some places (librem I think, and 
System76 
) 
are selling computers with ME (partially) disabled on their intel 
procs, does anyone know about either buying just procs or mobo/proc 
combos with (partially) disabled intel ME procs?



Purism is a scam, ME can't be disabled.
Please note their "coreboot" is simply a shim loader layer, the hardware 
init is done by the intel FSP binary blob moving the trust layer from 
the vendor+intel to just intel which I argue is not a real improvement 
to justify the high price of their devices.


https://www.reddit.com/r/linux/comments/3anjgm/on_the_librem_laptop_purism_doesnt_believe_in/
https://goblinrefuge.com/mediagoblin/u/onpon4/m/what-purism-s-road-to-fsf-ryf-endorsement-chart-should-look-like/

Google tried to get intel to free ME, if they can't do it then no one can.

System76, Purism etc are all using me_cleaner a tool which they didn't 
develop so you can buy pretty much any laptop and get the same results 
if ME is your only concern although considering the massive security 
problems with intel CPU's now I wouldn't buy one.


My laptop recommendation as always is a lenovo G505S, no ME/PSP and 
coreboot with open source cpu/ram init (blobs for video/power, but are 
removable due to no hardware code signing enforcement unlike intel or 
new amd stuff). It works with Qubes 4.0.


For a desktop/workstation I recommend the libre firmware available 
KCMA-D8/KGPE-D16 (coreboot with entirely open source hardware init) they 
also feature OpenBMC for libre remote management.


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3fc73e8e-81f7-2bc6-8bb2-08dd0e1134e4%40gmx.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Another "Best Hardware" 4 VMs setup question.

2018-01-20 Thread Davidson



On 01/20/2018 01:51 PM, Stumpy wrote:
I have been reading through the forum about the various 
recommendations for hardware. The general consensus seems to be "more 
mem and ssd drive". I am running 3.2, have 16gb mem, and a Samsung ssd 
drive and it still takes 10 sec (timed it) to put up a terminal in a 
new vm. While I can tolerate that I'm really wanting to explore 
options that can give me a faster start up for apps (and appvms). Its 
been awhile since I bought my CPU so I can't remember what it is 
beyond a i5, if the /proc/cpuinfo is right (its a bit confusing for me 
as I don't understand if its showing the nfo for the proc or a virtual 
proc?) then I have a Intel Core i5-4570 CPU @ 3.20GHz and it displays 
for processor 0 and processor 1 so I will go out on a limb and assume 
its a dual core?


Considering my current setup, and the fact that I wholly plan on 
upgrading to qubes v4 once its stable, and that I am willing to fork 
out for a new system (though with a pretty limited budget ~500) could 
anyone make suggestions on the most logical route to take? (hopefully 
not "grin and bear it").

Cheers

PS I have 30 VMs BUT don't usually run more than 10 at a time (due to 
mem i guess) but would probably run about 15 regularly if I could.


I just forgot. I noticed that some places (librem I think, and System76 
) 
are selling computers with ME (partially) disabled on their intel procs, 
does anyone know about either buying just procs or mobo/proc combos with 
(partially) disabled intel ME procs?


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0969c612-8160-951d-099d-b336628f463c%40posteo.net.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Another "Best Hardware" 4 VMs setup question.

2018-01-20 Thread Stumpy
I have been reading through the forum about the various recommendations 
for hardware. The general consensus seems to be "more mem and ssd 
drive". I am running 3.2, have 16gb mem, and a Samsung ssd drive and it 
still takes 10 sec (timed it) to put up a terminal in a new vm. While I 
can tolerate that I'm really wanting to explore options that can give me 
a faster start up for apps (and appvms). Its been awhile since I bought 
my CPU so I can't remember what it is beyond a i5, if the /proc/cpuinfo 
is right (its a bit confusing for me as I don't understand if its 
showing the nfo for the proc or a virtual proc?) then I have a Intel 
Core i5-4570 CPU @ 3.20GHz and it displays for processor 0 and processor 
1 so I will go out on a limb and assume its a dual core?


Considering my current setup, and the fact that I wholly plan on 
upgrading to qubes v4 once its stable, and that I am willing to fork out 
for a new system (though with a pretty limited budget ~500) could anyone 
make suggestions on the most logical route to take? (hopefully not "grin 
and bear it").

Cheers

PS I have 30 VMs BUT don't usually run more than 10 at a time (due to 
mem i guess) but would probably run about 15 regularly if I could.


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/083f00687d53c404ad2b2a5515974bac%40posteo.net.
For more options, visit https://groups.google.com/d/optout.