[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gNewSense-users] CPU
|
From: |
Will Hill |
|
Subject: |
Re: [gNewSense-users] CPU |
|
Date: |
Mon, 17 Jun 2019 12:32:52 -0500 |
|
User-agent: |
KMail/1.9.10 (enterprise35 0.20100827.1168748) |
If your Microcode is non free software, patching will not make your computer
secure any more than patching Windows will. The folks at Libreboot say this,
"CPU Microcode implements an instruction set. See description. Here we mean
microcode built in to the CPU. We are not talking about the updates supplied
by the boot firmware (libreboot does not include microcode updates, and only
supports systems that will work without it) Microcode can be very powerful.
No proof that it’s malicious, but it could theoretically"
"There isn’t really a way to solve this, unless you use a CPU which does not
have microcode. (ARM CPUs don’t, but most ARM systems require blobs for the
graphics hardware at present, and typically have other things like soldered
wifi which might require blobs)"
"CPUs often on modern systems have a processor inside it for things like power
management. ARM for example, has lots of these."
https://libreboot.org/faq.html#cpu-microcode
GNU Certified Respects Your Freedom computers replace the "BIOS" and treat
microcode as a part of the machine, a circuit that can not be changed. I
can't tell you if you can trust your life to this, but it is a comfort to be
able to change the network hardware out and have a machine that won't
cooperate with the microcode the way Intel may have expected.
On Tuesday 28 May 2019, address@hidden wrote:
> Aye, are there any resources on how gNewSense pushes micro code update
> to fix the cpu exploits.
>
>
> I've been working on an issue to try and get it listed to privacytools.io
>
> https://github.com/privacytoolsIO/privacytools.io/issues/936
>
>
> But this seems to be users biggest concern.
>
>
> Thanks!