This general is dedicated to the creation of a list of hardware that is relatively botnet-free. The Intel ME and other components are a serious threat to user privacy.
>"But what's the Intel ME, user?" I'm glad you asked! The Intel ME, or Management Engine, is a secondary co-processor in every single Intel chip in the last decade. It runs a MINIX-based operating system and has full networking capabilities, drivers, and a goddamn web server in it. networkworld.com/article/3236064/servers/minix-the-most-popular-os-in-the-world-thanks-to-intel.html This page offers additional information, and explains that it can read your files and applications, act as a keylogger, capture the screen, inject rootkits, etc. libreboot.org/faq.html#intelme Very nasty stuff.
>"b-but how can I avoid this? Im scared, user!" That's the point of this thread. To highlight options that are out there that are relatively free of botnets. This will include the typical Librebooted memepads and whatnot, but a big part of this is also exploring alternative architectures.
Is ME disabled System76 laptops are the way to go?
Parker Peterson
(2/3) For inclusion into this list, if the processor is made by Intel Corporation or Advanced Micro Devices, the device must be 100% free as in Libreboot. Otherwise, a less-extreme stance is taken, and something like Coreboot or U-boot will suffice.
(3/3) In general, your biggest concern with ARM is the GPU drivers. Mali is fucked. PowerVR too. Vivante GC and Qualcomm Ardreno are fine. Broadcom VideoCore is partial. en.wikipedia.org/wiki/Free_and_open-source_graphics_device_driver#ARM MALI MIGHT BE GETTING OPENED UP PRAISE LINUX TORVALDS TECH TIPS lwn.net/Articles/738225/ Some anons have reported that lighter environments like XFCE are usable on stuff like Mali without the driver, but it's not ideal. One user said he couldn't remove the ChromeOS on his libreboot C201. This github issue talks about a solution. github.com/altreact/archbk/issues/3
OpenPOWER: Raptor Engineering sells POWER9 workstations, that may soon be getting RYF certification. They're expensive as fuck, but probably the most powerful non-botnet computers that exist. Comparable to Xeons/Epyc. raptorcs.com/TALOSII/
I personally don't trust it. I'll believe it when I see Libreboot. That said, if you're less paranoid than I am, and wanna give it a go, go right ahead! I'm sure they're excellent laptops, and they come with GNU/Linux, which is always a plus.
Jack King
Bump
Since nobody else has yet, I did the digging on Zhaoxin. They're going out of the list. For those who are out of the loop, we found them in a much earlier version of this general. They're a chink company that makes their own x86 processors. Pretty sweet!
But There are two issues that made me drop them. One is that I see absolutely no mention of firmwares or low-level components here, and I also couldn't find any implementations. They have a listing of some products that implement their stuff apparently, but I couldn't find a single one of these things!
I decided to make a big, autistic collage of my findings. It's pic related.
Wyatt Thomas
To clarify on this shit, at the top left, you see that they are a state-owned company. That's no big deal, as Lemote is also very nationalisitic, yet they do use Libre firmware for their stuff, so they're cool. en.zhaoxin.com/about.aspx?id=1
As mentioned, they list products from various companies. I went over to Chinese Lenovo, but couldn't find any of this stuff. It's all Intel Processors, and I couldn't find the listed model from the Zhaoxin site. b2b.lenovo.com.cn/product/laptop/zhaoyang
INESA is very "Smart" and "Intelligent", and repeat it constantly like they're a Rick and Morty fan, but they don't seem to be in the business of selling computers anymore. inesa.com/
CZC seems to be selling computers from various big-name brands. They also sell mining rigs, so if you're into that, there you go. czc.cz/
Lastly, Tongfang is a chink computer maker, and from poking around their site for a bit, I think some of their stuff MIGHT use something other than Intel, but that's only because those products don't explicitly bring it up. More than likely, all of their stuff uses Intel or AMD shit. tongfangpc.com/index.html
Aiden Cox
>he doesn't mention K10 processors anywhere in the OP My Phenom O N E outperforms pretty much all but the absolute highest tier C2Qs and don't forget that Phenom II has a substantial single core performance boost and 6 core high clock variants, they're all fairly cheap ways of getting into /HRT/ if you ask me and generally better than Core2 for performance.
Joshua Martin
If you read the post, you should've seen that I point out the exact point at which the PSP came in. >The last AMD chip that came without the PSP is Piledriver. I'm glad you're happy with your Phenom. Hopefully it can eventually be Core/Libre-booted too, like the C2Ds and C2Qs are.
Adam Murphy
Another user here. I'm currently on Phenom II X4 965. I can do pretty much everything I want on it (mostly blender + photoshop stuff) beside modern gayming. For a long time I wanted to sold it. Even bought 4790k machine. But now I think that I will keep Phenom as main Linux desktop, and use I7 for botnet stuff only.
Hudson Johnson
The whole "always connected" shit that qualcomm and microsoft are introducing is going to be a whole new level of botnet.
On an unrelated note, would using a dumbphone like pic related be a less botnet alternative to using a smartphone? Thinking of just using for calls and SMS and doing other tasks on a secure computer.
Alexander Lee
I use a prepaid flip phone. I have a fondness for feature phones.
Austin Anderson
>tfw still using an FX-8350 in my desktop >tfw just bought a laptop with an E2-1800 APU >tfw my hardware is botnet free and still does what I need it to do.
Tyler Adams
What laptop? Thinking of getting an x131e with this APU
Jace Taylor
For smartphones, there's two libre options that exist right now.
replicant.us/ This is a custom Android rom that is Free as in Freedom, and runs on a few phones. It's very limited, in that almost everything aside from basics doesn't work. It doesn't have Wifi, 3D graphics acceleration, Bluetooth, and in some cases the camera is limited. So in general, it's not a good choice, but for a while, it has been the only real relatively botnet-free phone option.
More recently though, Purism has started this project puri.sm/shop/librem-5/ It's a phone that runs GNU/Linux! Not Android or some proprietary thing, but actual GNU/Linux, with GNOME 3 or KDE Plasma Mobile. It will have all components fully working, baseband separated from CPU, and ship with their own PureOS, which is a Debian-Based rolling distro.
Charles Garcia
An x131e, actually. I installed Debian Testing on it and it's really comfy.
Lincoln Sanchez
can someone tell me what OwO (and uwu, etc) mean?
Liam Richardson
They're weeb emoticons. OwO like a wide-eyed cat-mouthed excited furfag and the rest kind of makes sense from there.
Mason Sanders
As a side note, you may want to select "standard system utilities" in the installer if you decide to install Debian. I tried doing a minimal install, and the laptop would freeze whenever I closed the lid or used suspend. Reinstalling with standard system utilities fixed it.
Easton Allen
Why haven't you Librebooted your Thinkpad yet, Sup Forums?
Anthony Murphy
>like a wide-eyed cat-mouthed excited furfag suddenly it makes sense
Leo Nelson
>The whole "always connected" shit that qualcomm and microsoft are introducing is going to be a whole new level of botnet. How do we kickstart massive backlash?
Mason Mitchell
Ok probably going to drop VIA from the list as well for now, but they aren't as weird/shady as Zhaoxin. They sell embedded x86 boards with their own processors. Most of them are pretty, well, ""embedded"" in the sense that they are like 1GHz things, but there is one that is 2.0GHz and boasts about its performance being pretty damn good while being low power and all that. Bad news though is that it has a proprietary BIOS. If there is demonstrable proof that they can be Corebooted, I'll add them to the list in a heartbeat. There are already a few of them that exist on the coreboot supported motherboards list, but they have a "Lastest known good" of Unknown, so I don't know what that means in the grand scheme of things.
That's an awesome rice!
...i hope that's a rice
Nathaniel Perez
I got a little inspired by Illyaposter.
Benjamin Parker
I how intel goes balls-to-the-wall with x86 emulation lawsuits against qualcomm. But inevitably integrated botnet will become standard. We can: >use old equipment (pre-psp/ME) >use simple equipment (dumbphones and the like) >use alternate networks (meshnets, satellite digipeaters, sneakernets) >use hardware designed for military (top tier security) >"be a good goy"
The march of the botnet is inevitable, but there are sideroutes. All of them have their trade-offs, however. ROM flashing might soon be the ultimate "hacker" skill.
James Williams
It is! And thanks!!
Nathaniel Stewart
>The march of the botnet is inevitable
Luis Collins
Annihilation of society as we know it is literally the only method of stopping it. There are two things that drive the botnet >greed >technological progress Stopping either is impossible. Find ways to work around it. Play the rules, not the game.
Daniel Smith
how do I libreboot? planning on getting a t400
Alexander Russell
>technological progress Progress is a misnomer. Greed is cured by suppressing success.
>CPU separate from Baseband >Hardware Kill Switches for Camera, Microphone, WiFi/Bluetooth, and Baseband >Separates CPU from Cellular Baseband >The CPU will be an i.MX 6 or i.MX 8, where we can separate the baseband modem from the main CPU, digging deeper and deeper to protect your privacy and isolate components for a strong security hardware stack. >Separate mobile baseband >The mobile baseband will most likely use ROM loaded firmware, but a free software kernel driver. We intend to invest time and money toward freeing any non-free firmware.
Jacob White
So in other words, the Baseband is unavoidable, but they are going to be doing everything they can to minimize its risks.
Gabriel Parker
That's very cool. Supporting this project.
Julian Wood
Does anyone else have any suggestions?
Charles Baker
...for?
Tyler Gutierrez
The list?
Xavier Lewis
Tell people to avoid the new arm laptops and their "always connected" mantra. Maybe also include some resources for learning the skills involved (electronics repair, rom flashing, links to other threads like /tpg/ and /ohm/)
Chase Hill
owo whats this? it appears we have a new friend, just so you know you are here forever user-kun
Bentley Nelson
GUYS HOLY SHIT HOOOLY SHIIIT!
PogoLoonix got back to me! Apparently the dude is going on Bryan Lunduke soon to talk about the ME and whatnot. He seems very overly trusting of Intel, as can be seen from this snippet, but he does say that the ARM servers have gotten more popular, possibly because of the ME concerns.
Xavier Gutierrez
bumpbumpbumpbumpbump
Liam Lopez
Nice list, have you considered adding a page on the installgentoo wiki?
Evan Collins
Assuming the 771 socket X5650 can be installed in the 775 socket GA-G41M-ES2L, would it be a faster (single-core wise) choice that a X200?
Jonathan Cooper
>X5650 What sort of retard juice did you drink this morning? The X5650 is an LGA 1366 socket CPU, and couldn't ever work in that motherboard.
Isaiah Lewis
Who says I haven't?
Xavier Young
>use hardware designed for military (top tier security)
Bonus points for TEMPEST
Jonathan Cruz
>What sort of retard juice did you drink this morning? Meant the E5450.
Ayden Evans
that may be a good idea.
noice
Anyone? He said he couldn't address everything because he's very busy right now, but I did get the email back finally.
>Sorry for bullying you user. I am having a bad day. No worries senpai, I should have double checked before posted; all the Xeons of that era merge into one in my mind. I hope you have a better day tomorrow. >And that is without heat throttling etc. Because the X200's CPU is a laptop one limited by the thermal capacity of a laptop's fan?
I generally find laptops ought to be solely laptop task and desktops for desktop ones, I would rather build a GA-G41M-ES2L based desktop than use a X200 as a desktop replacement (in its docking station).
Ian Price
>Because the X200's CPU is a laptop one limited by the thermal capacity of a laptop's fan? The higher end Core2Duos in the X200 can get pretty warm, and downstep to reduce temperatures, which effects performance. >I generally find laptops ought to be solely laptop task and desktops for desktop ones I agree, although my proffered configuration is a high powered server and a laptop acting as a dumb terminal to the server.
Dominic Campbell
>The higher end Core2Duos in the X200 can get pretty warm, and downstep to reduce temperatures, which effects performance.
Doesn't happen on mine, and all of the processors that come with the X200 are the same TDP so... I don't know where you got that false information. Put somore thermal paste on yours or something, assuming you even have one.
Evan Brooks
>I agree, although my proffered configuration is a high powered server and a laptop acting as a dumb terminal to the server. I see, so the laptop is merely the interface, while the server provides the horsepower.
Is that an librebooted Operton-powered server desu?
>The higher end Core2Duos in the X200 can get pretty warm, and downstep to reduce temperatures, which effects performance. A desktop CPU can also benefit from a beefy cooler, such as a Noctua cooler.
Jackson Young
librebooted
Oliver Wilson
Same user again; would you know which CPUs are compatible with a librebooted Gigabyte GA-G41M-ES2L? I can't see if any of them might not work with a librebooted G41M-ES2L.
