I’m talking about being able to use the latest 16-Core CPUs without a malware/spyware inside it.
Intel processors are not considered “Spyware or malware”. If you want to use the latest Intel CPU with Qubes Os feel free to do so.
What better community than Qubes to start something to solve this? Ask for donations, kickstarter, whatever.
Well, it is much more complicated than that.
The process of creating a computer processor is highly complex. Here a some general steps :
- Create the logic and instruction set for the CPU, including the control unit, ALU, and registers.
- Decide on the basic design and functionality of the CPU, including the instruction set architecture (ISA), microarchitecture, and data path.
- Produce the CPU using a semiconductor manufacturing process, such as lithography, etching, and doping
…
That will require significant amount of time, fund, specialized equipment and software and more importantly dedicated semiconductor manufacturing experts.
paid to people who successfully disable spyware/malware on newer CPUs.
What do you consider a “spyware/malware” ?
Are you talking about the Intel ME ?
The fear of PSP/ME is completely illogical. ME was originally developed has a remote PC management solution for sysadmin.
Just because something is proprietary does not mean it’s a backdoor, malware. On the other hand, just because something is open source does not mean it’s “safe”. History has shown us that.
Just because a program is not open source does not mean you can’t audit it. (The ME has been audited, and you actually can audit it yourself if you have the correct knowledge, time and tools.
I don’t like the idea of Security by obscurity, but every security expert knows that it can be required for critical pieces of software. Just in case you aren’t aware, Qubes Os is not 100% open source.
Should you disable the ME ? Yes, probably. On ME versions from 11.x (From Sky lake microarchitecture) you can disable it by setting the HAP bit.
I love Dasharo teams because they’re honest, they know their stuff, they actually help open source projects like Coreboot and most importantly they don’t make false marketing campaigns.
If you want to support their awesome work, you can buy the new Qubes OS Certified Desktop.
It is possible to buy only the motherboard if you want to use different components, MSI PRO Z690-A DDR4 motherboard with Dasharo.
Or you can directly install dasharo on a compatible motherboard, open source dasharo firmware.
Keep in mind that installing an open source Bios or disabling the ME “spyware” will not make your processor open source. We know that the Intel Management Engine is there because intel wanted us to know that it exists.
Do you really think that if intel wanted to implement a built-in “spyware” they’ll have taken the time to advertise it ? I don’t think so.
Currently, there’s no processor completely open source. Even RISC-V/POWER9 are still considered proprietary.
I can fully understand your frustration, but you should be aware that in the Security field we trust.
If you don’t then simply don’t use a computer.
