Stuart Longland <stua...@longlandclan.id.au> wrote: > On 2/7/19 5:43 pm, John Long wrote: > >> What do you think and do when using OpenBSD on this kind of hardware? > > Lemote boxes are kinda neat but they're not the fastest in the world. > > It beats the hell out of the alternatives if you can live with the > > limitations. > > Gentoo was donated two Lemote Fulong 2Es back when I used to maintain > their MIPS port. Compared to the other machines we supported at the > time (aging SGI boxes and Cobalt Qube), they were a breath of fresh air. > > Fast enough to actually do useful things on, even play Quake II (with 3D > acceleration … for about 10 seconds until X crapped itself). > > The Loongson netbook was a backward step in terms of graphics hardware > though, and a lot of software has problems with MIPS regardless of ABI > (I've tried o32, n32 and n64). > > Shame, because it is a nice enough platform. > > As for espionage… unless you're going to sit there with sand you've > mined yourself, refine it, and make your own semiconductors, there's > always going to be an element of risk in terms of espionage from your > supply chain. And meanwhile, Intel added undocumented strong speculation to their cpus, which are now easily CVE-identifiable as verifiable giant security problems to a majority platform. And the more we dig, more we realize they did this as market force, ignoring the risks they identified at conferences a decade earlier.
> Basically your best bet: don't rely on a single vendor. It's harder for > them to hide their espionage then as one vendor won't know how to hide > another vendor's dirty deeds. Precisely. Most of the risks are in the bugs, and if you hit a problem you'll be Dennis Muilenburg saying you didn't know (that phrase works one way today, but if in the next few days he leaves his position, it will work a different way). The unknown risk factors are first unknown and potentially accidental, and secondly unknown and now we are supposed to guess it wasn't accidental. Vendors are wired to increase performance and noone judges security aspects, that the process where the "accident" arises. Maybe we should suddenly accuse absolutely everyone of malpractice! As if that will change anything... So this is misc, which is full of lots of talk about nothing, by people who can't change the ecosystem. Having worried vocally about this before, I know I can't change it. Pretty sad to see people who are even less capable find the energy to moan about it. Especially americans. Know what I mean?
