|
Harik posted:It's not about security, any state level actor who can replace the firmware in a supply chain attack can afford to throw in a new epyc that immediately locks to their key. AFAIK none of the discovered UEFI rootkits were from the supply chain. They were post install, leveraging smaller compromises into Advanced Persistent Threats. It's about security, you're just wrong. edit: does it also suck for homelabs people who would like to run a used Epyc in their garage rackmount? Sure. But used outdated server CPUs are not a huge market that AMD has a big incentive to get rid of. Performance/watt is too important for large scale servers. Klyith fucked around with this message at 15:38 on Mar 14, 2024 |
# ? Mar 14, 2024 15:32 |
|
|
# ? May 28, 2024 15:09 |
|
Klyith posted:AFAIK none of the discovered UEFI rootkits were from the supply chain. They were post install, leveraging smaller compromises into Advanced Persistent Threats. It's about security, you're just wrong.
|
# ? Mar 14, 2024 15:38 |
|
There are ebay sellers who sell mobo + cpu + ram combos that are fine. Tugm-somethingorother is popular.
|
# ? Mar 14, 2024 15:46 |
|
Klyith posted:AFAIK none of the discovered UEFI rootkits were from the supply chain. They were post install, leveraging smaller compromises into Advanced Persistent Threats. It's about security, you're just wrong. It might help security in some marginal case, but I hope you don’t think that AMD would have done it without the economic effects.
|
# ? Mar 14, 2024 17:01 |
|
It’s worth pointing out that AMD also did/does vendor locking on non Epyc parts, namely the Pro series APUs in office drone boxes. I remember an STH article a few years back on the topic, and it seems the “feature” was mostly being pushed by Lenovo and not AMD itself. I don’t think it absolves AMD of supporting the consumer unfriendly practice Lenovo (and one or two other OEMs) wanted, and I don’t personally think the security angle outweighs the problems it introduces. If you really want to go that route, solder the fuckin thing down.
|
# ? Mar 14, 2024 21:06 |
|
Cygni posted:It’s worth pointing out that AMD also did/does vendor locking on non Epyc parts, namely the Pro series APUs in office drone boxes. I remember an STH article a few years back on the topic, and it seems the “feature” was mostly being pushed by Lenovo and not AMD itself. I don’t think it absolves AMD of supporting the consumer unfriendly practice Lenovo (and one or two other OEMs) wanted, and I don’t personally think the security angle outweighs the problems it introduces. In the grimdark future all computers will be a solid hunk of solder with the only openings being a few USB ports, a power port, and one PCIe slot sitting like a lonely valley in a plain of silvery metal.
|
# ? Mar 14, 2024 21:42 |
|
Secure boot absolutely requires you to lock to something as a root of trust. The platform vendor is one possible sane option. Like all security measures, it involves usability tradeoffs.
|
# ? Mar 14, 2024 21:58 |
|
Subjunctive posted:It might help security in some marginal case, but I hope you don’t think that AMD would have done it without the economic effects. Well they could have just done the same centrally-managed key thing as Intel... but if the economic effect is so big, why hasn't Intel done the same thing? It is an incentive for AMD, but this ain't used games before digital distribution. The market for used bare server CPUs is a rounding error. Like, I bet the cost savings of not having to manage the thing themselves like Intel does is the bigger impact for the bottom line. Instead they have the fuse system and tell Facebook or Lenovo or whoever to manage their security themselves.
|
# ? Mar 14, 2024 22:10 |
|
Klyith posted:[...]but if the economic effect is so big, why hasn't Intel done the same thing?[...] Say bud, I think it would make more sense if you thought about how Intel diligently perfected the art of slowly releasing minor incremental updates to their Pentium 4/Core-based architecture for well over a decade. Intel has made some great technology, but ... well you see what I'm getting at here.
|
# ? Mar 20, 2024 14:39 |
|
Klyith posted:AFAIK none of the discovered UEFI rootkits were from the supply chain. They were post install, leveraging smaller compromises into Advanced Persistent Threats. It's about security, you're just wrong. Lol you're absolutely wrong about that. I already covered why they didn't need to deliberately shutdown the secondary market to achieve the goal because it's been a solved problem for decades. They chose to use it as an excuse to kill off the secondary market. I'm not sure why this is so difficult for you to understand. You don't need to arcweld the CPU to the motherboard to securely sign the firmware. Klyith posted:It is an incentive for AMD, but this ain't used games before digital distribution. The market for used bare server CPUs is a rounding error. Like, I bet the cost savings of not having to manage the thing themselves like Intel does is the bigger impact for the bottom line. Instead they have the fuse system and tell Facebook or Lenovo or whoever to manage their security themselves. again, this is a failure to understand the options. This isn't "centrally manged key or detonate a bomb in the CPU if the firmware changes", that's a deliberately misleading false choice. SPI flash chips already come with OTP regions, they could have read the key out of that before reading the firmware itself and validating the signature. They decided that forcing non-hyperscalers to buy their chips new was worth the time it took to implement self-destructing CPUs because they don't want the downward pressure on their margins when the facebook upgrade cycle hits. Edit: And it drives up production costs. CPUs now need a higher voltage rail used only for burning out delicate traces of the fuse bits as well as all the oversized gates needed to handle the higher current flow for an operation the CPU does once in its lifespan. OTP is a pain in the rear end to implement. Yes, they can shunt it to the iodie and not do it on their main CCX but it's still increasing costs. The flash chips already have all the higher voltage rail for the erase cycle, so it's trivial to do there, or they can just disconnect the erase logic from a single flash block and call it a day. Harik fucked around with this message at 18:10 on Mar 21, 2024 |
# ? Mar 21, 2024 18:02 |
|
GRECOROMANGRABASS posted:Say bud, I think it would make more sense if you thought about how Intel diligently perfected the art of slowly releasing minor incremental updates to their Pentium 4/Core-based architecture for well over a decade. Wat You picked the wrong pair of chips here, P4 to Core was not incremental at all. Unless you count Core as incremental from Pentium 3, which it kinda was, in a loose way. P4, though? Dead end. Also there were at least 2 microarchitectures post-Core where Intel shook things up quite a bit, Nehalem and Sandy Bridge. If you want to make a case for them coasting on incremental improvements to one uarch far too long, SB's probably where you have to start from.
|
# ? Mar 22, 2024 01:42 |
|
Harik posted:It's not about security, any state level actor who can replace the firmware in a supply chain attack can afford to throw in a new epyc that immediately locks to their key. Repeatedly shouting that a dumb external flash chip with an OTP region is the proper way doesn't make it so. The supply chain threat model isn't the James Bond spy bullshit you're imagining, it's more boring things like taking advantage of a PCB assembly house's sloppy component procurement processes to get them to buy a batch of fake flash chips. Therefore, the state of the art in designing a hardware root of trust is to embed it into something which is far harder to craft a substitute for. It's not that hard or expensive to make an ersatz flash chip that'll provide the same functionality as the original, plus let you rewrite the supposedly OTP region if you tickle it the right way. It's profoundly more expensive to make an ersatz EPYC. Also more difficult to inject it into the supply chain somewhere without getting noticed. Is AMD's implementation the best possible? I dunno, but it seems legitimately designed to provide higher boot security. I doubt that killing secondary sales was a concern. What drives the bulk of AMD's sales in this market is delivering better perf/W and absolute performance in each successive generation. The customers who buy large numbers of these chips new don't view older generations as viable substitutes, because in data centers, operational costs are very important, and the old poo poo just isn't competitive.
|
# ? Mar 22, 2024 03:42 |
|
u thought AMD was done releasing Zen3 parts? guess again bonehead, 5000XT coming! https://twitter.com/9550pro/status/1771102317464404091
|
# ? Mar 25, 2024 21:40 |
|
i'm not sure what you can do to a 5950x other than slap on v-cache (which they did, but never made a product)
|
# ? Mar 25, 2024 22:47 |
|
Those names smell like APUs with the graphics disabled
|
# ? Mar 25, 2024 23:08 |
|
FuturePastNow posted:Those names smell like APUs with the graphics disabled but they already did that with the 5700, 5500, and 5100. and then they also did the APU runt bins with the 5600GT and 5500GT. when the did XTs with Zen2, they were just 100mhz boost clock bumps. im not sure why they think the market wants/needs that AND all the X3Ds they've been launching, but more power to em i guess.
|
# ? Mar 25, 2024 23:15 |
|
The AM4 production will continue until everyone owns an AM4 system. In the grim darkness of the far future, there is only AM4.
|
# ? Mar 25, 2024 23:17 |
|
CodFishBalls posted:The AM4 production will continue until everyone owns an AM4 system. I think I’m ok with this.
|
# ? Mar 26, 2024 02:44 |
|
AM4 has made building so ridiculously easy that I'm soon going to buy a new (2020) cat core embedded board to feel alive again
|
# ? Mar 26, 2024 02:57 |
|
On the subject of AM4 forever, a hundred years, I got a Ryzen 5 3600 back in 2019 and I'm wondering if it's almost time to upgrade. It's paired with a 3070 so most stuff is still GPU throttled, but even though I don't play a lot of CPU-heavy games I'm getting closer and closer to the minimum specs for games like Alan Wake 2 and Dragon's Dogma 2 (not played this one yet but I probably will get it later this year). Is it worth upgrading at this point if I'm not looking to upgrade my GPU for another couple of years? Even the 5800X3D is looking affordable-ish.
|
# ? Mar 26, 2024 07:52 |
|
I originally bought a cheap AsRock board and a 3600 with almost no research just as a sort of trial if AMD had got their stuff together after the Excavator days. I'm now on my third AM4 processor in that hella sick "Phantom Gaming 4" board. Anyways, see what you can sell the 5600 for grab the 5800X3D. I grabbed it thinking it wouldn't make a big difference coming from a 5800X and it really helps with the dips and lows, to the point where I don't think I'll get another CPU without the extra cache if they keep making them.
|
# ? Mar 26, 2024 09:22 |
|
I saw the price difference and asked myself if the 3D version made that much difference, so it's good to know that you've directly compared them. It looks like the 5800X3D is about £265 locally - I probably won't hit buy right this second, but if DD2's performance hasn't been fixed by the time I get around to buying it I reckon that'll be my prompt to upgrade.
|
# ? Mar 26, 2024 09:47 |
|
The x3D also runs much cooler than the 5800x. The non 3d forced me out of silent PC and the x3D got me back.
|
# ? Mar 26, 2024 16:40 |
|
Yeah contrary to everything I read before, my 5700X3D actually runs cooler and uses less power than my old albeit overclocked 5600X did. I had an overclock of 200mhz on the 5600X which made it use up 75~w at peak, I cannot overclock the 5700X3D but it is running 10-15 degrees cooler and sits at around 65w of usage even though its on-the-box TDP is much higher. I have been very very impressed with it
|
# ? Mar 26, 2024 20:10 |
Finishing a compute task assigned by the OS scheduler quicker means the core can quicker get into ACPI P&C states where it's hardly drawing any power at all - and one of the biggest contributors to getting things done fast is having it in cache rather than having to go all the way to memory to work on it. It's only really HPC workloads, benchmarks, and a few other things that take up all available CPU time of all available cores. BlankSystemDaemon fucked around with this message at 20:20 on Mar 26, 2024 |
|
# ? Mar 26, 2024 20:17 |
|
Icept posted:point where I don't think I'll get another CPU without the extra cache if they keep making them. I upgraded from 3700x to 5800x3d and while the 3700x was putting up a good fight, I didn't realize how not having any or hardly any 1% low micro studders could feel oh so good. Also if you play any indie jank, unoptimized, crazy math simulation type games or like 4x games it punches way above it's paper specs.
|
# ? Mar 27, 2024 12:11 |
|
also online games where there's 500 people running around having the basic character data for all those 500 people stored neatly in cache can make a gigantic difference
|
# ? Mar 27, 2024 12:27 |
|
I'm still running a 1700 as my window box. I should probably at least drop in an upgrade (not sure what the best my motherboard will realistically do ).
|
# ? Mar 27, 2024 18:04 |
|
Link/list your mainboard. Many B350 and X370 mainboards support Ryzen 5000 CPUs.
|
# ? Mar 27, 2024 18:20 |
|
Asus b350 plus They list 5000 as compatible, maybe l'll pick up a 5800x. Or I wait and just replace the whole thing with the next v generation am5, rather than sinking more money in to an old platform.
|
# ? Mar 27, 2024 18:24 |
|
Pablo Bluth posted:Asus b350 plus any of the 5000 series x3d chips will last you at least another 2-3 years, no problem
|
# ? Mar 27, 2024 18:58 |
|
Yeah, I upgraded to a 5600X3D this past summer (the microcenter exclusive one with 6 cores) and the leap from my 2700x to this is insane. Really don't forsee having to upgrade again for another 3 years at this rate, and by then it'll obviously be whole different mobo/socket.
|
# ? Mar 27, 2024 19:17 |
|
Pablo Bluth posted:Asus b350 plus I'm 99% sure that is the same as my old board. Make sure you update the bios FIRST. And as a note, do not panic if it won't boot with the 1700 in it. For the early 350 series boards, they cheaped out of the storage size of the firmware, and thus they only had enough room for some of the chips rather than the entire AM4 line. The BIOS update for the 3000 and 5000 series was a one-way ticket last I looked. It's a fairly painless process, but I still hold my breath when updating the BIOS.
|
# ? Mar 27, 2024 21:55 |
|
Koskun posted:The BIOS update for the 3000 and 5000 series was a one-way ticket last I looked. They don’t let you downgrade again if you wanted to put an earlier chip back in it? That is very lame.
|
# ? Mar 27, 2024 22:19 |
|
You probably can but unless you have a compatible chip or a board with flashback from USB you aren't getting back into the BIOS.
|
# ? Mar 27, 2024 23:01 |
|
ah, I see
|
# ? Mar 27, 2024 23:16 |
|
A cheap external eeprom writer has saved my rear end a few times for stuff like that. I don’t think there is an AM4 board that supports every CPU on the platform without back flashing. Sucks for troubleshooting/collecting purposes (admittedly a tiny niche).
|
# ? Mar 28, 2024 01:49 |
|
I think this is precisely why AMD made flashback a hard requirement for AM5.
|
# ? Mar 28, 2024 11:06 |
|
It’s a universal feature in that all CPUs support it, but it isn’t required to be enabled. Which is why there is at least one fairly expensive board that still doesn’t have it: the Asrock B650e PG-ITX.
|
# ? Mar 28, 2024 16:01 |
|
|
# ? May 28, 2024 15:09 |
|
https://videocardz.com/newz/asus-x670-agesa-1-1-7-0-update-enables-initial-support-for-zen5-granite-ridge-cpu-series Looks like the latest AGESA 1.1.7.0 has a revision to the Raphael/Zen4/7000 microcode as well as bring up support for Granite Ridge. First Raphael microcode update in a while. No word on what was tweaked yet.
|
# ? Apr 2, 2024 20:45 |