AMD or Intel for debian

[asd1234]

Building a computer. Do I do AMD or intel for linux operating systems. What will be faster. Will I be able to overclock them or will it be the base speed?

[vbrummond]

A lot of what you are asking here the answer is "it depends". If you have massively parallel workloads like video/compiling you want to go with AMD. Otherwise the stronger IPC of Intel will win for your workloads.

I don't particularly care for overclocking so I am not the one to answer.

[CwF]

I favor under clocking de-threaded Xeons. Preferably more than one. So they're quiet.

[asd1234]

I am doing a lot of web browsing (lots of tabs), inkscape, Programs like office. Not games. For this what should I do?

[theblueplll]

I am doing a lot of web browsing (lots of tabs), inkscape, Programs like office. Not games. For this what should I do?

The one you like the best.

Just for reference i have an old 2.2ghz intel core 2 duo in the other room that can run firefox with around 15 tabs open, and a few other things at the same time and it doesn't skip a beat.
So you don't need anything special just for normal everyday browsing, netflix,youtube etc etc.
Although if it was me I would get the fastest most current, most efficient hardware I could for the money I had to spend leaving branding up to what I was used to.

Unless you are anal about having the fastest this and that it isn't going to matter much.

I prefer AMD because it is what I have always used except 2 of the machines I have right now because of the deal with how I got them.
But you would never catch me spending money on intels backdoor factory.

In the end it's really only personal preference that matters and which you can get the better deal on.
Unless you insist on having the fastest newest best everything then you need to do some research.

I am not saying go buy a 3 generation old cpu and you'll be happy either don't take me the wrong way.

[kedaha]

I use AMD myself; no complaints.
if you are concerned about security see for instance what the Free Software Foundation says here.

[vbrummond]

Amd is less (or not?) vulnerable to the Spectre/meltdown vulnerabilities. Though for the workloads you are showing intel would probably be faster. All I can say is if I built a custom Linux box right now it would run Ryzen.

[Head_on_a_Stick]

Amd is less (or not?) vulnerable to the Spectre/meltdown vulnerabilities.

From my Ryzen laptop:

Code: Select all

E485:~$ grep -R . /sys/devices/system/cpu/vulnerabilities/
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline, IBPB: conditional, STIBP: disabled, RSB filling
/sys/devices/system/cpu/vulnerabilities/mds:Not affected
/sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: Speculative Store Bypass disabled via prctl and seccomp
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
E485:~$

So AMD is not vulnerable to Meltdown, MDS ("zombieload") or L1TF, more here: https://www.amd.com/system/files/docume ... epaper.pdf

Even Intel's new 9th generation processors are still vulnerable to all the exploits listed in my output and require hardware & firmware mitigation to deal with them: https://www.intel.com/content/www/us/en ... dware.html

And bear in mind that there will almost certainly be more side-channel exploits that we don't know about yet so hyperthreading should probably be disabled manually (with the nosmt kernel parameter) by any security-conscious Intel users. It would be nice if the kernel developers would do this automatically (like the OpenBSD developers do) but apparently Intel donate too much money to the Linux Foundation...

The mitigations required by Intel's crappy processor design hits their performance pretty badly and AMD's new ThreadRipper Ryzen chips can now outperform Intel's best once they are enabled: https://www.phoronix.com/scan.php?page= ... ctre&num=1

if I built a custom Linux box right now it would run Ryzen

+1

if you are concerned about security see for instance what the Free Software Foundation says here.

Note that AMD have their own remote management backdoor: https://en.wikipedia.org/wiki/AMD_Platf ... _Processor

[sunrat]

I use Intel myself, no complaints.

Really if your computer is at home behind a router using NAT, most of these vulnerabilities are practically academic. I'd only be majorly concerned if running servers and/or enterprise deployments.

[theblueplll]

I use Intel myself, no complaints.

Really if your computer is at home behind a router using NAT, most of these vulnerabilities are practically academic. I'd only be majorly concerned if running servers and/or enterprise deployments.

You really shouldn't spread misinformation like this.

Don't under estimate what a bored hacker or a dork script kidde will go after.

https://en.m.wikipedia.org/wiki/Network ... ranslation

NAT exactly used to protect you from anything.

[CwF]

I took the red pill, and there is no viable vector. For the average home user it's not practically academic, it's purely academic.

[sunrat]

I use Intel myself, no complaints.

Really if your computer is at home behind a router using NAT, most of these vulnerabilities are practically academic. I'd only be majorly concerned if running servers and/or enterprise deployments.

You really shouldn't spread misinformation like this.

Please give an example of where these vulnerabilities have been used to compromise a home system as I described.

[theblueplll]

I use Intel myself, no complaints.

Really if your computer is at home behind a router using NAT, most of these vulnerabilities are practically academic. I'd only be majorly concerned if running servers and/or enterprise deployments.

You really shouldn't spread misinformation like this.

Please give an example of where these vulnerabilities have been used to compromise a home system as I described.

You implied that it wouldn't happen and one shouldn't bother trying to mitigate it and I said it could and not to underemstimate people.

A vast majority of home users would never know that something did happen and if it did either their data wasn't totally deleted and just copied or the hacker was just curious and looking around or their machine failed and some dork the local shop just reinstalled their OS and said here ya go it's all better.

So there really isn't and example to give.

I can't prove that it did you can't prove that it didn't.

Just mostly meant that there is no reason not to protect one self as much as they can.

Now I will agree that most people that would know how to attempt such an attack wouldn't bother messing with grandma and her facebook login.

Just discussing not trying to argue or start anything.

[Head_on_a_Stick]

Really if your computer is at home behind a router using NAT, most of these vulnerabilities are practically academic. I'd only be majorly concerned if running servers and/or enterprise deployments.

NAT does not protect the user from Spectre & Meltdown, they can be exploited through the browser using javascript: https://www.mozilla.org/en-US/security/ ... sa2018-01/

the vulnerabilities may be exploitable from within application sandboxes (including web browsers), so take care when executing any untrusted code, including JavaScript on web pages

https://www.ncsc.gov.uk/guidance/meltdo ... e-guidance

For the average home user it's not practically academic, it's purely academic.

Wrong.

A vast majority of home users would never know that something did happen and if it did either their data wasn't totally deleted and just copied or the hacker was just curious and looking around or their machine failed and some dork the local shop just reinstalled their OS and said here ya go it's all better.

^ This.

Absence of evidence != evidence of absence.

[pendrachken]

For the average home user it's not practically academic, it's purely academic.
Wrong.

Yes, you are.

1: a home user would have to visit a malicious site with - 1a: a very old browser that doesn't have JS jitter built in specifically for this mitigation, 2a: stay on the site long enough for the execution and send back of the data from the script, or 3a: download a malicious program that will exploit the meltdown / spectre vectors... and lets be honest, 99% of those cases would install the application as root if it asked negating the need for any vulnerabilities.

2: even if spectre / meltdown somehow managed to dump the home users root password AND the attacker got an IP address good luck getting to the proper computer when they are behind a NAT. A home router by default won't forward external originating traffic in to ANY computer on the network.

3: even if the attacker DID managed to get a password out of a MD / SP attack, they likely won't know exactly where it is for, and they would have to get stupid lucky to ALSO get a cached username to go along with it. Maybe they get a CC#, they won't know WHO it is for, the CCV, or the billing address - and if they do, you've already been severely compromised already, to the point that the SP / MD attack was useless.

A vast majority of home users would never know that something did happen and if it did either their data wasn't totally deleted and just copied or the hacker was just curious and looking around or their machine failed and some dork the local shop just reinstalled their OS and said here ya go it's all better.
^ This.

Absence of evidence != evidence of absence.

Kind of sounds like you aren't providing any evidence that these attacks are wide spread on every web site and everyone should panic. Bluepillmoron also doesn't even seem to have a clue what spectre and meltdown actually do either. Here's a hint: it isn't "let anyone look around their machine at will".

[CwF]

ya kinda messed up that quote pendrachken!? You mean that CwF quote stands...without the 'wrong'

[theblueplll]

Kind of sounds like you aren't providing any evidence that these attacks are wide spread on every web site and everyone should panic. Bluepillmoron also doesn't even seem to have a clue what spectre and meltdown actually do either. Here's a hint: it isn't "let anyone look around their machine at will".

Calling me a moron because you don't agree with my opinion is pretty childish.
This is getting ridiculous and a lot of you need to grow up.

You also have an interesting idea on how hackers do things and seem to think they would need to keep using spectre or meltdown over and over again to get back in each time.

NAT is NOT any kind of firewall or device it is a technology that even your modem uses to give out IP addresses you can look that up at the link I posted if you're still confused.

Ports not being forwarded doesn't always protect one from anything either.
Hacking isn't as complicated as you would think it is. Hacking some clowns home network is a joke.

Just because I don't know a lot about Linux as most of you o nthe forum doesn't mean I am stupid and don't know stuff.

[sunrat]

Calling me a moron because you don't agree with my opinion is pretty childish.
This is getting ridiculous and a lot of you need to grow up....
Just because I don't know a lot about Linux as most of you o nthe forum doesn't mean I am stupid and don't know stuff.

You don't have to agree with everyone but a little respect goes a long way.

The last straw: http://forums.debian.net/ucp.php?i=zebr ... heblueplll

[theblueplll]

Calling me a moron because you don't agree with my opinion is pretty childish.
This is getting ridiculous and a lot of you need to grow up....
Just because I don't know a lot about Linux as most of you on the forum doesn't mean I am stupid and don't know stuff.

You don't have to agree with everyone but a little respect goes a long way.

The last straw: http://forums.debian.net/ucp.php?i=zebr ... heblueplll

Is this guy for real???

I need to give some jerk repsect after they call me a moron for speaking my opinion???

That's not how things work where I come from.
Respect is earned not given for any reason without merit.

[fender0107401]

I have a few systems running Debian and FreeBSD.

Intel is more stable, especially for Windows systems.