> The Core 2 Duo/Quad architecture was the last iteration where the ME subsystem could be entirely removed.
Yeah, but unfortunately intel also didn't bother providing microcode patches for meltdown on those chipsets "because to old" by some arbitrary definition of "old".
These are vulnerable to Meltdown, and the page table isolation patches are required to secure kernel memory. These do involve a performance hit, so I'd recommend Core-2 Quad 9550s as an upgrade for a minimally-usable machine.
However, these are not SMT/hyperthreaded, so many of the Specter vulnerabilities do not apply.
OpenBSD runs well enough on them, and these machines are likely what I trust most with this OS.
Most Linux runs on these machines (RedHat 9 doesn't - requires an i3), but will pause on the mei_me module and look for a response from the ME that you have lobotomized; blacklist the related modules if you want to boot faster.
Yeah, but unfortunately intel also didn't bother providing microcode patches for meltdown on those chipsets "because to old" by some arbitrary definition of "old".