POWER is an insecure processor like the rest. The software on it will likewise have the same problems as the rest. The difference they're advertising is that there's more open code. This reduces the unknowns for users, gives them more control over their own boxes, and improves security a bit. There's still black boxes in there including one I didn't know about per one commenter in this thread. You can trust the hardware and any firmware left about as much as you can trust IBM's management in that division. Yeah, it gave me pause too.
So, let's change it to "less DRM" and "more open than x86." If you want an open ISA, looked at RISC-V or SPARC (esp Leon3 or OpenSPARC T2). If you want a more secure ISA, look at crash-safe.org, Cambridge's CHERI processor (also open), System/38 (still exists), or even old Burroughs B5000 from 1961. In such light, "Open"POWER is neither truly open nor secure even if better than x86.
I think its important to consider the context, which is clearly stated on the frontpage of Talos: "POWER is the only open, owner-controllable architecture that is competitive in performance".
There are other architectures that could be candidates for an owner-controllable system (see https://www.raptorengineering.com/TALOS/op_twbx86.php for a review of some other alternatives), but POWER8 is currently the one that can be competitive with x86-64 and could realistically build today.
It's called a "Talos Secure Workstation" "designed for security-conscious users." Then they mention the ownership and openness differentiators but nothing else. Other "secure" workstations were CMW's, separation kernels, hypervisor schemes, and so on that protect the system from attack.
So, I think it's a misleading label. "Secure" workstation has a meaning that goes way back. In isolation, it has an established meaning. They should just say open and/or DRM-free as that's intended meaning.
It's a BS claim. IBM has only developed one CPU for high-assurance security:
https://domino.research.ibm.com/library/cyberdig.nsf/papers/...
POWER is an insecure processor like the rest. The software on it will likewise have the same problems as the rest. The difference they're advertising is that there's more open code. This reduces the unknowns for users, gives them more control over their own boxes, and improves security a bit. There's still black boxes in there including one I didn't know about per one commenter in this thread. You can trust the hardware and any firmware left about as much as you can trust IBM's management in that division. Yeah, it gave me pause too.
So, let's change it to "less DRM" and "more open than x86." If you want an open ISA, looked at RISC-V or SPARC (esp Leon3 or OpenSPARC T2). If you want a more secure ISA, look at crash-safe.org, Cambridge's CHERI processor (also open), System/38 (still exists), or even old Burroughs B5000 from 1961. In such light, "Open"POWER is neither truly open nor secure even if better than x86.