Return to Level1Techs.com

CPU doesn't support VT-d. What are my options now?

I have an i7 4770k which only supports VT-x, not VT-d. I’m still on W7 but driver support for Nvidia GPU’s will end in October and some games are dropping support too, so I guess it’s time for me to finally stop milking W7 dry and upgrade. But I’m trying to avoid W10 spying and privacy issues.

One problem: This whole No VT-d thing. Is it possible to have 2 OS’s running at once whether in a VM or not and still have good gaming performance? I was hoping to be able to run both Linux and W7 at the same time in a hypervisor or something while still getting good frames for esports games like Rainbow Six Siege and Rocket League.

Specs: i7 4770k, GTX 970 4GB, 16GB RAM, 128GB SSD, 1TB HDD.

You cant run as VM and not get in trouble with anti cheat with online competitive multiplayer games. Might as well wait for the upcoming proton compatibility layer with EAC and BattleEye.

Oh yeah I forgot about that. Is it possible to have 2 OS’s running at once and have neither in a VM though? Like could they both use the PC’s resources equally?

No.

2 Likes

for realsies :sob:

Definitely not on a desktop PC. I think there may be specialized hardware that can achieve this but you’ll need to have double ups of all the hardware, and at that point it’s just better and easier to have two PCs :thinking:

I don’t think you’ll get decent enough performance to run games inside a VM without a VT-d enabled CPU.
You may be better off running Linux inside of Windows using WSL or some type of VM/hypervisor software.

If you’re concerned about the privacy in Windows 10 I’d recommend you use window 10 AME or either LTSB/LTSC editions.

Yeah I figured this would be my only option in the end (thanks Intel) but I wanted to ask around first just to make sure. I guess I’ll try figuring out how AME works first and if I can’t get that working then LTSC it is.

AME is not an official version, its a hack of sorts that can put you potentially in a heap of trouble as the vast protection of windows relies on a functioning windows defender, which MS dropped support last year, IIRC.

If you must use windows, i think its a mistake to think there is no telemetry in Win10 LTSC or even Win7 for that matter. You can only check with something like wireshark if your windows machine still phones home without your knowledge.

What kind of “heap of trouble” are we talking here? In the AME documentation, they claim that removing things like Windows Defender is done to enhance privacy and security. (They also claim that not giving the default user admin privileges alleviates 94% of security issues).

You are pretty much exposed to all kinds of malware when using windows because thats what the majority if users has on their computer and malware devs like to attack commonly used software.

Despite not liking MS at all, they have become better at maintaining user security (although the recent MS Exchange debacle seem to refute that). The do it all through Windows Defender, which if you are running an up to date version of, you wont really be needing a dedicated antivirus program. If you take away that capability in a custom AME version, you strip all of Defender’s protection away, thus needing an Antivirus software that also does telemetry.

Priviledge escalation are commonly part of a malware’s toolkit so taking away an admin account doesnt really offer much protection for the end user.

Bottom line, probably go for LTSC instead of AME.

Correct me if I’m wrong, but doesn’t actually getting your system infected with malware require actually being exposed to said malware? I literally just watch youtube, twitch, and play games. How unsafe am I?

Malvertising is a thing. Bad actors can blast pages you visit with malicious/malformed images that does stuff with your computer. Chrome based browsers are frequently attacked with live zero-day, zero-click exploits.

Phising can also happen. I thought i was “immune” but i just recently realize i frequently click “unsubscribe” willy nilly from spam emails that i thought i told services not to shove to my email.

In the end, spray attacks will hit you eventually and it may be useful to have Windows Defender on.

Also try to move to Linux if/when you can. Your use case seems applicable. With the coming EAC/BattleEye Linux support coming, this will only become more feasible in the future. I urge you to at least try Linux. It has problems, for sure, but not these kinds of problems.

1 Like

Hmm, what if I were to just use AME purely for gaming/discord and then do all other general browsing in a Linux VM inside of AME? I absolutely want to use Linux full time eventually but that’ll happen once I build my next PC which I’ll make sure has IOMMU support.

I’m not really willing to dual-boot either just because I don’t wanna have to restart every time I need to switch between gaming and other tasks which for me is frequently throughout the day.

1 Like

This works too. Personally I would have put it the other way around but windows will become even more fickle.

You should try Whonix for your intended use case as it was meant to be run inside a VM. Personally I havent really tried to run Whonix inside a VM, just be aware but that was the intended use case so you should expect a smoother experience.

1 Like

Using W10 AME is like using Win XP exposed to the internet.

Either accept the telemetry & block through other means like DNS black holing or don’t use windows.

How is it like using “Win XP exposed to the internet”? AME can be safely rebuilt each time there’s a new security update.

That seems tedious.

Are you prepared to do this every MS patch tuesday (first tuesday of the month) and each time there are bad enough in the wild exploits that forces MS to release security patch outside of its monthly cycle?

I would be prepared if I have to be, but the AME devs have a Telegram community set up where they provide stable, updated builds.