Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[JimH]

Most CPU's have a vulnerability discovered by Google researchers.  Patches are rolling out.

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

[Awesome Donkey]

There's three vulnerabilities, variant 3 is being called Meltdown and variant 1 and 2 are being called Spectre (or Spectre 1 and Spectre 2).

Meltdown (which looks to only affect Intel CPUs - nearly all of them since 1995!) patches are being pushed out to Windows, macOS High Sierra (it's been fixed since 10.13.2, released nearly a month ago) and the Linux kernel. There's going to be a performance hit for Intel CPUs because of Kernel Page Table Isolation (KPTI), depending how old the CPU is and whether or not the CPU has Process-Context Identifiers (CPID) or not. Also the performance hit will depend on the workload(s).

Spectre on the other hand looks to affect Intel with both variant 1 and 2 whereas AMD and ARM CPUs are affected by variant 1 (AMD on Linux only? Some confusion there). Unlike Meltdown, Spectre is way harder to fix. Looks like applications will have to patch this one, in addition to stuff being added to OSes to help mitigate it. AMD has said they can fix Spectre 1 through software (again, Linux only?), after they do they won't be vulnerable to Spectre 1 anymore. Man, I wish I bought some AMD stock a few days ago!

Both Meltdown and Spectre are going to be a nightmare for cloud, enterprise and the IT industry in general.

https://meltdownattack.com/

[Awesome Donkey]

This better explains all three: https://www.reddit.com/r/Amd/comments/7o2i91/technical_analysis_of_spectre_meltdown/

[Hendrik]

Something that'll likely delight Jim a bit:
https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released

The Windows 10 update is available, but apparently it causes some Anti-Virus software to BSOD your system because they did naughty things. AV software is truely evil.

[~OHM~]

AV software is truely evil.

A BIG Thumbs UP

[Awesome Donkey]

AV software is truely evil.

Understatement right here, IMO.

[bob]

I love this comment from the kernel maintainers for linux:

2) Namespace
   Several people including Linus requested to change the KAISER name.
   We came up with a list of technically correct acronyms:
     User Address Space Separation, prefix uass_
     Forcefully Unmap Complete Kernel With Interrupt Trampolines, prefix fuckwit_
   but we are politically correct people so we settled for
    Kernel Page Table Isolation, prefix kpti_

   Linus, your call

[JimH]

How about KISS?  Keep it Separate Stupid

Not to be confused with Radio KISS  Keep it Simple Stupid

[Awesome Donkey]

Linus also blasted Intel last night. Also they're allowing a patch to disable KPTI for AMD CPUs which is currently being enforced on all CPUs.

3 of my 4 OSes have KPTI implemented right now, but I haven't noticed any hit in general performance yet. VMs? Those actually seem a bit slower to me.

[astromo]

Linus also blasted Intel last night.

Blast!!! Linus Torvalds Style

“I think somebody inside of Intel needs to really take a long hard look at their CPU’s, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed,” Torvalds wrote in a sharply worded email sent to a Linux list on Wednesday.

“Or is Intel basically saying ‘we are committed to selling you sh!t forever and ever, and never fixing anything’?” Torvalds continued.