Posts: 1,542
Threads: 147
Joined: Mar 2016
Reputation:
4
Ultimately the issue of computer security, in any sense whatsoever, is open source code. Speculative execution would not be a security issue at all if the processor code was open source. You cannot compare for bit parity for binaries you cannot access. We banged this around years ago and recommended dual CPU's and one bank of protected memory for low level binary comparisons. As long as OEM vendors refuse access to binary setups there is no solution that will ever be secure. The amount of patching in Debian is probably headed for fifty different specific application instances. At the high end, giant service providers are going to absorb a big hit and be forced to purchase more rack space to deal with the performance issues this ridiculous proprietary policy has caused. Intel's partnerships are just extortion in this sense and always have been.
TC
All opinions expressed and all advice given by Trinidad Cruz on this forum are his responsibility alone and do not necessarily reflect the views or methods of the developers of Linux Lite. He is a citizen of the United States where it is acceptable to occasionally be uninformed and inept as long as you pay your taxes.
Posts: 168
Threads: 36
Joined: Dec 2017
Reputation:
0
8) i am not too freaked out by all this , a flaw since what ?, 1995 ?, wow, ok. i suffered viruses through the years since windows 98SE, so again, not to freaked out by this .
??? any ways , has Linux Lite released some updates on this issue for Linux lite 3.6 ?.
my windows 10 machine has been fixed by me, ha ha , it was a outdated driver issue, now ready to bring back down my Linux machine from upstairs and plug it back in........ i miss my Linux.
windows is for my Husband, he so far has no problems with my machine , but he is a cave man and needs more how to attention.............
Posts: 1,542
Threads: 147
Joined: Mar 2016
Reputation:
4
Class Action investigation against Intel, the first taker.
https://www.bgandg.com/intc
A pdf copy of the action is available on the page.
From 2005 MIT:
https://ocw.mit.edu/courses/electrical-e...chpred.pdf
TC
All opinions expressed and all advice given by Trinidad Cruz on this forum are his responsibility alone and do not necessarily reflect the views or methods of the developers of Linux Lite. He is a citizen of the United States where it is acceptable to occasionally be uninformed and inept as long as you pay your taxes.
(This post was last modified: 01-08-2018, 01:15 PM by
trinidad.)
Posts: 100
Threads: 7
Joined: Apr 2017
Reputation:
0
Interesting catch! Thanks, Trinidad, for both of these.
Posts: 57
Threads: 3
Joined: Apr 2016
Reputation:
0
Krzanich talks his book, but will he walk the (perp) walk?
https://www.zerohedge.com/news/2018-01-0...ering-flaw
Bring Comey back - why, he wiped the floor with Martha Stewart!
Terry Davis Command Line video cracks me up.
Quod delere vos ego faciam permanens.
Posts: 140
Threads: 31
Joined: May 2017
Reputation:
0
(01-05-2018, 07:40 AM)Jerry link Wrote: Ubuntu plan to release Kernel updates early next week, in or around the 9th.
Do we have any news on the status of Ubuntu kernel updates to fix this issue?
Using Linux Lite for everything now. I put it on my desktop and my laptop. Woohoo!
Posts: 1,542
Threads: 147
Joined: Mar 2016
Reputation:
4
Kernel 4.4.0-109.132 is out for LTS. Fix for meltdown began at .131 I believe. This is not a complete fix all for Ubuntu OS. Older hardware will not respond to the update in many cases because of incomplete firmware. This whole thing is an ugly ugly mess for Debian. The main issue will be for people who run older hardware without firmware updates, and connect to virtual server instances that have firmware updates. They may find they cannot connect to their server. The exploit 1 of spectre is already mitigated in firefox but exploit 2 will not be fully mitigated for quite some time and people with older hardware may find themselves out of luck. If you are running anit-virus your provider will have had to issue a flag to your system to install the changes. I have some reticence about installing the meltdown mitigations at all, given other issues with Intel. I am slowly working my way through all the documentation on the exploits, but a cursory examination makes me a little itchy, given the impact on some common server administration tools, and given Intels other issues I am not so sure that the mitigation for meltdown will not open a wider door for specter exploit 2 due to a lack of pointer obfuscation. I don't think there's any need for home users to rush into this at this point other than the virtual server connection issues. Let the industry giants worry about it, and let Debian run its course through the mess the Debian way -- slowly via the community. There may be a worst case scenario for all of this akin to emmision testing for automobiles.
TC
All opinions expressed and all advice given by Trinidad Cruz on this forum are his responsibility alone and do not necessarily reflect the views or methods of the developers of Linux Lite. He is a citizen of the United States where it is acceptable to occasionally be uninformed and inept as long as you pay your taxes.
![[Image: X5qGkCg.png]](https://imgur.com/X5qGkCg.png)
![[Image: 0op1GNe.png]](https://i.imgur.com/0op1GNe.png)
![[Image: LgJ2mtP.png]](https://i.imgur.com/LgJ2mtP.png)
![[Image: vLZcFUE.png]](https://imgur.com/vLZcFUE.png)
![[Image: lrUHro3.jpg]](https://i.imgur.com/lrUHro3.jpg)
