Choose style:

Author Topic: ATTEN. Intel cpu users  (Read 5779 times)

0 Members and 1 Guest are viewing this topic.

Offline christianvl

  • Member
  • ***
  • Posts: 190
  • Karma: 33
  • The Wheel weaves as the Wheel wills
    • View Profile
  • Peppermint version(s): 9
Re: ATTEN. Intel cpu users
« Reply #15 on: January 04, 2018, 10:20:33 am »
It seems to me that all processors released in the past 22 years are susceptible to some kind of attack, but Intel is most susceptible.  It looks like AMD is much less susceptible, I'm not sure about ARM.
Looks like ARM is also on the same ship, but not to the same extent as Intel.

https://developer.arm.com/support/security-update

Now I'm curious on how this can affect Android, considering that a software update (OS level) is highly unlikely for most devices.

Enviado de meu Quantum Fly usando Tapatalk

There are neither beginnings or endings to the turning of the Wheel of Time. But it was a beginning.

Offline scifidude79

  • Global Moderator
  • Hero
  • *****
  • Posts: 4029
  • Karma: 863
    • View Profile
  • Peppermint version(s): Peppermint 9
Re: ATTEN. Intel cpu users
« Reply #16 on: January 04, 2018, 10:40:18 am »
Now I'm curious on how this can affect Android, considering that a software update (OS level) is highly unlikely for most devices.

That's been on my mind too, especially since I'm using a Kindle Fire right now, which runs modified Android.  (though, Amazon may release an update)

All I know for sure is that this is a huge mess.

The PoorGuy

  • Guest
Re: ATTEN. Intel cpu users
« Reply #17 on: January 05, 2018, 10:52:52 am »
.
« Last Edit: August 27, 2018, 10:23:45 pm by The PoorGuy »

Offline christianvl

  • Member
  • ***
  • Posts: 190
  • Karma: 33
  • The Wheel weaves as the Wheel wills
    • View Profile
  • Peppermint version(s): 9
There are neither beginnings or endings to the turning of the Wheel of Time. But it was a beginning.

Offline scifidude79

  • Global Moderator
  • Hero
  • *****
  • Posts: 4029
  • Karma: 863
    • View Profile
  • Peppermint version(s): Peppermint 9
Re: ATTEN. Intel cpu users
« Reply #19 on: January 05, 2018, 12:03:49 pm »
Well, you know what they say about rats and sinking ships.

No more Intel purchases for me.

Same here.  After all of this hit, I started looking at AMD's Ryzen line.  I've never paid much attention to those, but they have some good stuff, including "entry level" hyper threaded quad cores that are nicely priced.

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5121
  • Karma: 934
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: ATTEN. Intel cpu users
« Reply #20 on: January 05, 2018, 12:18:51 pm »
And adding to what's already bad news:

https://arstechnica.com/information-technology/2018/01/intel-ceos-sale-of-stock-just-before-security-bug-reveal-raises-questions/
The cream rises to the top ... And, so does the scum ;)

Sent from my moto e⁴ using Tapatalk


Offline DAMIEN1307

  • Member
  • ***
  • Posts: 154
  • Karma: 11
  • non illigitamus carborundum est
    • View Profile
  • Peppermint version(s): Peppermint 8.5 (Respin) 64 bit
Re: ATTEN. Intel cpu users
« Reply #21 on: January 05, 2018, 12:41:25 pm »
hi folks...it may be of interest to note that INTEL has released a new microcode today...the link provided here is from the oregon state university repository...i have applied it to my back up system, a dell laptop, which is an INTEL core i5 chip from which im typing on right now... http://ftp.us.debian.org/debian/pool/non-free/i/intel-microcode/ ...DAMIEN
ORDO AB CHAO

Offline christianvl

  • Member
  • ***
  • Posts: 190
  • Karma: 33
  • The Wheel weaves as the Wheel wills
    • View Profile
  • Peppermint version(s): 9
Re: ATTEN. Intel cpu users
« Reply #22 on: January 05, 2018, 12:50:15 pm »
hi folks...it may be of interest to note that INTEL has released a new microcode today...the link provided here is from the oregon state university repository...i have applied it to my back up system, a dell laptop, which is an INTEL core i5 chip from which im typing on right now... http://ftp.us.debian.org/debian/pool/non-free/i/intel-microcode/ ...DAMIEN
Thank you for providing the link.

Considering the risk for desktop users, I think It's safer for most users to wait for the update to hit Ubuntu's repos.

Enviado de meu Quantum Fly usando Tapatalk

There are neither beginnings or endings to the turning of the Wheel of Time. But it was a beginning.

Online pin

  • Trusted User
  • Veteran
  • *****
  • Posts: 1809
  • Karma: 249
    • View Profile
Re: ATTEN. Intel cpu users
« Reply #23 on: January 05, 2018, 12:53:10 pm »
Would be intresting to see his bank account, most probably in one "tax paradise". Just collecting his revenue before stocks fall...

Skickat från min SM-G900F via Tapatalk

Just say NO to flatpak and snap!!

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25093
  • Karma: 2777
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: ATTEN. Intel cpu users
« Reply #24 on: January 05, 2018, 01:24:30 pm »
hi folks...it may be of interest to note that INTEL has released a new microcode today...the link provided here is from the oregon state university repository...i have applied it to my back up system, a dell laptop, which is an INTEL core i5 chip from which im typing on right now... http://ftp.us.debian.org/debian/pool/non-free/i/intel-microcode/ ...DAMIEN

What makes you think this microcode update has anything to do with this ? .. have you read that somewhere ?

I thought Intel had stated it couldn't be mitigated other than in the OS kernel (or fixed at the hardware level) ?
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline christianvl

  • Member
  • ***
  • Posts: 190
  • Karma: 33
  • The Wheel weaves as the Wheel wills
    • View Profile
  • Peppermint version(s): 9
Re: ATTEN. Intel cpu users
« Reply #25 on: January 05, 2018, 02:25:16 pm »
hi folks...it may be of interest to note that INTEL has released a new microcode today...the link provided here is from the oregon state university repository...i have applied it to my back up system, a dell laptop, which is an INTEL core i5 chip from which im typing on right now... http://ftp.us.debian.org/debian/pool/non-free/i/intel-microcode/ ...DAMIEN

What makes you think this microcode update has anything to do with this ? .. have you read that somewhere ?

I thought Intel had stated it couldn't be mitigated other than in the OS kernel (or fixed at the hardware level) ?
Looks like Intel hopes to solve some of Spectre issues with a microcode update. But PCNet has it right. This isn't going away only with a new microcode.

https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-heres-what-intel-apple-microsoft-others-are-doing-about-it/

Enviado de meu Quantum Fly usando Tapatalk

There are neither beginnings or endings to the turning of the Wheel of Time. But it was a beginning.

Offline DAMIEN1307

  • Member
  • ***
  • Posts: 154
  • Karma: 11
  • non illigitamus carborundum est
    • View Profile
  • Peppermint version(s): Peppermint 8.5 (Respin) 64 bit
Re: ATTEN. Intel cpu users
« Reply #26 on: January 05, 2018, 02:59:37 pm »
hi folks...the reason i found for the microcode though it is only a partial help requireing also the kernel fix i found here... https://www.theregister.co.uk/2018/01/05/spectre_flaws_explained/ ...

a few key paragraphs keyed in on this part of the issue

"On pre-Skylake CPUs, kernel countermeasures – and on Skylake and later, a combination of a microcode updates and kernel countermeasures known as Indirect Branch Restricted Speculation, aka IBRS – to kill Spectre Variant 2 attacks that steal data from kernels and hypervisors."

and

"Fixing the bounds bypass check attack requires analysis and recompilation of vulnerable code; addressing the branch target injection attack can be dealt with via a CPU microcode update, such as Intel's IBRS microcode, or through a software patch like "retpoline" to the operating system kernel, the hypervisor, and applications."

and

"In other words: to protect yourself from Spectre Variant 1 attacks, you need to rebuild your applications with countermeasures. These defense mechanisms are not generally available yet. To protect yourself from Spectre Variant 2 attacks, you have to use a kernel with countermeasures, and if you're on a Skylake or newer core, a microcode update, too. That microcode is yet to ship. It's not particularly clear, through all the noise and spin this week, which kernels have been built and released with countermeasures, if any. A disassembly of latest Windows releases suggests Microsoft is, for one, on the case."

and

"Wagner observed that software fixes aren't enough. "Ultimately, this is a problem with the processor and addressing it in the browser requires removing useful functionality and degrading performance," he said. "We hope the future microprocessor improvements would allow less drastic measures in the browser while still maintaining safety."

it is a 2 page article but appears to me (i could be wrong) that this is only a part of a total fix down the road...just waiting now for the kernel security update to follow...DAMIEN



« Last Edit: January 05, 2018, 03:21:54 pm by DAMIEN1307 »
ORDO AB CHAO

Online pin

  • Trusted User
  • Veteran
  • *****
  • Posts: 1809
  • Karma: 249
    • View Profile
Re: ATTEN. Intel cpu users
« Reply #27 on: January 05, 2018, 03:00:12 pm »
What is even worst is that it was predicted 10 years ago, https://marc.info/?l=openbsd-misc&m=118296441702631&w=2


Skickat från min SM-G900F via Tapatalk

Just say NO to flatpak and snap!!

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25093
  • Karma: 2777
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: ATTEN. Intel cpu users
« Reply #28 on: January 05, 2018, 03:37:28 pm »
Bearing in mind I've been offline(ish) for about 10 days so have a lot of catching up to do, does anyone know if this vulnerability needs local access or some kind of running binary process.
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline scifidude79

  • Global Moderator
  • Hero
  • *****
  • Posts: 4029
  • Karma: 863
    • View Profile
  • Peppermint version(s): Peppermint 9
Re: ATTEN. Intel cpu users
« Reply #29 on: January 05, 2018, 03:40:28 pm »
Bearing in mind I've been offline(ish) for about 10 days so have a lot of catching up to do, does anyone know if this vulnerability needs local access or some kind of running binary process.

I was wondering that too.  I've tried reading through the articles, but much of it is too technical for me.