Choose style:

Author Topic: ATTEN. Intel cpu users  (Read 2980 times)

0 Members and 1 Guest are viewing this topic.

Offline cfx795

  • Member
  • ***
  • Posts: 146
  • Karma: 6
  • cab driver and computer novice
    • View Profile
  • Peppermint version(s): 7
Re: ATTEN. Intel cpu users
« Reply #30 on: January 05, 2018, 04:32:54 pm »
I guess I'll stay tuned and wait for a bit of the furor to die down. I'm not exactly harvesting money off the trees out back, insofar as some abrupt and immediate switch to AMD. At the time I assembled this Intel system this past fall, it seemed to make sense to me that I was getting an integrated gpu with the Intel chip. In retrospect maybe I would have been better off paying a little more for a Ryzen CPU and a discrete graphics card.

Offline murraymint

  • Trusted User
  • Veteran
  • *****
  • Posts: 1649
  • Karma: 278
  • soft boiled with a yolk of gold
    • View Profile
  • Peppermint version(s): 7, 8, 9
Re: ATTEN. Intel cpu users
« Reply #31 on: January 05, 2018, 05:13:00 pm »
Quote
For the array bounds variant of Spectre, Microsoft's main action is to modify Edge and Internet Explorer. Browsers represent a particular risk for this attack, as it's relatively straightforward to write JavaScript that sets up the conditions necessary to perform the attack. Depending on the browser, browser-based attacks can do things such as steal passwords, and in all browsers the attack provides data useful for breaking out of sandboxes.

Accordingly, Microsoft is disabling access to JavaScript SharedArrayBuffer—a kind of high-performance array that was only enabled in Edge a few months ago—and reducing the precision of timers available to JavaScript. Successful exploitation of both Meltdown and Spectre requires careful timing of actions that may differ by only a few hundred processor cycles. To make this timing harder to achieve in JavaScript, the high-precision JavaScript timer (intended mainly for things like benchmarking and performance profiling) is having both its precision reduced, from a granularity of 5 microseconds to 20 microseconds, and its accuracy reduced, by introducing up to 20 microseconds of random jitter to its results.

This same approach is being replicated by Mozilla in Firefox and is already shipping in the latest version of Firefox. Google too is applying these changes to Chrome, and they should ship to end users in late January. Mozilla and Google both say that they're also developing more precise mitigations—likely to be the judicious insertion of serializing instructions to prevent speculative execution in certain places—to address the problem.

https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-heres-what-intel-apple-microsoft-others-are-doing-about-it/

Offline DAMIEN1307

  • Member
  • ***
  • Posts: 154
  • Karma: 11
  • non illigitamus carborundum est
    • View Profile
  • Peppermint version(s): Peppermint 8.5 (Respin) 64 bit
Re: ATTEN. Intel cpu users
« Reply #32 on: January 05, 2018, 07:35:40 pm »
hi PCNetSpec we missed ya...welcome back to reality...lol...ive included a link to an article on all this hoopla to help you get get acquainted as to how this INTEL mess works...or should i say doesnt work since you mentioned you have to play catch-up...enjoy...DAMIEN

https://arstechnica.com/gadgets/2018/01/whats-behind-the-intel-design-flaw-forcing-numerous-patches/
ORDO AB CHAO

Offline The PoorGuy

  • Member
  • ***
  • Posts: 204
  • Karma: 44
  • Grumpy Old Fart
    • View Profile
  • Peppermint version(s): Peppermint 9 (64 Bit)
Re: ATTEN. Intel cpu users
« Reply #33 on: January 05, 2018, 08:02:46 pm »
What really makes this bad is the users as myself who use old Intel processors that whatever BS fix Intel gives out will only be for the newer Intel processors and pretty much screw the rest>:(

Intel should be forced to make a fix for all processors released from the time this Bug Flaw affects as a lot of users may or may not be in a position to go out and buy a new computer.

Typical big corporation BS.

Find a scrub oak and string them up.  >:(
« Last Edit: January 06, 2018, 12:42:59 am by The PoorGuy »
I'm grumpy because I can be not because I'm old.  :P

The world is what you make of it, if it doesn't fit, you make alterations.


Under certain circumstances, profanity provides a relief denied even to prayer.
(Mark Twain)

Offline DAMIEN1307

  • Member
  • ***
  • Posts: 154
  • Karma: 11
  • non illigitamus carborundum est
    • View Profile
  • Peppermint version(s): Peppermint 8.5 (Respin) 64 bit
Re: ATTEN. Intel cpu users
« Reply #34 on: January 05, 2018, 11:31:39 pm »
This is cumulative of what i have found thus far

Number 1 - it may be of interest to note that INTEL has released a new microcode today...the link provided here is from the oregon state university repository...i have applied it to my back up system, a dell laptop, which is an INTEL core i5 chip from which im typing on right now...

http://ftp.us.debian.org/debian/pool/non-free/i/intel-microcode/

 
Number 2 - the reason i found for updating the microcode though it is only a partial help requireing also the kernel fix that is forthcoming is found in this article... https://www.theregister.co.uk/2018/01/05/spectre_flaws_explained/
a few key paragraphs keyed in on this part of the issue

"On pre-Skylake CPUs, kernel countermeasures – and on Skylake and later, a combination of a microcode updates and kernel countermeasures known as Indirect Branch Restricted Speculation, aka IBRS – to kill Spectre Variant 2 attacks that steal data from kernels and hypervisors."

and

"Fixing the bounds bypass check attack requires analysis and recompilation of vulnerable code; addressing the branch target injection attack can be dealt with via a CPU microcode update, such as Intel's IBRS microcode, or through a software patch like "retpoline" to the operating system kernel, the hypervisor, and applications."

and

"In other words: to protect yourself from Spectre Variant 1 attacks, you need to rebuild your applications with countermeasures. These defense mechanisms are not generally available yet. To protect yourself from Spectre Variant 2 attacks, you have to use a kernel with countermeasures, and if you're on a Skylake or newer core, a microcode update, too. That microcode is yet to ship. It's not particularly clear, through all the noise and spin this week, which kernels have been built and released with countermeasures, if any. A disassembly of latest Windows releases suggests Microsoft is, for one, on the case."

and

"Wagner observed that software fixes aren't enough. "Ultimately, this is a problem with the processor and addressing it in the browser requires removing useful functionality and degrading performance," he said. "We hope the future microprocessor improvements would allow less drastic measures in the browser while still maintaining safety."

it is a 2 page article but appears to me (i could be wrong) that this is only a part of a total fix down the road...just waiting now for the kernel security update to follow...

Number 3 - this article has some work arounds for chrome/chromium based browsers and to a lesser extent firefox browsers to harden up their isolation capabilities that should help until the kernel/ microcode fixes become finalised...DAMIEN

http://www.linuxandubuntu.com/home/how-hackers-can-read-your-websites-passwords-using-meltdown-and-spectre-with-solution

To enable Site Isolation in Chrome/Chromium, copy the following URL in URL bar -

chrome://flags/#enable-site-per-process


To enable First-Party Isolation in Firefox

 type about:config in the url bar. Search for site isolation and you'll get the following options -
enable first-party isolation in firefox
As you can see the value of privacy.firstparty.isolate is set to false. Double click to set it to true.

restart the browsers for isolation to take effect...

i have applied these workarounds until the real security update fixes become available on all four of my home systems and all is working fine here and am really hoping these workarounds along with their explainations as described in the articles will be of some real value and use to the community...DAMIEN


« Last Edit: January 06, 2018, 03:16:41 am by DAMIEN1307 »
ORDO AB CHAO

Online VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 3984
  • Karma: 736
  • Peppermint Mod
    • View Profile
Re: ATTEN. Intel cpu users
« Reply #35 on: January 06, 2018, 01:46:31 am »
LoL Linus: https://goo.gl/VPDU7i   :D

Offline DAMIEN1307

  • Member
  • ***
  • Posts: 154
  • Karma: 11
  • non illigitamus carborundum est
    • View Profile
  • Peppermint version(s): Peppermint 8.5 (Respin) 64 bit
Re: ATTEN. Intel cpu users
« Reply #36 on: January 06, 2018, 02:40:32 am »
thought you folks might like this one...microsoft strikes again in their attempt to "fix" meltdown and spectre...enjoy...DAMIEN

http://news.softpedia.com/news/windows-10-cumulative-update-kb4056892-meltdown-spectre-fix-fails-to-install-519238.shtml


ps...i especially enjoyed the comment made person writing microsoft community thread number 3 where he states after his system borked

" I understand that making the machine unbootable is the best protection from remote exploitation, but I would rather have the OS working."
« Last Edit: January 06, 2018, 02:48:15 am by DAMIEN1307 »
ORDO AB CHAO

Offline pin

  • Trusted User
  • Veteran
  • *****
  • Posts: 1082
  • Karma: 120
  • Peppermint7
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)
Re: ATTEN. Intel cpu users
« Reply #37 on: January 06, 2018, 03:17:14 am »
Yeah, it was fun! But, this time around, and for once, this is not microsoft's fault. Everyone (microsoft, apple, Linux, BSD, ...) is trying to fix an issue that they are not responsible for in the first place, !SUCK!

Skickat från min SM-G900F via Tapatalk

Offline christianvl

  • Member
  • ***
  • Posts: 139
  • Karma: 24
  • The Wheel weaves as the Wheel wills
    • View Profile
  • Peppermint version(s): 8
Re: ATTEN. Intel cpu users
« Reply #38 on: January 06, 2018, 11:33:02 am »
thought you folks might like this one...microsoft strikes again in their attempt to "fix" meltdown and spectre...enjoy...DAMIEN

http://news.softpedia.com/news/windows-10-cumulative-update-kb4056892-meltdown-spectre-fix-fails-to-install-519238.shtml


ps...i especially enjoyed the comment made person writing microsoft community thread number 3 where he states after his system borked

" I understand that making the machine unbootable is the best protection from remote exploitation, but I would rather have the OS working."
So rigth now it's safe to say that Windows AMD users are the most affected by something that they should be the last to worry?

Enviado de meu Quantum Fly usando Tapatalk

There are neither beginnings or endings to the turning of the Wheel of Time. But it was a beginning.

Online VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 3984
  • Karma: 736
  • Peppermint Mod
    • View Profile
Re: ATTEN. Intel cpu users
« Reply #39 on: January 06, 2018, 12:08:28 pm »
thought you folks might like this one...microsoft strikes again in their attempt to "fix" meltdown and spectre...enjoy...DAMIEN

Glad you posted this.

I just bought a Dell 7010 refurb for our office. Needs '10 Pro' to run our custom accounting proggie.

The old computer didn't have the hardware necessary to support the '10' upgrade, blah, blah, blah.

It's supposed to arrive Sunday (2-day shipping), and I wanted to start setting it up at the abode before Monday rolled around.

I did some quick checking on this situation. Get this - AV software is blocking the winders patches ...

Quote
Antivirus firms are playing patch catch-up, as Microsoft releases Meltdown firmware updates for Surface devices

As Microsoft warned this week, it's not delivering its January 3 Windows security updates to customers if they're running third-party antivirus, unless the AV is confirmed to be compatible with it.

LINK: Windows Meltdown-Spectre fix: How to check if your AV is blocking Microsoft patch | ZDNet

Oh, what a tangled web we weave. Guess I better tread lightly ...  8)

Offline DAMIEN1307

  • Member
  • ***
  • Posts: 154
  • Karma: 11
  • non illigitamus carborundum est
    • View Profile
  • Peppermint version(s): Peppermint 8.5 (Respin) 64 bit
Re: ATTEN. Intel cpu users
« Reply #40 on: January 06, 2018, 12:34:32 pm »
hi vindsl...glad that post was enlightening for your work computer accounting situation...if its running an AMD chipset you do not need them to bork it on you...ive been staying on top of this and have been implimenting the #1 - the kernel update to 4:13 series,...#2 - the microcode update for INTEL chipsets to the latest Jan. 5th update,...and #3 - the workaround for chrome/chromium and firefox browsers for all of my peeps computers ive converted to Linux OSes...these fixes and how to do them are in my previous post here in my "cumulative what ive found out so far" post...ALL are working fine with ZERO hickups in implimenting these changes...we are all now just waiting for the kernel security updates coming out on Jan. 9th...keep in mind that ubuntu is not implimenting the fixes in the 4:10 and 4:13 series kernels since support is about to expire...in linux mint and peppermint as far as i can see, you will either have to regress to 4.4 LTS series kernels or advance to the 4.13 HWE series kernels in order to obtain the kernel security updates...as far as i can tell so far, this should then be the end of this issue at least for linux users...microcrap windbloes? well who knows how long the issues will exist if their patches are borking peeps AMD systems...this is the only time i feel bad for microsoft though since this is a problem they didnt cause but i foresee their are going to be angry villagers with torches and pitchforks outside the main castle walls of INTEL for causing this problem since 1995...DAMIEN
ORDO AB CHAO

Offline DAMIEN1307

  • Member
  • ***
  • Posts: 154
  • Karma: 11
  • non illigitamus carborundum est
    • View Profile
  • Peppermint version(s): Peppermint 8.5 (Respin) 64 bit
Re: ATTEN. Intel cpu users
« Reply #41 on: January 06, 2018, 03:09:59 pm »
and now for this little tidbit from :the horses mouth" ie...the kernel developers...DAMIEN

http://kroah.com/log/blog/2018/01/06/meltdown-status/
ORDO AB CHAO

Offline pin

  • Trusted User
  • Veteran
  • *****
  • Posts: 1082
  • Karma: 120
  • Peppermint7
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)
Re: ATTEN. Intel cpu users
« Reply #42 on: January 06, 2018, 04:41:12 pm »
Thanks! Nice read

Skickat från min SM-G900F via Tapatalk


Online VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 3984
  • Karma: 736
  • Peppermint Mod
    • View Profile
Re: ATTEN. Intel cpu users
« Reply #43 on: January 06, 2018, 04:54:27 pm »
Thanks! Nice read

Agreed!

Now, we KNOW what happened ...  https://goo.gl/mbQNkX

Offline pin

  • Trusted User
  • Veteran
  • *****
  • Posts: 1082
  • Karma: 120
  • Peppermint7
    • View Profile
  • Peppermint version(s): Peppermint 7 Respin (64bit)
Re: ATTEN. Intel cpu users
« Reply #44 on: January 06, 2018, 05:26:36 pm »