[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / r / s / t / u / v / vg / vr / w / wg] [i / ic] [r9k / s4s / vip / qa] [cm / hm / lgbt / y] [3 / aco / adv / an / asp / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / qst / sci / soc / sp / tg / toy / trv / tv / vp / wsg / wsr / x] [Settings] [Home]
Board
Settings Home
/g/ - Technology



Thread archived.
You cannot reply anymore.



File: intel fuck.png (140 KB, 745x669)
140 KB
140 KB PNG
Well, this is the end.
https://twitter.com/brainsmoke/status/948561799875502080
Apparently it's caused by branch prediction on not-taken branches.
>>
>>64129994
Man I wish I knew what the fuck you are taking about.
>>
>>64129994
This was implied with the statement from AMD about whether it affected them or not.

>AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.
>>
explain this my friend :)
>>
Can somebody explain this gibberish please?
>>
File: 333997286918979585.png (25 KB, 128x128)
25 KB
25 KB PNG
>>64130499
It allows ring-3-level user code to read ring-0-level kernel data.
>>
>>64130574
tyvm
>>
Is this the same as the bug in this article from 2016?

http://www.digitaljournal.com/tech-and-science/technology/intel-processor-flaw-lets-hackers-bypass-security-mechanisms/article/477620
>>
>>64130499
>>64130562
https://stackoverflow.com/a/11227902
>>
>>64130574
What exploits does this enable?
I've read about the risks for cpus hosting multiple vms where memory can be read and written from one to another.
What's the risk for the layman?
>>
>>64130574
English, doc.
>>
>>64130574
What about negative rings
>>
>>64130625
Imagine a rootkit that you cannot really patch because it's present in the actual hardware. That's what the flaw basically is. If software knows about the problem it can use it to instantly bypass every OS level security feature and effectively become root and then do whatever the fuck it wants to wreck your shit.
>>
>>64130723
God why do we even have computers fuck this
>>
>>64130723
How can a piece of software become root solely by reading kernel memory?
>>
File: 1513980552.jpg (7 KB, 250x230)
7 KB
7 KB JPG
>>64129994

what does this mean? can Intel hardware bug be fixed without penalty loss?
>>
>>64130747
Aslr bypass i think
>>
If we have so much fucking access now why can't we just make a simple tool to remove Intel ME on every single Intel CPU

Yeah I don't know what the fuck am I talking about but still
>>
>>64130723
H-how can this exploit be delivered?
>>
>>64130649
Anything on your computer can read your secret data like passwords, etc.
>>
>>64130779
Remember b9s for the 3ds its like that. It cant be fixed unless you get new hardware wuth it fixed. Its in silicon
>>
File: 1499828465338.png (46 KB, 1500x844)
46 KB
46 KB PNG
>>64130723

LOL
>>
>>64130608
Interesting read. I've been thinking for a long time, is there no way to branch out code without if statements?
>>
>>64130747
It's not the flaw itself but what the flaw allows for. It can read and write at the kernel's privilege level which allows anyone to do anything the root user can do. It's not quite as intuitive as an actual "root" account but it can do all of the same things given enough time and effort.

>>64130794
Worst case anything running on the CPU can make use of the flaw, something as simple as javascript that happens to be interpreted the "correct" way can cause your system to be compromised.
>>
>>64130826
It affects AMD too.
>>
>>64130815
What's a computer?
>>
>>64130779
The Windows insider preview seems to just show a 0.5-5% performance loss in gaming and most applications. Not sure about SQL and stuff yet.

5% performance loss in gaming is major to some people, though. Often Intel is only 5% faster.

>>64130827
Uh sure, like switches, but those still use the branch predictor.
>>
>>64130865
I think the exploit is read-only, it allows reading from kernel memory, not modifying it.
>>
>>64130878
A woman who likes doing math.
>>
File: 1514990068639.png (79 KB, 580x420)
79 KB
79 KB PNG
>>64130875
nope
>>
>>64129994
so it has nothing to do with the kernel issues that macos and windows patched out a month ago then?
>>
How would you take advantage of this? A program with a bazillionfuck branches that attempts to read kernel addresses on the branches that are never executed to avoid segfaulting and then somehow reading them anyways?
>>
>>64129994
>cat
Why is he using cat in this case? Why should I trust a literal retard?
>>
>>64130912
then why are most people today, including Google who claim to have discovered this last year, saying AMD is affected?

https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html

>These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running them.
>>
>>64130203
>>64130562
>>64130499

Leave
>>
>>64130888
> Often Intel is only 5% faster
keep on dreaming AMD poorshit
>>
>>64130888
>switches
What, the switch-case thing? I was thinking more of using function pointers.
>>
>>64130875

Nope,

the current fixes affect AMD because loonix kernel guys have just applied the fix to all x86.
>>
>>64130912
You're wrong.
>>
>>64130943

AMD x86/64 is apparently not affected, but some niche AMD processors are.

so its a scam by Intel, as noone cares about some custom 0.0001% of total AMD cpus
>>
>>64130747
>How can a piece of software become root solely by reading kernel memory?
read memory where root password is
login as root
>>
>>64130943
Because they're being paid by intel to shut it down. You do know intel is the same company that literally spent billions of dollars to get OEMs to not buy AMD CPUs even for free, right?
>>
>>64130943
Intel: Say that also is AMD and we give you súper discount, and a house
Goigle mánager: ok after all is just a couple of words
>>
>>64130994
did you even read the Google blog? there are multiple attack methods here, AMD x64 is affected by some, fuck off shill
>>
>>64130943
They don't explain in any respectable detail how AMD and ARM are affected
>>
>>64130991
I would love to see your sources factually backing up that statement.
>>
File: 1513363691470.png (80 KB, 862x855)
80 KB
80 KB PNG
>>64130961
>hahaha I spent more money on my hardware rootkit you fucking poorfag!
>>
>>64130723
No, its actually worse than this. There is no rootkit because rootkits on intel processes are redundant now. Why bother with a rootkit when regular javascript code can just pluck sensitive stuff out protected kernel memory. In order to stop that you are going to need to take a 30% performance hit on every system call. It doesn't mean much for the home user but Amazon, Microsoft and all the other cloud service people are just looking at the data centers knowing that every xenon CPU they spent millions on will get 30% slower when the software patches hit.

Lisa Su can basically put in order for a gold plated super yacht now. The only limit to AMD's server CPU sales is how many they can make.
>>
>>64131039
Did you make this one? Because out of all of them this one really shines like brain cancer on an MRI scan. I love it, saving it rn.
>>
>>64130943

t. butthurt Google employee who went with Intel instead of AMD for the Google Cloud Platform server upgrade
>>
>>64131062
>doesn't mean much
Excuse you, dickhead. I paid cash money for this processor.
>>
>>64131036
AMD does also make ARM processors using reference cores, maybe they're talking about those?
>>
>>64131038
>Meltdown wasn't the only problem uncovered by the researchers, however. They detailed a related issue dubbed Spectre, which they believe is harder to address than Meltdown and for which there aren't yet patches available. As noted in a whitepaper, which contains the full technical details, Spectre attacks induce a victim application to carry out the speculative execution "that would not occur during correct program execution and which leak the victim’s confidential information via a side channel to the adversary." Worryingly, it's not just Intel systems that are affected, but computers running AMD and ARM too, the researchers claimed. That would amount to not millions, but billions of machines.
https://www.forbes.com/sites/thomasbrewster/2018/01/03/intel-meltdown-spectre-vulnerabilities-leave-millions-open-to-cyber-attack/
>>
>>64131034
>custom x86-64s are shit
No fucking shit you mong.
>>
Someone quickly check if Sandy Vaginas are affected by this.
>>
File: list.png (95 KB, 805x283)
95 KB
95 KB PNG
>>64131190
>>
>>64131190
of course they are lol

This is Intel's death sentence
>>
>>64131190
Every Intel cpu
>>
>>64131190

is sandry bridge 10 years old? if no, you're fuk
>>
>>64131211
>>64131210
>>64131208
Thanks faggots.

Now I'm 100% certain this is an NSA backdoor.
>>
>>64131098
Are you running a database or running a bunch of virtual machines? Those seem to be the use cases that are taking a 20-30% performance hit. I think people were reporting performance hits for gaming at under 10%.
>>
>>64130779
Hillary just installed the patch on her server, and her house burned down.
>>
>>64131247
If it's not 0%, then it's an objective loss.
>>
>>64130949
>/g/ is only for kernel devs
>>
>>64131137
How does it affect AMD CPUs? Don't they have this things that checks if code is supposed to run alongside protected code or something?
>>
So if I write code that the branch predictor predicts will lead to data from kernel memory being loaded into a register it will pre-emptively load this data to an accessible location which can then be read without special privileges? And the error lies in the part that the predictor ignores memory protection? I only have generic CPU knowledge from microcontrollers so I'm unsure how registers are handled in x86
>>
>>64131063
>>
>>64130599

No that's a different but equally alarming intel flaw.
>>
File: CIA.jpg (79 KB, 716x768)
79 KB
79 KB JPG
It wasn't for the IC, we know that for sure.
>>
>>64130943

ARM64 designs are affected, and AMD happens to manufacture some. Doesn't affect AMD x64 arch.
>>
How to check if my shit is vulnerable>
>>
>>64131444
If it's Intel it's vulnerable
>>
>>64129994
Reminder Chinese CPU don't have branch predictions.
>>
this is why mainframes use external cryptographic processors for ssh / OLTP
>>
>>64131444
Does your processor say "Intel" on it and is it newer than a 486?
>>
File: 1512428881588.gif (858 KB, 200x267)
858 KB
858 KB GIF
>>64131444

look up your processor manufacturer, if it has "Intel" as the manufacturer name, it is affected by the hardware security flaw
>>
File: 1500261108728.png (67 KB, 510x332)
67 KB
67 KB PNG
>>64129994
Pack it up folks, we're done here...

>He said he's "relatively confident" that a leaked security issue has not been exploited, and that the industry has been working together for a couple of months to address it.

CEO of intel says no one exploited their backdoor.
https://www.cnbc.com/2018/01/03/intel-ceo-brian-krzanich-on-security-flaw.html
>>
>>64131460
fml. what do?
>>
>>64131533

how would they know though? I thought that the hardware flaw allows anyone to bypass any security meassures, whether they are software or hardware security preventions
>>
File: 1507573686409.jpg (86 KB, 964x960)
86 KB
86 KB JPG
>>64131577

buy AMD Ryzen next time you are looking to buy new computer
>>
>>64131577
Buy AMD or wait for a year for Intel to release the new CPUs that don't have this flaw, and give them more money despite fucking you in the ass.
>>
>>64131460
>>64131515
>>64131529
>Intel Core i5 CPU 520
Poorfag, no h8.
fml. what do?
>>
>>64131533
Intel just exploited everyone elses backdoors with their poorly engineered cock
>>
>>64131577
>>64131596
>>64131609
>you seemed to have mistyped the captcha
>still posts
By then I'll be rich, so alright, thanks /g/uys!
>>
>>64131582
It can be used to bypass ring 0 security measures but ring -1 measures like management engine can still observe, intercept, and disrupt those things.
>>
>>64131533
So what are they going to do for my company that will have to replace devices in the field with all new hardware, because they can't afford a 30% performance hit? Surely Intel will be writing a check to cover all my device replacements?
>>
>>64131668
There is nothing to disrupt. The kernel executes the read before anything else and dumps the kernel memory.
The CEO saying he's sure no one exploited it is akin to hillary clinton saying no one hacked her server,
>>
>>64131644
Linkie detected, lmao keep dreaming you intelcuck.
>>
>>64131701

>Atoms breaking shit?
>"Deal with it goyim, its not our problem"
>>
So they'll just buy 20-30% more cpus to run the servers. What's the big deal?
>>
>>64131529
nice kuumin
>>
>>64131707
I was thinking confidential things like passwords can be encrypted using management engine which could disrupt password stealing malware making use of the CPU bug. I wonder if management engine is also susceptible to the hardware bug?
>>
>>64131768
If you've spent $200m on processors thats another $40-$60m you need to spend to maintain similar performance. Consider what that does to profitability, cashflow and debt burden.
>>
>>64131768
this
>>
File: 1502470689453.gif (993 KB, 250x250)
993 KB
993 KB GIF
>>64131768
>>
the bug has been there for a decade and noone took advantage. does this mean i can skip the windowns update and keep better performance?
>>
>>64131768

and 20-30% more motherboards, ram, power supplies etc
>>
>>64131855
they could buy epyc
>>
well, couldnt you just ask kernel for that already?
>>
>>64131881
We could have gotten better fappening nudes.
>>
File: 1514270259929.png (10 KB, 231x164)
10 KB
10 KB PNG
>>64131881

>hardware flaw that can be exploited without being detected
>>
File: l3YmZ.gif (488 KB, 788x1175)
488 KB
488 KB GIF
>>64131910
so anyone who is not dumb enough to be taken advantage of is A ok
>>
>>64131855
So that's what $2 increase to spotify and netflix?

I can live with it.
>>
>>64131247

Then Intel should refund 10 - 30% of the cost of my 7700K.
>>
File: 1508269427980.png (13 KB, 217x224)
13 KB
13 KB PNG
>>64130574
Not entirely related but what "ring level" would Intel ME be considered in?
>>
>>64131961
ill wait for benchmarks
>>
File: js.jpg (68 KB, 1024x375)
68 KB
68 KB JPG
>>64131701
>About 60% of Intel Israel's employees are engaged in cutting-edge R&D, while half support high-volume manufacturing of microprocessors that power the world's computing devices.
https://www.intel.com/content/www/us/en/corporate-responsibility/intel-in-israel.html
>>
>>64132007
ring -2
>>
>>64132007
Somewhere in the negatives
>>
>>64132007
Management Engine is considered ring -1, it's actually beyond this bug and could potentially be used to secure some things against it even but I don't think it can actually stop the bug from being performed by a piece of software so the bug is still very dangerous.
>>
>>64132072
>and could potentially be used to secure some things against it
awesome, fix the insecure pile of shit with the obscure botnet
>>
>>64131062
> Lisa Su can basically put in order for a gold plated super yacht now
FAILING UPWARD, BABY
>>
>>64131227

Intel Management Engines already have a deep state back door.
>>
>>64131969
Everyone knows computers can be compromised, nudes on your phone are public property.
>>
File: we are root.png (43 KB, 808x1053)
43 KB
43 KB PNG
>>64130999
>>
>>64130794
JavaScript running on a webpage can do it. Doesn't even matter if your web browser is sandboxed once the script gains root privileges.
>>
>>64130562
>>64130649
>>64130779
>>64130499
>>64130203

Why are you even here?
>>
>>64130723
It doesn't even become root, it becomes ring 0, which is the "can brick your motherboard by overwriting the BIOS code with all 0s" type of bad.
>>
File: .png (46 KB, 740x563)
46 KB
46 KB PNG
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
So Sceptre is supposed to affect everything, but only on AMD with BPF JIT enabled, which doesn't happen by default? And Meltdown only affects Intel. Anyone know for sure?
>>
>>64132266
This
>>
File: EJIVPOT.jpg (68 KB, 633x711)
68 KB
68 KB JPG
why hasnt this bug been exploited yet? why is it blowing up now?
>>
Basically the main function of this hack is to take control of the hypervisor and snoop on other VMs in the cloud. This is corporate espionage, you probably had to pay Intel millions for the secrets.
>>
>>64132158
>nudes on your phone are public property.
only if you own an iphone since they auto upload to "the cloud"
>>
>>64131617
Right now you can either deal with it or buy an AMD, because literally all Intel processors are affected, including those produced right this instant.
>>
>>64132239

Trying to learn, you faggot.
>>
>>64132271
Spectre affects Ryzen too
>>
Theo was right:
"x86 virtualization is about basically placing another nearly full
kernel, full of new bugs, on top of a nasty x86 architecture which
barely has correct page protection. Then running your operating
system on the other side of this brand new pile of shit." (2007)
https://marc.info/?l=openbsd-misc&m=119318909016582&w=2
>>
File: 1514830945143.jpg (6 KB, 223x226)
6 KB
6 KB JPG
>>64132158
i have nothing on my computer. unless this exploit can find passwords that chrome saves, im not concerned
>>
>>64132283
>implying it hasn't been exploited
>>
File: straw.png (93 KB, 369x387)
93 KB
93 KB PNG
>>64132357
how have i not been HACKED yet?
>>
>>64132283
It's an undetectable exploit. Who's to say it hasn't been exploited yet?
>>
>>64132347
It can
>>
>>64132344
"allegedly"

We know about the speculative execution bug, but we know literally nothing about spectre, whatever the fuck that's supposed to be. AMD also claims in clear terms, meaning non lawyer speak, that they are absolutely not affected by any of this based on how their architecture works.

Chances are good that AMD is not affected.
>>
>>64132347
It literally can
>>
>>64132347
>unless this exploit can find passwords
That's exactly what it can do. And then some.
>>
>>64131987
wow, so the intelcuck will literally eat up anything!
>>
File: 1489970855538.jpg (41 KB, 615x477)
41 KB
41 KB JPG
>>64132404
T. person who bought out latest AMD releases to resell on ebay
>>
>>64132060
-3 friend
>>
>>64129994
How does one git gud like that guy from Twitter?
>>
>>64132347
This exploit can brick your whole system you dumb dumb, or write the bitcoin miner right into your BIOS.
>>
>>64132344
Spectre 1 can be patched easily without a performance loss.
Spectre 2 is an irrelevant meme that is almost impossible to exploit and can't be patched anyway, it's just smoke and mirrors to distract you from Intel's Meltdown meltdown.
>>
File: o86jz.jpg (214 KB, 2000x1488)
214 KB
214 KB JPG
>>64132411
if i lose 30% performance im returning my 8600k
>>
>>64130896
i thought that was the fear though, that by reading the memory & physical location you could carry out attacks like rowhammer, but people who know more about it than i seem to think that might be a meme, but seem divided.
>>
File: 1512372137143.gif (399 KB, 500x281)
399 KB
399 KB GIF
>>64132325
Read a fucking book then turbonigger
https://en.wikipedia.org/wiki/Protection_ring?wprov=sfla1
>>
>>64130574
Fuggg :DDDD
>>
>>64132395
It most likely has been exploited by nsa/cia or some other intelligence agency. Given the recent leaks of what they were capable back in 2007 its likely they have known about this bug for a while. Given how fucking major this is its likely it was only used on most important targets and not regular joe the script fag.
>>
>>64130966
You need to assign a function pointer 1st and how do you do that?
>>
>>64132482
Spectre is a new class of attack.
>>
>>64132437
I replaced my intel + nvidia recently with 1600 + rx 580. I also own AMD stock.
>>
This is why US and UK Navy ships and submarines have been running pre 2007 hardware and software, isn’t it?
>>
>>64131668
ME is -2
>>
>>64132411
source on that image? I want to read through it.
>>
>>64132651
https://meltdownattack.com/meltdown.pdf
>>
>>64132651
https://meltdownattack.com/
read the papaers
>>
>>64132461
learn assembly language
>>
>>64132411
>The reasons for this can be manifold.
>manifold

why the FUCK are we listening to them?
>>
>>64132347
>chrome
>>
>>64132643
Everything since Pentium, except probably the pentium 4. There's no escape from this hell inlels.
>>
>>64131529
>>64131819
ayy
>>
>>64132770
>le ebin bipeline P4 may start being touted as the latest Go to Intel chip for those concerned about security.

What a time to be alive.
>>
>>64132805
Hyperpipelines were THE right way all along!
>>
>>64132643
>>64132770
>>64132805
>>
File: 1469367433283.jpg (92 KB, 800x600)
92 KB
92 KB JPG
>>64132841
GG
>mfw the techno-pocalypse has begun
>>
>>64130875

Negative.
>>
>>64130961
>>64131039

Haha the butthurt Intelfag got wrecked.
>>
>>64132841
brb buying an old Integrity server on ebay and HP-UX license
>>
File: 1505587106836.jpg (44 KB, 638x629)
44 KB
44 KB JPG
https://newsroom.intel.com/news/intel-responds-to-security-research-findings/
>>
>>64132841
>>64133002

Pick up your HP BL860c's while they are still cheap on ebay
Thank me later
>>
File: le funne spectre.png (136 KB, 2048x1621)
136 KB
136 KB PNG
>Meltdown
>every processor since 1995
>every processor
>since
>1 9 9 5

>Spectre
>every system
>we have verified Spectre on Intel, AMD, and ARM

All that time spent corebootin' and ME_cleanin'

Useless

It turns out that any attempt to harden anything in the last quarter of century was just a waste of time

infosec is more and more like watching a circus of baboons fighting with their poo
>>
>>64133049
You can run frommeltdown but you cannot run from spectre
>>
>Meltdown
Affects mainly Intel due to their retarded predictive branching without security check

>Spectre
Affects x86 ARM architecture. Much harder to execute.
>>
>>64133049
>BL
enclosures are expensive though
>>
>>64133080
>infosec is more and more like watching a circus of baboons fighting with their poo
You won the internet.
>>
>>64133032
Posted.
>>
>>64133103
build one with aluminum t-slot
https://eagle-aluminum.com/t-slot-aluminum-extrusions/
>>
>>64133102
>Spectre
>affects everything
ftfy
>>
>>64133102
>Affects mainly Intel due to their retarded predictive branching without security check
this was a pre-disclosure... speculation. Patches are in place to target explicitly ARM 64 and it should and could target AMD as well. We'll learn more and more in the next hours/days. Be prepared for more
>>
>>64130984
the fix has a if condition that checks if the processor is from amd, and if it's true doesn't apply the fix.
>>
>>64133236
Thats linux only
>>
>>64133250

>>>64130875
>Nope,
>the current fixes affect AMD because loonix kernel guys have just applied the fix to all x86.
>>
File: 430.jpg (60 KB, 699x485)
60 KB
60 KB JPG
>>64133298
Do you think microsoft will push a patch to windows xp due to the severity of this?
>>
>>64132731
>>manifold
>why the FUCK are we listening to them?
huh?
>>
>>64133298
So wtf? Nope it doesnt apply, or nope, yes it applies to all x86

Also who gives a shit about linux, there will probably be a patch and if one doesnt it want one doesnt install it

What about windows, is windows affected under amd?
>>
>>64133236
>the fix has a if condition that checks if the processor is from amd, and if it's true doesn't apply the fix.
No, that was a patch from AMD and it has never been mainlined. Every x86 processor is marked as CPU_INSECURE and we have NO elements at the moment to state that AMD claims in that patch are correct.
The disclosure, so far, references out-of-order execution rather than Intel's predictive branching as the culprit.
>>
>>64133178
Nigga it's a fucking blade. It doesn't have networking, it doesn't have power supply. That's why you need to stick it into the enclosure.
>>
>>64133329
They already did fix the vulnerability that gave everyone the ransomware last year even on XP systems so this will probably get patched as well, considering it's much more severe.
>>
>>64132216
It doesnt gain root, it gains ring 0. Completely different concept, and infinitely more dangerous than simple root access.
>>
File: 1506068878764.jpg (49 KB, 640x640)
49 KB
49 KB JPG
>>64131256
(you) cheeky fucker
>>
>>64133329
I hope not. This will teach people to stop using dinosaur operating systems for production. My last job was still using XP for a long time.
>>
>>64130912
Sadly faggots like you are an ineludible cancer.
You shouldn't educate yourself on twatter, learn to check the facts. Like, check if the a proposed patch is rejected and check official advisories and academic papers.
>>
>Also to clarify, the Google team only demonstrated functional exploit PoC on FX CPUs (FX8320 & A-10), not Zen. Zen AFAIK is immune to all 3 exploits.

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\}}}}
>>
>>64133367
Are you twelve or simply brain damaged? It impacts everything everywhere to any degree. Read a fucking advisory sometimes
>>
File: 1513207019878.png (68 KB, 624x581)
68 KB
68 KB PNG
>>64133440
>>
>>64133405
>ring 0
Is that the same ring zero that contains secret cpu code, like intel cpus run their own mini os and shit
Can this bug be used to hack the cpus themselves, read that code?
>>
>>64133440
>Also to clarify, the Google team only demonstrated functional exploit PoC on FX CPUs (FX8320 & A-10), not Zen. Zen AFAIK is immune to all 3 exploits.

Source please. No source EVER states that a specific model is "immune", therefore I call bullshit.
>>
>>64132347
Yes, something that can do
https://twitter.com/misc0110/status/948706387491786752
this from fucking CSS code in your browser surely is no problem.
>>
>>64133508
No, ME is Ring -3.
>>
>>64133444
I am not talking about spectre but the bug that specifically affects intel and not amd
>>
>I'm fucking braindamaged

No need to reiterate
>>
>>64133532
The hardware flaw that only affects Intel and is mitigated by the performance killing patch is called meltdown. Fitting name.
>>
>>64133519
Oh.
OH.
>>
>>64133519
dammit
>>
>>64130203
It means that when you feel deja vu it's because you stole information from an alternate timeline.
>>
>>64133560
>only affects Intel
>>64133532
>specifically affects intel

No such thing. AMD has not been proven safe and there are no technical reasons atm to believe it's safe. How much AMD is fucked ny "Meltdown" is "unclear".
>>
>>64133519
>>64133565
>>64133574
>Yes, something that can do
>https://twitter.com/misc0110/status/948706387491786752
>this from fucking CSS code in your browser surely is no problem.
I'm scared to click anything now, even twitter pages.. What does it say?
>>
>>64131190
This shit affects Pentium III, what do you think?
>>
>>64133640
Here's the raw video file you can run in your browser without loading the page
https://video.twimg.com/tweet_video/DSp7SbVXcAAQ7FC.mp4
>>
>>64133640
It's an example of a keylogger using the exploit.
>>
>>64133630
AMD stated specifically that meltdown does not affect them and the patch won't affect systems using AMD CPUs. If meltdown affected them this would be a neon red sign the size of a house glaring lawyers please rape us.
>>
>>64133640
>too scared to use twitter but posts on 4chan fine with all the shady shit jap moot has been doing
>>
File: 1452633590113.png (196 KB, 356x354)
196 KB
196 KB PNG
>when you've got a shitposting machine in the form of a 10 year old memepad dedicated to nothing but 4chins and 2hu, and it doesn't matter if anyone reads it because there's literally nothing on it but a 1cc completion chart
Guess I'll be shutting down my desktop and doing nothing else. 2018 is already a good year.
>>
>>64132841
>mfw had a atom netbook just a while ago
>i have no face
>>
>>64131034

Lol. Nope.
>>
File: 1501269975729.jpg (36 KB, 600x500)
36 KB
36 KB JPG
>>64133679
>>
>>64132266
Remind me again, why can the BIOS be written to without flipping a hardware write protect switch?
>>
>>64133689
>AMD stated specifically that meltdown does not affect them and the patch won't affect systems using AMD CPUs.

That was their patch, and it has been rejected. And no, they didn't address meltdown, they stated that their CPU shouldn't be marked as INSECURE; and this is incorrect, since they're vulnerable to Spectre for sure.

About lawyers, they'll be partying all over everyone regardless of anything
>>
File: 304041657274204170.png (20 KB, 112x112)
20 KB
20 KB PNG
>>64133679
GG lads, it's been fun on the internet while it lasted.
>>
https://xenbits.xen.org/xsa/advisory-254.html
https://xenbits.xen.org/xsa/advisory-254.html
https://xenbits.xen.org/xsa/advisory-254.html
https://xenbits.xen.org/xsa/advisory-254.html

Xen advisory released
>>
>>64132344

Spectre patch has negligible perf hit.

Not an issue.
>>
>>64133777
https://access.redhat.com/errata/RHSA-2018:0011
https://access.redhat.com/errata/RHSA-2018:0011
https://access.redhat.com/errata/RHSA-2018:0011
https://access.redhat.com/errata/RHSA-2018:0011

Redhat advisory released
>>
>>64131208
Lol, my fucking disguting abortion of Intel atom n2600 is unaffected
>>
>>64133791
It's the same fucking patch.
>>
>>64133356
Ssh, he doesn't know the difference btw manifold and manyfold...
>>
So when are we going to start training Mentats, fellas?
>>
thank god i still have my atom netbook
guess it still serves a purpose after all
>>
>>64133756
Everything is vulnerable to spectre. The patch only addresses meltdown, that's what the page table separation that is the cause of the performance hit is for.

The patch will definetly not affect AMDs CPUs.
https://www.phoronix.com/scan.php?page=news_item&px=Linux-Tip-Git-Disable-x86-PTI
>>
>>64133815
PTI is used only against meltdown and the cause of the performance hit. No meltdown vulnerability, no need for PTI.
>>
>>64133821
>Atom
It's affected too.

Of course if you trust the software you run not to be malicious, you can stick "nopti" in your kernel command line to disable the patch, and continue at the low performance level you're used to from that Atom CPU.
>>
>>64133815
meltdown and spectre are two different things
>>
>>64131063
Vast majority of them are from /tv/

t. was there when it happened.

Also this is a supremely interesting topic, but alas my software knowledge is next to lacking here.
>>
>>64133796
https://access.redhat.com/security/cve/CVE-2017-5754
Intel only
https://access.redhat.com/security/cve/CVE-2017-5715
AMD too
https://access.redhat.com/security/cve/CVE-2017-5753
AMD too
>>
>>64133811
Isn't Atom N basically the same thing as Celeron N (which is affected)?
>>
>>64133848
>No meltdown vulnerability, no need for PTI.
AMD has not been proven exempt from Meltdown.
>>
>>64133850
aren't old atoms supposed to be unaffected
wtf i'm destroying it now then
>>
>>64133815
>>64133791

There is no patch against spectre
>>
>>64133820
Mentats can't communicate with each other around the world without a computer. Doesn't matter how much RAM you've got if you aren't internet facing.
>>
>>64133356
Don't worry, it's just another /g/ sperg who can't grasp the concept of etymological equivocation. The word 'manifold' kicked him into geometry mode, which of course doesn't apply in the least to the manner in which it was used, and the only way his brain could handle the exception was by shitposting on 4chan.
>>
>>64133895
It hasn't been proven to be affected either. Go tell IBM that they can't use their POWER stuff until they prove its not affected by meltdown.

The fact that PTI won't be used with AMD processors shoes that they known they aren't affected.
>>
>>64133913

Just give your Mentat an analog phone. I'm sure he'll be fine.
>>
>>64133903
>wtf i'm destroying it now then
What... why? Even if it is affected, you either leave KPTI on by default and take the performance hit which isn't that terrible, or you turn it off with nopti and be careful not to run anything that exploits it.
>>
File: AfricanAustralian.jpg (298 KB, 846x1200)
298 KB
298 KB JPG
I think Intel did this on purpose so people willing have to update.
>>
>>64133585
I have this weird feeling this may have happened to me, or someone like me.
>>
>>64133943
was just joke
so all atoms are affected anyway? it's a n455, any perfomance hit is a kiss of death for it
>>
>>64133942
Here in Burgerland we are at best not maintaining and at worst actively destroying landline infrastructure.
>>
>>64133962

You're taking my shitposts way too seriously dude. Just let me have my fun.
>>
>>64133903

If your CPU allows OoOE it's vulnerable. That's every Intel CPU since pentium 2
>>
>>64133935
>>The fact that PTI won't be used with AMD processors
That's just a speculation. The exception is not mainlined, only the rule is there, and the academic papers point out that they can't currently exclude AMD.
>It hasn't been proven to be affected either.
This doesn't mean jack shit, and further appeals to rhetorical fallacies are ignored.
>>
>>64133858
They are 2 different attack vectors using the same vulnerability in the chips developed by different teams.
>>
>>64133969
Sorry.
>>
>>64134009

It's okay. These are weird times for everyone involved.
>>
>>64130912
this never made it into mainline though. stop shitposting.
>>
>>64134000
Did you read the article? Its already sitting in a known tree, if its mainlined with 4.15 or .16 makes no difference. Besides that you don't state your products aren't affected if you know they are, they'd go out of business in less than a year with practises like this. Bending words like Intel does right now and outright lying isn't the same thing.
>>
>browser JavaScript using Meltdown can read all of the physical memory of a system
Intel is literally fucking finished.
>>
>>64133893
https://ark.intel.com/products/codename/37505/Cedarview

No, its a pre bay trail atom, before Intel made them barely usable. It's the last specimen of the shitty netbook atoms era. The second most powerful atom of this kind, behind the n2800. And it is still fucking shit. More in detail, works 32 bit only and comes with a powervr igpu (power vr 3600), with (abysmal) 3d acceleration drivers available only for windows 7 32 bit.

Wanna hear the funny thing? It came loaded with ubuntu from asus
>>
File: 1pdyjbC.jpg (63 KB, 540x641)
63 KB
63 KB JPG
Ring 0 - The kernel runs in this space, as well as some drivers. Any code running with ring0 privileges can read and write anything in memory. ANYTHING. It has full control over your hardware.
Ring 1 and 2 - Mostly drivers
Ring 3 - Applications - they have their own virtual memory space and can read and write only inside their own allocated memory block. They can't access memory outside of that. The MMU handles that stuff.

This exploit allows Ring 3 applications (as in, any application you open on your PC) to read memory just as if it were running in Ring 0. This means it can wiggle into the memory space of e.g. Firefox and read all the passwords which are kept in memory. What's even worse, this exploit can't be fixed by updating the CPU microcode. The patches we'll be receiving in the next few hours are essentially workarounds for shitty hardware.

Because CPU manufacturers can't really just add more transistors or increase the CPU's frequency like they used to, they have to resort to various optimizations to make things work faster. Caching, prediction, special instructions, etc. This means James, Schlomo and Pajeet at Intel HQ can fuck up and create a really shitty CPU with plenty of exploitable possibilities, and the only way to fix them is to buy a new CPU.
>>
File: 1510015719247.png (120 KB, 443x451)
120 KB
120 KB PNG
>>64130574
This means... Imminent bankruptcy?
>>
>>64134069
>Did you read the article? Its already sitting in a known tree, if its mainlined with 4.15 or .16 makes no difference.
Sadly moronix takes that for granted. It's not.
>Bending words like Intel does right now and outright lying isn't the same thing.
I did not bend anything. I did not cite moronix nor Intel. I only stated FACTS and non adulterated ACADEMIC PAPERS. I am NOT trying to push any agenda against or for any chip manufacturer.
>>
>>64133993
For meltdown not all intel cpu, for spectre all and everything.
>>
>>64130943
Because intel is 900ton gorilla'ing them to bleat their way.
The flaw 'affects' AMD architectures in that it will read out of order memory from its own process, but it cannot escalate or escape.
There's one exception if you use an old debian with ebpf jit on which is non-standard and only on the A8 R7 core.

Basically it's big money gorillas trying to make it seem like it's really everyone's problem when the vulnerability part is tied to intel and probably whatever prediction shit they work with for ARM because theirs have it too.
It's right in the white paper.
>>
File: 1501450636151.png (257 KB, 562x567)
257 KB
257 KB PNG
>>64129994
>his CPU uses branch prediction
>>
>>64133949
Nah. When the discovery of something like this causes the CEO to sell off stock, and people to talk about switching to the competitor, that isn't an intentional thing.

It could have been put in as a NSA backdoor that's just now being discovered publicly. Or it could be a result of Intel's shift to a faster design cycle with less testing and validation, which they did to keep up with AMD. Or it could be a thing that was done to squeeze a little extra performance out of the chip, without fully thinking through the consequences.
>>
>http://elbrus2k.wikidot.com/elbrus-2000
>Speculative execution explicitly program controlled
We can turn it off ?
>>
File: bugs.jpg (170 KB, 720x540)
170 KB
170 KB JPG
>>64134088
While this is an issue on desktop and mobile devices, the main shitstorm lies within the datacenter. Various servers are virtualized these days, and this means you can fire up an instance on Amazon AWS, DigitalOcean, Azure, or wherever, and read other people's memory.

Amazon is in the process of forcefully patching all of their equipment right now.
>>
The death of x86
Was nice seeing you
>>
>>64130875
Not according to linus. And I am more apt to believe him than intel.
>>
>>64134197
It's VLIW.
Like Itanic.
It's scheduled statically.
>>
So where the fuck are the Windows patches?
>>
>>64134080
lel yours is newer than my n455 (pineview)
they're all still affected though, i think it's only first gen atoms that aren't
>>
File: End of gondogelion.png (396 KB, 1200x750)
396 KB
396 KB PNG
>>64134219
This is the Y2K of our time. Brace yourselves, we are watching right now the death of computing as we know.
>>
>>64134219
AArch64 is also vulnerable, sweetie.
Bleeding-edge A75 is vulnerable to fucking Meltdown ffs.
>>
how do you minimize your vulnerability as an intel user?

are older i5s as vulnerable as newer i7s?
>>
>>64133957
IDK if the n455 is affected or is too old. Early Atoms were completely in-order with no branch prediction at all (first Intel CPU like this since the 486, lol), which would mean they're unaffected.

Regardless whether it's affected, your kernel WILL apply the patch to it because it assumes that all x86 (or all non AMD x86) are affected. It doesn't have a per model list. The patch will cause a performance hit regardless whether the CPU was affected by the bug.

Also regardless if it's affected, you can add nopti to the kernel command line to disable the patch. If it was not affected, you stay as secure as before but avoid the performance hit. If it was affected, you sacrifice some security for some performance.

Even if it's affected, it may be worth it to do nopti anyway. A machine that you have to be careful not to run malware on is better than a machine that's unusably slow.
>>
>>64134078
Intel made billions producing the problem. You can bet your ass they'll get paid billions in order to fix it. Huge companies NEVER lose money on things like this.
>>
>>64134288
i don't have windows on it anyway, so i don't have to install the update
i just wondered if it was affected in anyway by meltdown
>>
>>64134286
Apply your vendor patches and say goodbye to I/O performance on syscalls (that is, literally anything but mining, hentai@home and gaymen)
>>
>>64134146
It wouldn't have made it into a tree if there was a chance of TBI being required. Together with statements like
>AMD processors are not subject to the types of attacks that the kernel
page table isolation feature protects against. The AMD microarchitecture
does not allow memory references, including speculative references, that
access higher privileged data when running in a lesser privileged mode
when that access would result in a page fault.
>Disable page table isolation by default on AMD processors by not setting
the X86_BUG_CPU_INSECURE feature, which controls whether >X86_FEATURE_PTI
>is set.
That leaves no room for interpretation. Take a look at Intel's statement and compare it to this. Its rock solid, unequivocal. If it was wrong there are at least two things in there that AMD would get raped for in court, not just for denying a security flaw but for trying to keep it open. This would be fucking suicide. You don't push out an official company statement like that if there is any chance for error.
>>
>>64133993
>That's every Intel CPU since pentium 2
Original Pentium was their first out of order execution CPU. The big hype around Pentium was because they had finally gotten just below 1 cycle per instruction on average.

The first couple generations of Atoms -- the pathetically slow ones -- were a brief return to in-order, so they're not affected by any of this either.
>>
>>64134247
I was thinking about spectre, In-order cpu are safe from meltdown.
>>
A C A D E M I C P A P E R S

C

A

D

E

M

I

C

P

A

P

E

R

S
>>
>>64134286
>are older i5s as vulnerable as newer i7s?

Read the fucking thing

Has it been manufactured after 1995 (yes, 1 9 9 5)? You're fucked
Is it older hardware without PCIDs ? You're fucked even more
>>
>>64134303
They will fall, it's the Trump curse and Intel choose diversity over competence for their workers.

http://www.businessinsider.com/intel-ceo-on-why-he-cancled-on-trump-2016-7
Jul. 12, 2016, 12:37 PM
On Tuesday, speaking at the Fortune Brainstorm Tech conference in Aspen, Colorado, he finally explained why.
It was never intended to be a fund-raiser.
Krzanich had simply invited the candidate and select other guests to his home just to talk, he said.
"It was originally supposed to be a conversation about the issues. I'm passionate about issues of diversity, about making America strong in manufacturing," he said. He also wanted to discussed the candidate's tax plans.
>"It was originally supposed to be a conversation about the issues. I'm passionate about issues of diversity
>I'm passionate about issues of diversity
>>
>>64131247
So my 7770k will now only run as bad as a 5 year old cpu used to? Thanks intel.
>>
>>64134333
OG Pentirum was the first superscalar processor you moron.
It's PPro that was the first OoOE x86 processor.
>>
>>64134145
No. They'll recover. It does mean 3 things:
1. Time to freak out if you run a datacenter.
2. A good time to buy Intel stock is probably coming soon.
3. Cheap current-gen Xeons on ebay as datacenters sell them to cut losses when they switch to AMD.
>>
lawsuit when?
>>
>>64134181
He can just buy back at the low and make profit when people start buying those sweet series 9.
>>
>>64134316
Anyone know how will this affect Pro Tools HD users on MacOS? If your sessions use a lot of CPU, like virtual instruments (calling lots of samples from memory)? Are we fucked? Sorry to be bothering you actual /g/ guys worrying about realdeal y2k-tier server shit with my brainletness...just trying to figure out where I'm at. NewMacPro 8core if it helps...
>>
>>64134304
The only patch that's out right now is for Linux.

The Windows patch is coming soon, and we'll be able to see how bad its performance hit is then.

MacOS heaven only knows when.
>>
>>64134304
Whoops. Yeah, you don't have to install the update for it on Linux, but future prebuilt kernels will bring additional security patches you will want.

You could build your own kernel and turn off the patch. Or you can take your distro's one and just put nopti on the command line for exactly the same effect with less effort.
>>
>>64134411
If you have macOS 10.13.2 then you already have the fix. You'll get whatever performance you already have.
>>
>>64134145
The greater party in duopolies don't go bankrupt, silly
>>
>>64134317
The assertion from AMD has not been independently verified; on the contrary researchers have not been yet able to validate AMD thesis. The patch relinquish in a limbo because of this. I'll leave any behavioural speculation to lawyers and content myself only with facts.

The only relevant facts here is that one of the three CVE ( http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754 is not yet populated, but we have https://access.redhat.com/security/cve/CVE-2017-5754 ) seems to state explicitly that "AMD x86-64 microprocessors are not affected by this issue."
Yet, the other speculative-relevant CVE ( https://access.redhat.com/security/cve/CVE-2017-5753 ) does NOT make this exclusion and concerns ALL x86-64 CPUs.
>>
>>64134411
Don't worry, Apple hardware is sold crippled already. You won't notice a real difference
>>
>https://de.wikipedia.org/wiki/Intel-Atom-Mikroarchitektur
>Moderne Out-of-Order-Architekturen wie die Intel-Core-Mikroarchitektur oder AMD64 erreichen ihre hohe Pro-Takt-Leistung (IPC) mit vielen zusätzlichen Funktionen wie Registerumbenennung oder Speculative execution. Für die Implementation dieser Funktionen sind allerdings viele zusätzliche Transistoren nötig, die neben der Vergrößerung der Die-Größe und damit der Produktionskosten auch für eine Erhöhung der Verlustleistung verantwortlich sind. Eine In-Order-Architektur verzichtet auf derartige Funktionen und arbeitet alle Befehle strikt in Reihenfolge ab, die IPC ist deswegen um einiges geringer.
>tl: OoOE and speculative execution were too costly and inefficient so they didnt incluse those
Looks like the first atoms are our hope against the spectre.
>>
>>64133951
around hacks never relax
>>
>>64134088
>or increase the CPU's frequency like they used to
Why is that exactly? I'm running an i5 3470 OCing to 3.40Ghz and I'm surprised to see modern i7's manufactured this year still only able to go up to 3.80Ghz and rarely maybe 4Ghz with OC, why aren't they at 5.50Ghz or more by now? What are the physical/technical limitations there?
>>
File: 1512256340885.jpg (29 KB, 500x491)
29 KB
29 KB JPG
This all sounds extremely scary and really serious. I don't use my computer for anything other than gaming and 4chan, but I'm still not fond of having my computer so vulnerable. Right now, besides going out and replacing my CPU with an AMD one, is there anything I can do to minimize the risk of getting fucked in the ass over this? Is being affected by this really as simple as visiting a random web page? Should I just discontinue using web browsers at all until I acquire a new CPU?
>>
So the global economy is fucked and we're going back to the 70's in terms of technology. Great.
>>
>>64134579
>Is it as simple as visiting a website and getting fucked
Yes, it works in JS.
>>
Fuck this, imagine implications of botnet crypto mining with this exploit.
>>
>>64134579
yes close your internet browser right now
>>
>>64134600
at least you'll be able to steal their wallet
>>
>>64134482
Well, only CVE-2017-5754 is Meltdown-related

>https://access.redhat.com/security/vulnerabilities/speculativeexecution
>>
>>64134579
>Should I just discontinue using web browsers at all until I acquire a new CPU?
Just apply your vendor patches and enjoy crippled performances on **some** workloads
>>
>>64134533
Sparc T2, Itanium.
>>
>>64134579
>I don't use my computer for anything other than gaming and 4chan
The only value you could have for a hacker is with being part of a botnet.
The common user will not be affected too much. The problem comes if you have a datacenter with Intel CPUs.
>>
>>64134641

what fucking vendor patches
>>
>>64134579
put cat in penis and he his at you
>>
why is no one talking about the fact that who discovered/researched this is fucking Google of all companies? why would the mother of all evil not use this for an even more powerful botnet? what are they hiding? what's their plan?

i'm skeptic about this
>>
File: ss.png (45 KB, 741x643)
45 KB
45 KB PNG
https://lkml.org/lkml/2018/1/3/797
https://lkml.org/lkml/2018/1/3/797
https://lkml.org/lkml/2018/1/3/797
https://lkml.org/lkml/2018/1/3/797

Linus blames Intel
>>
>>64134482
It probably has been, which is why it made it into the tree to begin with. Why else woukd it be there? Documentation is lacking since they're busy with the dumpster fire that is this patch. AMDs statement is simple, it can't happen on their CPUs, you try it, you get a page fault. This is not hard to verify.

It's not "behavioural speculation" to take a look at their statement either. Either what they said is true or the company just committed suicide.
>>
File: 1511411053672.jpg (69 KB, 540x960)
69 KB
69 KB JPG
>>64134593
>the global economy is fucked and we're going back to the 70's in terms of technology.

sounds fucking awesome
>>
>>64134670
Microsoft, if you're using Windows
Apple, if you're using macOS
Linux, if you're using a Linux-based OS
Xen, if you're using Xen
>>
>>64134681
Well no shit, AMD exhibits only one easily mitigatable problem.
>>
>>64134709
there are no windows patches yet though wtf are you smoking
>>
>>64134655
Im talking about spectre. Mitigating meltdown is easy.
>>
>>64134723
5PM ET / 2PM PT today for Windows 10 users, other versions of Windows need to wait till Tuesday.
>>
>>64134575
You need to move the same amount of charge to reliably show a 1. Higher clockspeed meens higher voltage. Unless we find materials with less resistance and leakage clock speeds are capped. There are some expensive ways to get clock speeds even higher with silicon, but we're at the edge of what's possible. SOI is making a comeback to squeeze out more from the processes for example.
>>
>>64134723
Wait for them, fucking kid.
>>
>>64131137
The only variant that was able to be replicated on AMD x86 hardware was patched by software. All other variants were unable to be replicated on AMD hardware.
>>
So, what are the BSD guys doing about this?
>>
>>64134769
Well shit, didnt expect to hit such a limit so soon.
>>
>>64134788
nothing, they are irrelevant
>>
>>64134788
Drinking beer.
>>
>>64133426
>>64134062
*hsan't made it into mainline
It's waiting approval for inclusion in mainline. Google's research team has confirmed AMD CPUs are 100% immune to the Meltdown variant of the Spectre attack which PTI is supposed to patch.
>>
>>64134798
> So soon
Transistors have been around since the 1950's. We've been milking them for over 60 years.
>>
>>64134769
All EE is just waiting for materials to get better, now.
>>
>>64134822
>Google's research team has confirmed AMD CPUs are 100% immune
Point where you read such thing.
>>
>>64134575
Transistor density

Today's target is latencies, not frequency
>>
>>64133630
You are 1000% incorrect. Meltdown affects ONLY Intel processors, full stop.
>>
>>64134851
>>64134841
>>
>>64133756
rejected != awaiting inclusion in mainline
>>
>>64134851
A75 is also affected by Meltdown (huh).
>>
>>64134841
>>64134868
>>64134877
>>64134037

Hint: Variant 3 is Meltdown
>>
>>64134822
>Google's research team has confirmed AMD CPUs are 100% immune to the Meltdown variant of the Spectre attack

1) Meltdown is not a variant of the Spectre attack.
2) Google's research team has been UNABLE to exclude AMD CPUs; at the same time they only exploited the CVE dubbed as "Meltdown" against Intel CPUs only.
>>
>>64131227
>>64132124
Libreboot is the only answer if you have Intel
>>
>>64134908
>Variant 3 is Meltdown
It's a variant of the "speculative execution" flaws. It's not a variant of Spectre, as you seemed to incorrectly state.
>>
>>64135005
>Libreboot

as it turns out, it has been a useless gimmick.

who would have ever guessed
>>
>>64134957
The only successful exploit carried out by Google's research team used non-default configs and even then it only affected a handful of FX Pro mobile chips and ARM chips.
>>
>>64135023
>technicalities
>>
>>64132841
>my eeepc shitbox is safe
phew, that thing would never be able to handle even a 5% performance hit
>>
Intel shills and users are FUCKWITS anyway
just ignore them
>>
>2018 starts with the death of intel
gonna b a fantastic year bros
>>
>>64134804
plenty of servers run FreeBSD though
and the openBSDfags can't spew their "muh security" shit when this shit is unpatched on their OS
>>
>>64134804
lol FreeBSD and FreeNAS are widely used in the industry
>>
>>64134482
>The assertion from AMD has not been independently verified; on the contrary researchers have not been yet able to validate AMD thesis. The patch relinquish in a limbo because of this. I'll leave any behavioural speculation to lawyers and content myself only with facts.

you dumb mong, researchers without access to AMD's actual hardware design can't ever prove the flaw doesn't exist, just that their increasingly refined software techniques haven't yet found evidence of the kernel page leaking.

no finite amount of absence of evidence = evidence of absence.
>>
>>64134519
Good actually glad to hear I won't notice. I don't use apple because their shit runs better (well aware it doesnt), I use apple because CoreAudio drivers are rock solid and Windows ones were notoriously shoddy for years
>in b4 that's not true anymore
Please prove that if so because I'd leave in a heartbeat for pc. Shame pro tools isn't Linux I don't think. The VIs probably wouldn't be even if it was though
>>
>>64135557
No. They haven't been able to exclude that a difference in CPU design is enough to exclude a specific vulnerability. This isn't a quest for a probatio diabolica and the obscure "actual hardware design" is a red herring.

In other words, you're retarded. Congratulations.
>>
>>64135807
if the difference in design is that AMD unconditionally prohibits ring 3 code from reading pages whose PTE U bits are set to zero (which they at least claim), how could speculative execution possibly ever leak kernel mode page contents?

you're not as smart as you appear to think you are.




Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.