I'd be surprised if they didn't backport the 32Bit patches once confirmed as 'stable' to their supported LTS kernels (3.13, 4.4, 4.15). That's how they dealt with the original 64bit Spectre patches.michael louwe wrote: ⤴Thu Jul 26, 2018 2:43 pmHopefully, Ubuntu/LM will also provide downstream Linux kernel 4.19 in the Update Manager of 32 bit LM 18.x and 17.x.neversaynever wrote:.
ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
- smurphos
- Level 18
- Posts: 8498
- Joined: Fri Sep 05, 2014 12:18 am
- Location: Irish Brit in Portugal
- Contact:
Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)
For custom Nemo actions, useful scripts for the Cinnamon desktop, and Cinnamox themes visit my Github pages.
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,foreshadow flaws)
you might notice that ive added "foreshadow" into the spectre/meltdown title in the subject bar...at this point, i dont see that any of these flaws can ever truly be "fixed"...but for many years, i have told people that i personally know, (the majority of which did not listen). to never store their passwords, credit card numbers, bank acct. numbers, social security numbers, etc. on their computers...quote from article, "In the wrong hands, speculative execution could give hackers a new way to steal confidential data, such as passwords, from your computer via a piece of malware or even through the browser."...though not any easy target to hit, it can still be done...these friends have always said what i asked them to cease doing this,that it is just too inconvenient for them not to store these type of things on their computers...well thats my rant for the morning, and in case you might ask ?...no, i have never, ever stored anything on my own computers except the OS...everything else i need, including pics, videos, movies, documents etc., i have always stored over the years on floppies, CDs, DVDs, flash fobs etc...with no exceptions...enjoy the article below...DAMIEN
https://www.pcmag.com/news/363105/new-f ... l-protecte
https://www.pcmag.com/news/363105/new-f ... l-protecte
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
Like I said before, anything speculative should not have been put into the CPUs. The faster speed performance was a "FAKE".! Now, Intel reaps what she has sown or karma is her beetch.
Buy AMD CPUs.
Buy AMD CPUs.
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
Another source for the Foreshadow vulnerabilities affecting Intel processors: https://www.kitguru.net/components/cpu/ ... abilities/
"This presents numerous problems for those running cloud systems and data centres running their own virtualised hardware and software, as guest operating systems will also require the mitigations in order to remain safe. Sadly, there is a potential performance hit from these mitigations, but it’s almost a non-negotiable trade-off given the security implications."
Ouch. Rumor is Intel's upcoming next processor generation will have hardware fixes for speculative execution bugs. They've postponed their 10nm processors till late 2019/mid 2020 and continue on 14nm till then. Perhaps related.
- Malicious applications may be able to infer the values of data in the OS memory, or data from other applications.
- A malicious guest VM may be able to infer the values of data in the VM manager’s memory, or values of data in the memory of other guest VMs.
- Malicious software running outside of SMM (system management mode) may be able to infer values of data in SMM memory.
- Malicious software running outside of an Intel SGX enclave or within an enclave may be able to infer data from within another Intel SGX enclave
"This presents numerous problems for those running cloud systems and data centres running their own virtualised hardware and software, as guest operating systems will also require the mitigations in order to remain safe. Sadly, there is a potential performance hit from these mitigations, but it’s almost a non-negotiable trade-off given the security implications."
Ouch. Rumor is Intel's upcoming next processor generation will have hardware fixes for speculative execution bugs. They've postponed their 10nm processors till late 2019/mid 2020 and continue on 14nm till then. Perhaps related.
Re: ATTN!...Intel CPU owners (Spectre & Meltdown flaws)
...ehhm, no, it's not a "I told you so..." - quite the contrary, it's a mere 2 clicks away in your favorite search engine:thx-1138 wrote: ⤴Thu Mar 01, 2018 9:33 am...SGX exists only on 6th-gen & afterwards Intel processors, ie. after 2015 - earlier ones don't have such.
But even on those newer ones, it's totally non-existent in any Linux 'desktop' so far
(personally, i also kinda doubt it will gain considerable attraction any time soon, but who knows...)
https://software.intel.com/en-us/articl ... plications
1) Feature needs to be explicitly enabled in BIOS...
2) Feature needs the 'secured' apps to be explicitly linked / compiled against Intel's SGX SDK...
To keep it short, something that simple common users shouldn't bother themselves at all
(as such stuff does NOT exist on Mint or other Linux distros so far...)
No comment for the outrageous claims such as that 'speculative execution' should have never been included in cpus, hah!
Even more when such 'statements' have been explained & discarded before:
viewtopic.php?p=1410027#p1410027
&
viewtopic.php?p=1450260#p1450260
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
Thank you so much for that. I was busy typing the basically same thing yesterday but ending with a request to Michael to stop abusing the Linux Mint forums for stock manipulation (i.e., he almost must be sitting on a neat stack of AMD stock) when xenopeek posted, making me take the opportunity to think "oh, sod this".
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
https://news.softpedia.com/news/ubuntu- ... 2335.shtml (ubuntu-debian-rhel-and-centos-linux-now-patched-against-foreshadow-attacks - 16 Aug 2018)
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
For the upcoming "Cascade Lake" CPUs Intel adds mitigation in hardware for half the variants, which should have much less performance impact than the mitigation in firmware/OS previously used.
AnandTech have the full story: https://www.anandtech.com/show/13239/in ... scade-lake
AnandTech have the full story: https://www.anandtech.com/show/13239/in ... scade-lake
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
https://www.zdnet.com/article/intel-gag ... e-patches/ (Intel 'gags' Linux distros from revealing performance hit from Spectre patches; You can test performance after using our patches, but don't publish the results, say Intel's new license terms. By Liam Tung | August 23, 2018 )
Looks like the performance hit must be pretty bad for Intel to issue a gag order.
Looks like the performance hit must be pretty bad for Intel to issue a gag order.
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
Intel has already amended their license and the above is no longer the case. See: https://www.kitguru.net/components/cpu/ ... g-its-tcs/. Probably somebody got overzealous... The license is now a trivial "include this copyright, don't use our name to promote your product and don't reverse engineer the binary".michael louwe wrote: ⤴Fri Aug 24, 2018 3:30 amhttps://www.zdnet.com/article/intel-gag ... e-patches/ (Intel 'gags' Linux distros from revealing performance hit from Spectre patches; You can test performance after using our patches, but don't publish the results, say Intel's new license terms. By Liam Tung | August 23, 2018 )
- Spearmint2
- Level 16
- Posts: 6900
- Joined: Sat May 04, 2013 1:41 pm
- Location: Maryland, USA
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
michael louwe wrote: ⤴Fri Aug 24, 2018 3:30 am https://www.zdnet.com/article/intel-gag ... e-patches/ (Intel 'gags' Linux distros from revealing performance hit from Spectre patches; You can test performance after using our patches, but don't publish the results, say Intel's new license terms. By Liam Tung | August 23, 2018 )
Looks like the performance hit must be pretty bad for Intel to issue a gag order.
I don't even think that would be legally acceptable. Just because something is written into a "license" doesn't by itself mean it's based on something that when challenged would prove to be legal in a court of law. Benchmarking of computer components has a long legal history. Anyone doing the benchmarking isn't testing the "software" per se, but the performance of the CPU itself under a different condition than previously existed. All this "statement" does is further put us on notice that Intel has a BIG reduced performance problem dealing with these potential exploits. That's not the fault of the users of such processors, nor of the benchmarking sites which explore the difference in performance, but is the fault of Intel's CPU and "fixes".
All things go better with Mint. Mint julep, mint jelly, mint gum, candy mints, pillow mints, peppermint, chocolate mints, spearmint,....
- Spearmint2
- Level 16
- Posts: 6900
- Joined: Sat May 04, 2013 1:41 pm
- Location: Maryland, USA
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
And the Lawsuits begin.xenopeek wrote: ⤴Fri Aug 24, 2018 5:01 am Intel has already amended their license and the above is no longer the case. See: https://www.kitguru.net/components/cpu/ ... g-its-tcs/. Probably somebody got overzealous... The license is now a trivial "include this copyright, don't use our name to promote your product and don't reverse engineer the binary".
https://www.cnet.com/news/class-action- ... aws-surge/
Intel says that since the beginning of January it has been hit with 30 consumer and two securities-related class-action suits over the Spectre and Meltdown vulnerabilities in its processors revealed in 2017.
In the section "Litigation related to Security Vulnerabilities" of the 10-K statement Intel released this week the chipmaker states:
All things go better with Mint. Mint julep, mint jelly, mint gum, candy mints, pillow mints, peppermint, chocolate mints, spearmint,....
- Arch_Enemy
- Level 6
- Posts: 1491
- Joined: Tue Apr 26, 2016 3:28 pm
Re: ATTN!...Intel CPU owners (Spectre,Meltdown,Foreshadow, flaws)
I got my cpu for nothing from a server that had been decommissioned, so I don't suppose I'm entitled to anything...Spearmint2 wrote: ⤴Fri Aug 24, 2018 8:55 amAnd the Lawsuits begin.xenopeek wrote: ⤴Fri Aug 24, 2018 5:01 am Intel has already amended their license and the above is no longer the case. See: https://www.kitguru.net/components/cpu/ ... g-its-tcs/. Probably somebody got overzealous... The license is now a trivial "include this copyright, don't use our name to promote your product and don't reverse engineer the binary".
https://www.cnet.com/news/class-action- ... aws-surge/
Intel says that since the beginning of January it has been hit with 30 consumer and two securities-related class-action suits over the Spectre and Meltdown vulnerabilities in its processors revealed in 2017.
In the section "Litigation related to Security Vulnerabilities" of the 10-K statement Intel released this week the chipmaker states:
I have travelled 37629424162.9 miles in my lifetime
One thing I would suggest, create a partition as a 50G partition as /. Partition the rest as /Home. IF the system fails, reinstall and use the exact same username and all your 'stuff' comes back to you.
One thing I would suggest, create a partition as a 50G partition as /. Partition the rest as /Home. IF the system fails, reinstall and use the exact same username and all your 'stuff' comes back to you.