Spectre and Meltdown: Next Generation

Chat about just about anything else
DAMIEN1307
Level 6
Level 6
Posts: 1071
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 » Thu May 03, 2018 11:51 pm

so far...no problems with startup speed...no problems with system speed...still starting in cold start @ 37 seconds...going into second hour of testing...DAMIEN
ORDO AB CHAO

DAMIEN1307
Level 6
Level 6
Posts: 1071
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 » Fri May 04, 2018 12:10 am

just went into total shutdowm...full cold boot still timing out at 37 seconds...so far so good with new microcode in the second hour of testing...DAMIEN
ORDO AB CHAO

Cosmo.
Level 23
Level 23
Posts: 17829
Joined: Sat Dec 06, 2014 7:34 am

Re: Spectre and Meltdown: Next Generation

Post by Cosmo. » Fri May 04, 2018 6:12 am

absque fenestris wrote:
Thu May 03, 2018 7:40 pm
At least as far as the Swiss cheese with the holes is concerned - more precisely it is the Emmentaler:
In principle correct. But all what I did was to translate the passage of the article, I did not want to interpret or correct it. (And in German language the terms Swiss cheese and Emmentaler are often used as synonyms, although this is not correct.)

(In the English version as provided by heise the comparison with any cheese has been removed.)

User avatar
absque fenestris
Level 5
Level 5
Posts: 586
Joined: Sat Nov 12, 2016 8:42 pm
Location: Confoederatio Helvetica

Re: Spectre and Meltdown: Next Generation

Post by absque fenestris » Fri May 04, 2018 6:38 am

:lol: Don't mention it. But it was too good an opportunity to do some promotion for home.
Linux Mint 18.3 Sylvia (Mate) 32-bit - Acer D250 Netbook (Intel Atom N270, 2 GB RAM, 120 GB SSD)

DAMIEN1307
Level 6
Level 6
Posts: 1071
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 » Fri May 04, 2018 12:27 pm

hi folks...my testing results for new microcodes...1- for intel and 1- for amd ...they seem to work just fine...terminal report for amd processor on my main computer...AMD Beavercreek Processor...

dpkg -l | grep microcode
ii amd64-microcode 3.20171205.2 amd64 Processor microcode firmware for AMD CPUs

grep CONFIG_PAGE_TABLE_ISOLATION=y /boot/config-`uname -r` && echo "patched" || echo "unpatched"
CONFIG_PAGE_TABLE_ISOLATION=y
patched

grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline

terminal report for my intel i5 sandybridge auxillary system

dpkg -l | grep microcode
ii intel-microcode 3.20180425.1 amd64 Processor microcode firmware for Intel CPUs
ii iucode-tool 1.5.1-1ubuntu0.1 amd64 Intel processor microcode tool

second...damien1@damien1 ~ $ grep CONFIG_PAGE_TABLE_ISOLATION=y /boot/config-`uname -r` && echo "patched" || echo "unpatched"
CONFIG_PAGE_TABLE_ISOLATION=y
patched

third...damien1@damien1 ~ $ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline, IBPB, IBRS_FW

nothing has borked as of yet...DAMIEN

here are the links to oregon state university repositories if anyone is interested...the first will be for AMD...the 2nd will be for intel...there are no new microcodes for 32 bit as of yet...newest amd is dated may 4th...the newest intel is dated may 2nd...i used the .deb installers for both machines...DAMIEN

http://ftp.us.debian.org/debian/pool/no ... microcode/

http://ftp.us.debian.org/debian/pool/no ... microcode/
Last edited by DAMIEN1307 on Fri May 04, 2018 3:48 pm, edited 1 time in total.
ORDO AB CHAO

User avatar
AZgl1500
Level 9
Level 9
Posts: 2594
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes sweeping down the plains
Contact:

Re: Spectre and Meltdown: Next Generation

Post by AZgl1500 » Fri May 04, 2018 1:48 pm

I wonder at how much exposure the average user will ever see to one of these hack attempts?

99% of my surfing time is on 4 forums.

0.001% reading news.google.com and following a few news articles.

Emails from unknown senders? usually get 'spammed' with a click, that is IF they make it thru Yahoo's, or Gmail's own spam filters.

DAMIEN1307
Level 6
Level 6
Posts: 1071
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 » Fri May 04, 2018 3:45 pm

To my knowledge with this issue at this time, i believe that these Spectre annoyances are being aimed more so at servers and will affect things like Cloudflare, cloudfront, AWS and things of the like...the average user, whether he/she likes it or not, use these services everytime they use the internet/web...so i guess all computer users will be effected by this one way or the other...DAMIEN
ORDO AB CHAO

Benedetto
Level 1
Level 1
Posts: 37
Joined: Wed Jul 26, 2017 11:50 am
Location: SW England

Re: Spectre and Meltdown: Next Generation

Post by Benedetto » Fri May 04, 2018 5:23 pm

This is the view from the BBC Technology web page:
http://www.bbc.co.uk/news/technology-44003850
Best wishes,
Linux Mint 19 Tara Cinnamon - version 3.8.9

User avatar
Portreve
Level 6
Level 6
Posts: 1342
Joined: Mon Apr 18, 2011 12:03 am
Location: Florida
Contact:

Re: Spectre and Meltdown: Next Generation

Post by Portreve » Sun May 06, 2018 8:56 pm

Cosmo. wrote:
Thu May 03, 2018 6:19 am
Security researchers have found 8 new security threats, currently named as Spectre Next Generation. Intel has currently classified 4 of them as high critical. One of them is able to break the borders of the system; this means, that an exploit, running in a virtual machine, can break its border and can affect the host and other virtual machines on this host. This risk will affect all servers, which are running in a cloud as VMs.
Oh... joy. More felgercarb to slog through.

Thanks you two. Your efforts are much appreciated.
Peoples of the universe, please attend carefully: the message which follows is vital to the future of you all.

User avatar
catweazel
Level 17
Level 17
Posts: 7522
Joined: Fri Oct 12, 2012 9:44 pm
Location: Australian Antarctic Territory

More Spectre woes on the way...

Post by catweazel » Tue May 15, 2018 1:37 am

https://www.itnews.com.au/news/eight-mo ... ors-490279

Chip giant Intel faces further security patch headaches after researchers discovered and reported eight new Spectre-style hardware vulnerabilities in the company's processors.

First reported by German IT site C'T, which said it has been given full technical details on the vulnerabilties by researchers and verified them, the flaws have been confirmed by Intel which has reserved Common Vulnerabilities and Exposures (CVE) numbers for them.

The new set of hardware flaws have been named Spectre New Generation, and Intel rates four of the eight vulnerabilities found as high severity, and the rest as medium.


Quoted from the URL above.
¡uʍop ǝpısdn sı buıɥʇʎɹǝʌǝ os ɐıןɐɹʇsnɐ ɯoɹɟ ɯ,ı

User avatar
karlchen
Level 19
Level 19
Posts: 9321
Joined: Sat Dec 31, 2011 7:21 am
Location: Germany

RE: Spectre and Meltdown: Next Generation

Post by karlchen » Tue May 15, 2018 8:23 am

<moderator on>
Had already been reported here at the beginning of May: Spectre and Meltdown: Next Generation.
Going to append your thread, catweazel, to that thread.
Done.
</moderator off>
Image
Linux Mint 18.1 64-bit Cinnamon Desktop, Total Commander 9.21a 64-bit
Ubuntu 18.04.1 32-bit Mate Desktop, Total Commander 9.21a 32-bit
Windows? - 1 window in every room

User avatar
smurphos
Level 7
Level 7
Posts: 1621
Joined: Fri Sep 05, 2014 12:18 am
Location: Britisher...

Re: Spectre and Meltdown: Next Generation

Post by smurphos » Tue May 22, 2018 3:23 am

Spectre variant 4 - disclosed officially yesterday, kernel patches released today - will need as yet unavailable microcode update..... :roll:

https://www.intel.com/content/www/us/en ... 00115.html
https://wiki.ubuntu.com/SecurityTeam/Kn ... e/Variant4

User avatar
kc1di
Level 13
Level 13
Posts: 4705
Joined: Mon Sep 08, 2008 8:44 pm
Location: Maine USA

Here we go again!

Post by kc1di » Tue May 22, 2018 6:06 am

Another CPU vulnerability https://www.zdnet.com/article/spectre-c ... CAD2e14604
Patches will be coming soon, keep your system up to date.
Easy tips : https://sites.google.com/site/easylinuxtipsproject/
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608

DAMIEN1307
Level 6
Level 6
Posts: 1071
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 » Tue May 22, 2018 6:57 am

variant 4 (spec-storage)...newest LTS kernel 4.4.0-127 as of today, and newest AMD microcode release 3.20180515.1 as of 5-19-2018...nothing new from intel as of yet...DAMIEN

damien@DAMIEN ~ $ dpkg -l | grep microcode
ii amd64-microcode 3.20180515.1 amd64 Processor microcode firmware for AMD CPUs
damien@DAMIEN ~ $

damien@DAMIEN ~ $ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Not affected
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: OSB (observable speculation barrier, Intel v6)
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline
damien@DAMIEN ~ $
ORDO AB CHAO

User avatar
karlchen
Level 19
Level 19
Posts: 9321
Joined: Sat Dec 31, 2011 7:21 am
Location: Germany

Re: Spectre and Meltdown: Next Generation

Post by karlchen » Tue May 22, 2018 8:15 am

<moderator on> Threads "Here we go again!" and "Spectre and Meltdown: Next Generation" merged. </moderator off>
Image
Linux Mint 18.1 64-bit Cinnamon Desktop, Total Commander 9.21a 64-bit
Ubuntu 18.04.1 32-bit Mate Desktop, Total Commander 9.21a 32-bit
Windows? - 1 window in every room

User avatar
kc1di
Level 13
Level 13
Posts: 4705
Joined: Mon Sep 08, 2008 8:44 pm
Location: Maine USA

Re: Spectre and Meltdown: Next Generation

Post by kc1di » Tue May 22, 2018 8:53 am

karlchen wrote:
Tue May 22, 2018 8:15 am
<moderator on> Threads "Here we go again!" and "Spectre and Meltdown: Next Generation" merged. </moderator off>
Thanks :)
Easy tips : https://sites.google.com/site/easylinuxtipsproject/
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608

DAMIEN1307
Level 6
Level 6
Posts: 1071
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 » Tue May 22, 2018 10:54 am

It is now officially known as Spectre variant 3a and Spectre variant 4...following article discusses just which CPUs are vulnerable and once again telling us about staying up to date on microcode updates as well as any update patches to come...note also that atom processors are now also included...thus far only Intel processors seem to be affected but we all know by now that the experts will probably find out that the other manufacturers products may soon join the list...more fun to come...lol...DAMIEN

https://news.softpedia.com/news/securit ... 1225.shtml
ORDO AB CHAO

User avatar
stephanieswitzer
Level 2
Level 2
Posts: 78
Joined: Mon Feb 26, 2018 12:49 pm
Location: Ontario

Re: Spectre and Meltdown: Next Generation

Post by stephanieswitzer » Tue May 22, 2018 3:11 pm

So what is this processor microcode? I notice that I have a driver available in Driver Manager:

Intel-Microcode (open-source)
Version 3.20180425.1~ubuntu0.16.04.1

Should I install this as my system seems to chirping along just fine.
How can I check which version I have installed.
Mac-Mini running MacOS and Linux Mint 19 Cinnamon (Dual Boot), Intel© Core™ i5-2415M CPU @ 2.30GHz × 2, 8 GiB, Intel Corporation 2nd Generation Core Processor Family Integrated Graphics Controller

User avatar
Spearmint2
Level 15
Level 15
Posts: 5719
Joined: Sat May 04, 2013 1:41 pm
Location: Maryland, USA

Re: Spectre and Meltdown: Next Generation

Post by Spearmint2 » Tue May 22, 2018 3:50 pm

AMD page


Intel page and affected processors


patched kernel now available from Update Manager, but will only show in that as 3.13.0-149-generic. Now in process of installing.

Code: Select all

Unpacking linux-image-3.13.0-149-generic (3.13.0-149.199)
on Linux Mint 17.3, 32 bit

Code: Select all

grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Not affected
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: OSB (observable speculation barrier, Intel v6)
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline
No Problems!
Last edited by Spearmint2 on Tue May 22, 2018 5:23 pm, edited 3 times in total.
All things go better with Mint. Mint julep, mint jelly, mint gum, candy mints, pillow mints, peppermint, chocolate mints, spearmint,....

DAMIEN1307
Level 6
Level 6
Posts: 1071
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico

Re: Spectre and Meltdown: Next Generation

Post by DAMIEN1307 » Tue May 22, 2018 3:58 pm

Hi stephanie...that microcode in your driver manager is the latest one released thru the mint updater and recommended for your system...i always install the most up to date microcode recommended and have never had a failure...yes your system is "chirping" right along with the existing microcode, however this newest one has new "mitigation" code re-written within it to mitigate vulnerabilities found in your Intel CPU chipset...this should be installed as well as any updates that will be forthcoming from the linux mint update manager...DAMIEN

run this code to check your microcode version, dont panic if nothing shows up, it just means that you have what came installed and have probably never updated it...after installing and REBOOTING your computer, run the code again and it should show up.

dpkg -l | grep microcode


after you have done the above, run this code, the last word in the terminal after running this should say "patched"

grep CONFIG_PAGE_TABLE_ISOLATION=y /boot/config-`uname -r` && echo "patched" || echo "unpatched"


and lastly, run this code in your terminal and it will show that mitigations have been applied

grep . /sys/devices/system/cpu/vulnerabilities/*
ORDO AB CHAO

Post Reply

Return to “Open chat”