(01-07-2018, 02:40 AM)JmaCWQ link Wrote: As interesting as all this is, and no doubt will become more interesting now as it all unfolds in the future, I can't say I'm surprised.
Big business usually doesn't give a sh*t about anything but big business.
I'd near bet if they weren't caught with their pants down it wouldn't have been published at all.
LINUX LITE 7.2 FINAL RELEASED - SEE RELEASE ANNOUNCEMENTS SECTION FOR DETAILS
|
Meltdown & Spectre Information and Discussion
|
01-07-2018, 12:54 PM
(01-06-2018, 02:56 PM)trinidad link Wrote: (Intel CEO) Krzanich said the entire industry was planning to publish the data security issue once the fix was in place — but the problem leaked early. I like the quote, it'll be good for paraphrasing - "(Intel CEO) Krzanich said, everything was fine until those rebellious Linux geeks moved their fingers" 
01-07-2018, 01:19 PM
Ultimately the issue of computer security, in any sense whatsoever, is open source code. Speculative execution would not be a security issue at all if the processor code was open source. You cannot compare for bit parity for binaries you cannot access. We banged this around years ago and recommended dual CPU's and one bank of protected memory for low level binary comparisons. As long as OEM vendors refuse access to binary setups there is no solution that will ever be secure. The amount of patching in Debian is probably headed for fifty different specific application instances. At the high end, giant service providers are going to absorb a big hit and be forced to purchase more rack space to deal with the performance issues this ridiculous proprietary policy has caused. Intel's partnerships are just extortion in this sense and always have been.
TC
All opinions expressed and all advice given by Trinidad Cruz on this forum are his responsibility alone and do not necessarily reflect the views or methods of the developers of Linux Lite. He is a citizen of the United States where it is acceptable to occasionally be uninformed and inept as long as you pay your taxes.
01-08-2018, 07:53 AM
8) i am not too freaked out by all this , a flaw since what ?, 1995 ?, wow, ok. i suffered viruses through the years since windows 98SE, so again, not to freaked out by this .
??? any ways , has Linux Lite released some updates on this issue for Linux lite 3.6 ?. my windows 10 machine has been fixed by me, ha ha , it was a outdated driver issue, now ready to bring back down my Linux machine from upstairs and plug it back in........ i miss my Linux. windows is for my Husband, he so far has no problems with my machine , but he is a cave man and needs more how to attention.............
Class Action investigation against Intel, the first taker.
https://www.bgandg.com/intc A pdf copy of the action is available on the page. From 2005 MIT: https://ocw.mit.edu/courses/electrical-e...chpred.pdf TC
All opinions expressed and all advice given by Trinidad Cruz on this forum are his responsibility alone and do not necessarily reflect the views or methods of the developers of Linux Lite. He is a citizen of the United States where it is acceptable to occasionally be uninformed and inept as long as you pay your taxes.
01-08-2018, 08:21 PM
Krzanich talks his book, but will he walk the (perp) walk?
https://www.zerohedge.com/news/2018-01-0...ering-flaw Bring Comey back - why, he wiped the floor with Martha Stewart!
Terry Davis Command Line video cracks me up.
Quod delere vos ego faciam permanens.
01-11-2018, 11:21 AM
(01-05-2018, 07:40 AM)Jerry link Wrote: Ubuntu plan to release Kernel updates early next week, in or around the 9th. Do we have any news on the status of Ubuntu kernel updates to fix this issue?
Using Linux Lite for everything now. I put it on my desktop and my laptop. Woohoo!
01-11-2018, 12:39 PM
Kernel 4.4.0-109.132 is out for LTS. Fix for meltdown began at .131 I believe. This is not a complete fix all for Ubuntu OS. Older hardware will not respond to the update in many cases because of incomplete firmware. This whole thing is an ugly ugly mess for Debian. The main issue will be for people who run older hardware without firmware updates, and connect to virtual server instances that have firmware updates. They may find they cannot connect to their server. The exploit 1 of spectre is already mitigated in firefox but exploit 2 will not be fully mitigated for quite some time and people with older hardware may find themselves out of luck. If you are running anit-virus your provider will have had to issue a flag to your system to install the changes. I have some reticence about installing the meltdown mitigations at all, given other issues with Intel. I am slowly working my way through all the documentation on the exploits, but a cursory examination makes me a little itchy, given the impact on some common server administration tools, and given Intels other issues I am not so sure that the mitigation for meltdown will not open a wider door for specter exploit 2 due to a lack of pointer obfuscation. I don't think there's any need for home users to rush into this at this point other than the virtual server connection issues. Let the industry giants worry about it, and let Debian run its course through the mess the Debian way -- slowly via the community. There may be a worst case scenario for all of this akin to emmision testing for automobiles.
TC
All opinions expressed and all advice given by Trinidad Cruz on this forum are his responsibility alone and do not necessarily reflect the views or methods of the developers of Linux Lite. He is a citizen of the United States where it is acceptable to occasionally be uninformed and inept as long as you pay your taxes.
01-11-2018, 01:51 PM
Thanks TC
|
|
« Next Oldest | Next Newest »
|
![[Image: X5qGkCg.png]](http://imgur.com/X5qGkCg.png)
![[Image: 0op1GNe.png]](http://i.imgur.com/0op1GNe.png)
![[Image: LgJ2mtP.png]](http://i.imgur.com/LgJ2mtP.png)
![[Image: vLZcFUE.png]](https://imgur.com/vLZcFUE.png)
![[Image: lrUHro3.jpg]](http://i.imgur.com/lrUHro3.jpg)
Users browsing this thread: 38 Guest(s)