Meltdown & Spectre Information and Discussion

[Searchernow]

I'm checking for updates twice a day.  Just now  4.4.0-112 #135.

I ran tool v.0.32 with same result as others above - variant 2 vulnerable.

on another mitigation -

My main browser is FF 57, and I have it blocking insecure sites (this setup from before the Intel catastrophe!) - but some of these sites I want to view (articles etc., but I don't send and login or other info - not intentionally!) and these I view on Chromium, also customized to be reasonably secure, but a bit more permisssive.

Anyway, for those who don't already know there is a trial mitigation tool from the Chromium project which seeks to isolate sites you are accessing from each other. This will hopefully close a route for a rogue page to infect other open pages.

details here  https://www.chromium.org/Home/chromium-s...-All-Sites

go to the tool here    chrome://flags/#enable-site-per-process  and scroll down to Strict Site Isolation and enable.  (do this in Chromium!).

[m654321]

I'm sure like me, a few on the LL forum are stuck as to how to run the Spectre/Meltdown checker.

I went to https://github.com/linuxlite/Spectre-Mel...-Automated

then downloaded the script:

Code:

wget https://github.com/linuxlite/Spectre-Meltdown-Checker-Automated.git

What do I do next ... ?

[UltraCookie]

Extract the folder -> open it -> double click on sm-start.

[m654321]

Extract the folder -> open it -> double click on sm-start.

I don't have a folder to extract from  :o
When I used the wget command  in post #2, an HTML file is downloaded, named Spectre-Meltdown-Checker-Automated.git ...

[Valtam]

I'm sure like me, a few on the LL forum are stuck as to how to run the Spectre/Meltdown checker.

I went to https://github.com/linuxlite/Spectre-Mel...-Automated

then downloaded the script:

Code:

wget https://github.com/linuxlite/Spectre-Meltdown-Checker-Automated.git

What do I do next ... ?

I don't know why you are using the wget command, that instruction isn't there. https://github.com/linuxlite/Spectre-Mel...-Automated shows the exact instructions under Instructions. Click on the green 'Clone or download' button, Download zip.

[m654321]

[member=2]Jerry[/member]
Many thanks - got it sorted, worked fine in LL3.6
I guess though, that the spectre-meltdown checker wont work in some other distros, where sudo is not a recognised command, e.g. PCLinuxOS.

[trinidad]

[member=458]m654321[/member] Below is the list of updated kernels for PClinuxOS and even though this a LL forum and I don't use PClinuxOS maybe just create a directory in your home directory to hold the shell script and run the commands in a root terminal without the sudo added in to the last.

http://www.pclinuxos.com/forum/index.php...msg1237197
We also need to ask these things all in the same thread and not spread this out all over the place.

TC

[Valtam]

Topics merged and title of this thread renamed.
Please keep all posts on this topic in this thread. Cheers

[Moltke]

Here's a nice article I just found while surfing the web https://insights.ubuntu.com/2018/01/17/s...u-proposed

It says:

You are invited to test and provide feedback for the following updated Linux kernels.  We have also rebased all derivative kernels such as the public cloud kernels (Amazon, Google, Microsoft, etc) and the Hardware Enablement (HWE) kernels.

It provides links for the proposed kernels for Ubuntu 14.04, 16.04, 17.04, 17.10.

[Valtam]

For advanced users. Do not try this on your actual machine unless you have god powers -https://www.sentinelone.com/blog/sentine...oitations/ Play with in an up to date LL VM.