Meltdown - Intel CPU design flaw affecting all OS platforms

Head_on_a_Stick · 2018-01-17 07:11:48

o9000 wrote:

Any reason to say that

The microarchitecture is proprietary so we must trust the manufacturer.

To avoid this, look at true open-source hardware solutions such as RISC-V (which was never susceptible to either Meltdown or Spectre).

o9000 · 2018-01-17 07:43:45

So just FUDing, got it.

BLizgreat! · 2018-01-17 13:18:03

Come on fellas, no reason for anyone to have a meltdown here (pun definitely intended.)

There's a couple more exploits in the world obviously but I agree with the nixer who said we should all have a drink.

Though the clientside JavaScript thing is disturbing to me really haven't seen anything that solidly confirms it anyway. Still yep ... noscript or disabling it (.js) has long since seemed prudent. Same for keeping system and microcode updated.

We're supposed to do that no matter what. Really don't know what's behind this but consider it a bump in the techno road, doubt we ever will know the full truth involved. Apparently this has been around a long time.

Lotsa worse threats, ninjas ever rush me demanding my old Intel based laptop they can have it. Will be some really bored ninjas.

Vll!

Head_on_a_Stick · 2018-01-17 20:53:34

o9000 wrote:

So just FUDing

Reading back my posts, yes, it does look like that, sorry all — I think my obsessions are getting worse

johnraff wrote:

Time to keep calm, have a cup of tea...

Good advice

o9000 · 2018-01-17 21:24:03

No offense meant.

I think it's better to be fair with AMD. They gave a clear and direct statement that they are not affected, and the researchers did not find anything either, so I do think what they say is true.

Open source hardware would be great, but it's just a dream for now. And open source does not mean the design is secure, just that 3rd parties can fix it when it's broken, or improve it. Which in case of chips doesn't really work, since it costs so much to make them.

Head_on_a_Stick · 2018-01-17 21:28:24

o9000 wrote:

Open source hardware would be great, but it's just a dream for now.

https://abopen.com/news/future-ships-av … sc-v-core/

SiFive also have development boards: https://www.sifive.com/products/freedom/

o9000 · 2018-01-17 21:32:53

I know about such boards. Show me a laptop that can play Crysis and then we'll talk

stevep · 2018-01-19 01:45:56

The latest Liquorix kernel mentions enabling retpoline, but I'm not sure exactly what this means:

* enable retpoline per configuration refresh

Retpoline is supposed to prevent some Spectre attacks.

martix · 2018-01-19 22:57:28

o9000 wrote:

I know about such boards. Show me a laptop that can play Crysis and then we'll talk

If I'm not mistaken, this will play Crysis, won't it? Unfortunately the design is not even ready yet...

Sun For Miles · 2018-01-22 15:50:14

Linus mistakenly mixes IBRS and IBPB in a heat of the moment. I guess it's still a hot topic in dev circles.

Head_on_a_Stick · 2018-01-23 07:11:35

So it turns out that the updated firmware Intel released on 2018-01-08 was crap and caused Haswell machines to crash, great.

My OpenBSD box is now applying the version from 2017-11-17, look at what the Debian sid package page says:

intel-microcode (3.20180108.1+really20171117.1 and others)

https://packages.debian.org/sid/intel-microcode

Oh well done Intel...

*slow hand clap*

martix · 2018-01-23 22:01:31

Sun For Miles wrote:

Linus mistakenly mixes IBRS and IBPB in a heat of the moment. I guess it's still a hot topic in dev circles.

Yeah, as BLiz! would say, here more babble... Just joking, more like a response.

Edit: Here are some Chinese CPUs without Meltdown. Are they truly alternatives? Well, as long as they are not open source, not for me...

This is interesting (tweet): "@PCzanik The fix for the #Intel CPU vulnerabilities has a #brutal effect on compile times. Compiling the #syslog_ng package on #Fedora changed drastically: from 4 minutes to 21! As far as I can see compiling #Java is affected most."

This project needs more support: https://www.powerprogress.org/en/powerp … n-powerpc/

Last edited by martix (2018-01-24 12:49:16)

martix · 2018-02-04 15:00:01

Head_on_a_Stick wrote:

o9000 wrote:
Open source hardware would be great, but it's just a dream for now.
https://abopen.com/news/future-ships-av … sc-v-core/
SiFive also have development boards: https://www.sifive.com/products/freedom/

OMG, OMG, OMG, it's happening!

https://hackaday.com/2018/02/03/sifive- … processor/

Head_on_a_Stick · 2018-02-04 15:17:30

^ Amazing news, to be sure but...

$999

martix · 2018-02-07 14:24:58

This is a very good point mentioned here:

"Meltdown and Spectre are errors. Grave errors, to be sure, but not evidently malicious. Everyone makes mistakes.

Intel has done far worse with its CPUs than make a mistake. It has built in an intentional back door called the Management Engine."

There is a really good summary on that site in the document written in plain human language. Nothing new, but gives a quick overview, worth a read.

Last edited by martix (2018-02-07 14:37:38)

Head_on_a_Stick · 2018-02-08 07:42:07

^ And don't forget that AMD also have an equivalent "management engine" in their CPUs.

Head_on_a_Stick · 2018-02-09 08:06:21

Microcode update information from Intel:

https://newsroom.intel.com/wp-content/u … idance.pdf

tl;dr: buy a different processor... :cry:

EDIT: check your microcode vision with:

grep microcode /proc/cpuinfo

Last edited by Head_on_a_Stick (2018-02-09 08:08:11)

johnraff · 2018-02-09 08:29:20

john@bunsen1:~$ grep microcode /proc/cpuinfo
microcode	: 0x4
microcode	: 0x4
microcode	: 0x4
microcode	: 0x4

That's bad, I guess?

martix · 2018-02-09 11:16:58

^Same here.

ratcheer · 2018-02-09 15:09:04

Mine says 0x29 (on my old i5 desktop system). Does that mean version 41? And even if that is correct, what does it mean?

Tim

#81 2018-01-17 07:11:48

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#82 2018-01-17 07:43:45

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#83 2018-01-17 13:18:03

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#84 2018-01-17 20:53:34

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#85 2018-01-17 21:24:03

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#86 2018-01-17 21:28:24

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#87 2018-01-17 21:32:53

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#88 2018-01-19 01:45:56

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#89 2018-01-19 22:57:28

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#90 2018-01-22 15:50:14

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#91 2018-01-23 07:11:35

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#92 2018-01-23 22:01:31

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#93 2018-02-04 15:00:01

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#94 2018-02-04 15:17:30

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#95 2018-02-07 14:24:58

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#96 2018-02-08 07:42:07

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#97 2018-02-09 08:06:21

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#98 2018-02-09 08:29:20

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#99 2018-02-09 11:16:58

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#100 2018-02-09 15:09:04

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

Board footer