Discussion in 'Article Discussion' started by bit-tech, 4 Jan 2018.
I guess AMDs' "it not AMD then apply PTI" patch for the linux kernel was rejected then?
Even if AMDs and ARMs are only affected by one vulnerability, there's only one way to protect end users from it, correct?
That patch is only for Meltdown, as I understand it.
I bet this will annoy the security services, they've probably been using it for years to get in to places they shouldn't have been...
How should a user proceed to update their system without knowing how to check their registery? Is there any danger in running Windows Updates without checking the registery flag now?
No, there's no danger: if the flag isn't set (because you either have no anti-virus installed or the anti-virus you have would break with the Meltdown patch applied) Windows Update will run fine but not offer you the patch (leaving you vulnerable); the patch will only appear in Windows Update if the registry entry is present.
This feels like a biggie (to probably state the obvious).
https://www.phoronix.com/scan.php?page=article&item=linux-415-x86pti&num=2 - pre and post patch benchmarks showing some fairly big performance decreases (in certain CPUs, in certain cases)
https://aws.amazon.com/security/security-bulletins/AWS-2018-013/ - AWS have been rolling out mandatory reboots of affected instances
WRT the antivirus, does that only include 3rd party software or does Windows Defender add the reg entry?
Windows Defender adds the registry entry: Microsoft's official solution to the patch not rolling out to Windows Server installations is to install Windows Defender on 'em first.
OK, ta. Was expecting it not to
So I can see why this is a huge problem for virtualized servers, shared hosting and the like, but what's the risk to the average desktop user? Is it more to do with how leaked kernel memory can form the basis of further attacks or is there something else of value in kernel memory?
In the other thread in Hardware I posted a demo of a password being stolen by a user space application as it was being typed - and, remember, this is exploitable through the browser. Serious stuff.
This thread gave me a tenuous grasp on what the actual issue is
issues are without digesting the whole Project Zero post: https://twitter.com/gsuberland/status/948907452786933762
Sounds bad, both from a pre-patch security pov and a post patch performance pov.
Speculative execution of code across VM boundaries, I wouldn't want to be a Microsoft Azure PR rep
Plus it's not just a single exploit. This is a new category that exploits the fundamental performance enhancement of speculative OoO execution in EVERY ISA, not just x86: MIPS, SPARC, zPOWER, POWER etc - all affected by Spectre style attack. Pandora's box.
On the flip side if you're a distopian authoritarian government, make money from selling people's private details or in infosec, good times!
Yeah, my understanding is it makes friggin' Heartbleed look like a niche issue.
Will you guys (bit-tech) be doing your own set of benchmarks on performance hits? From what I've read games and most things regular people do won't take that big a hit. Although I'm still curious about handbrake, video editing software and zip performance.
I caught the headline of the FT (I think) saying something along the lines of companies should upgrade all their hardware to be fully safe.
But what is the go to 100% safe hardware option out there? Yes, i'd go AMD as they're least affected (that is no Meltdown) but that's still not 100% - will Ryzen 2 be and what of the next iteration of Intel's line?
Right now, if you want absolutely cast-iron 100% safe, your only option is to find a chip that doesn't include speculative execution - which ain't easy, considering everyone is using it to boost performance.
Pre-1995 chips and selected Atoms are about your only option for the desktop right now. The Cortex-M family is safe, but not designed for desktop workloads. Most implementations of RISC-V are safe, too, but again we're talking off-the-shelf parts being designed for embedded use and running at 300MHz.
If you fancy getting really clever, stick the RISC-V RocketChip design (which doesn't have speculative execution) on an expensive FPGA and see how far up you can crank the clocks, then shove Linux on there. 100% protection against Spectre!
If you're stuck in the x86 ecosystem, though, you're SOL: anything you can buy now is vulnerable, and I'd be surprised if the next generation wasn't vulnerable too - trying to change the design at this late stage is going to be a right bugger.
Speculative execution, hm, I should do more reading - from a naive pov shouldn't it be possible to allow speculative execution but have it so there are things you just can't speculate about unless specific conditions are met?
That in itself is a bit of an IF question and i'm giving myself a meltdown. Best read up abit.
Now I'm wishing I still had that BBC Model B and my copy of Elite
I do have a netbook with an Atom in it, will have to check which one, now is perhaps the time to dig it out and put a distro on it.
Just glad I held back on an upgrade, prefer tp be with a 3770 and not 100% safe than being out of pocket and not 100% safe.
Hang on a minute, what about consoles - completely forgot about them, will have to check their cpus.
Separate names with a comma.