​I still do not want my car to be the massively online thing that car makers seem to think is the bes thing ever. cause they have no clue what security is.​

Leave my car dumb, gime a bluetooth interface to my phone and leave me be...


And get off my lawn :-P

On Fri, Jan 5, 2018 at 10:47 AM, der.hans <PLUGd@lufthans.com> wrote:
Am 05. Jan, 2018 schwätzte Stephen Partington so:

It is certainly a deciding factor in my desire to move to AMD on my CPU
rollout.

 Trying to imagine a car salesperson knowing which CPUs are in a particular
model and utterfly failing.

Luckily IoT generally has so many holes that we don't need to worry about
meltdown and spectre for them...

ciao,

der.hans

On Fri, Jan 5, 2018 at 9:39 AM, <techlists@phpcoderusa.com> wrote:


I think they have a moral obligation to destroy all effected chips that
are in the pipeline.  Dell and others need to stop sales and not continue
selling until the CPU is fixed.

This is much bigger than we know.  Almost every computer is effected.  The
intermittent fix is software.  What keeps some smart and devious person
from creating an app that replaced the patch with their own and then they
can drain your bank account... crash your automated or self driving car....
Yikes.

The real solution is a new generation of chips that are not exploitable.
That means replacing every computer and device that is effected.

This should be a wake up call to all of us.  We are way too dependent on
computers.

There will be major fireworks over this.  I can see a lot of companies
getting sued.  And the only ones that win are the lawyers.

This is going to be with us for years.

I have 7 computers that can be or already are connected to the internet.
A lot of it is old technology, however it's value is in testing.  I am a
software developer.  As long as I keep them on a private net I am ok....
Otherwise I will need to replace at least 2.

This is a potential nightmare.... Patching hardware with software is a
weak plan.  All that need to happen is some wise person to figure out how
to replace the patch with their own.  Say good by to our economy if that
happens.

What a mess!!






On 2018-01-03 18:12, Matthew Crews wrote:

I would be more concerned IF the next gen CPU has this fixed. All's I know
is that if Intel wants to fix the very next gen, they will need to scrap a
lot of silicon that has already been finished.


Sent from ProtonMail <https://protonmail.com>, Swiss-based encrypted

email.





-------- Original Message --------
On Jan 3, 2018, 15:35, Nathan O'Brennan wrote:


I'm more curious to know which versions of Intel's upcoming chips have
been fixed already. I would like to upgrade my current workstation in the
next year and will stick with Intel despite any performance impact over AMD.



On 2018-01-03 00:43, Aaron Jones wrote:


I read the performance hit for Intel chips will be %35 or so after the
fix.

On Jan 2, 2018, at 7:49 PM, Eric Oyen <eric.oyen@icloud.com> wrote:

so, does this mean that the UEFI might get patched first? OR, does the OS
ecology have to do so first? Lastly, how much of a performance hit will
this represent?

-eric
from the central offices of the Technomage Guild, the "oh look! yet
another bug!" Dept.

On Jan 2, 2018, at 3:39 PM, Matthew Crews wrote:


https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

In a nutshell, it is a major security flaw in Intel hardware dating back a
decade that is requiring a complete kernel rewrite for every major OS
(Linux, Windows, Mac, etc) in order to patch out. It cannot be patched out
with a CPU microcode update. Major enough that code comments are redacted
in the patches until an embargo period is expired. Also the reported fix
will have a huge performance impact.

Also crucial to note is that AMD chips are not affected by this.

How the heck does something like this go unnoticed for so long?




Sent from ProtonMail <https://protonmail.com/>, Swiss-based encrypted
email.


---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss



---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss


---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss






--
https://www.LuftHans.com   https://www.PhxLinux.org
 #  The Internet is the front line of the battle
#  to protect our freedom. -- Nathaniel Borenstein
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss



--
A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button.

Stephen