Major Intel Memory Vulnerability
techlists at phpcoderusa.com
techlists at phpcoderusa.com
Fri Jan 5 09:39:08 MST 2018
I think they have a moral obligation to destroy all effected chips that
are in the pipeline. Dell and others need to stop sales and not
continue selling until the CPU is fixed.
This is much bigger than we know. Almost every computer is effected.
The intermittent fix is software. What keeps some smart and devious
person from creating an app that replaced the patch with their own and
then they can drain your bank account... crash your automated or self
driving car.... Yikes.
The real solution is a new generation of chips that are not exploitable.
That means replacing every computer and device that is effected.
This should be a wake up call to all of us. We are way too dependent on
computers.
There will be major fireworks over this. I can see a lot of companies
getting sued. And the only ones that win are the lawyers.
This is going to be with us for years.
I have 7 computers that can be or already are connected to the internet.
A lot of it is old technology, however it's value is in testing. I am
a software developer. As long as I keep them on a private net I am
ok.... Otherwise I will need to replace at least 2.
This is a potential nightmare.... Patching hardware with software is a
weak plan. All that need to happen is some wise person to figure out
how to replace the patch with their own. Say good by to our economy if
that happens.
What a mess!!
On 2018-01-03 18:12, Matthew Crews wrote:
> I would be more concerned IF the next gen CPU has this fixed. All's I know is that if Intel wants to fix the very next gen, they will need to scrap a lot of silicon that has already been finished.
>
> Sent from ProtonMail [1], Swiss-based encrypted email.
>
> -------- Original Message --------
> On Jan 3, 2018, 15:35, Nathan O'Brennan wrote:
>
> I'm more curious to know which versions of Intel's upcoming chips have been fixed already. I would like to upgrade my current workstation in the next year and will stick with Intel despite any performance impact over AMD.
>
> On 2018-01-03 00:43, Aaron Jones wrote:
>
> I read the performance hit for Intel chips will be %35 or so after the fix.
>
> On Jan 2, 2018, at 7:49 PM, Eric Oyen <eric.oyen at icloud.com> wrote:
>
> so, does this mean that the UEFI might get patched first? OR, does the OS ecology have to do so first? Lastly, how much of a performance hit will this represent?
>
> -eric
> from the central offices of the Technomage Guild, the "oh look! yet another bug!" Dept.
>
> On Jan 2, 2018, at 3:39 PM, Matthew Crews wrote:
> https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
>
> In a nutshell, it is a major security flaw in Intel hardware dating back a decade that is requiring a complete kernel rewrite for every major OS (Linux, Windows, Mac, etc) in order to patch out. It cannot be patched out with a CPU microcode update. Major enough that code comments are redacted in the patches until an embargo period is expired. Also the reported fix will have a huge performance impact.
>
> Also crucial to note is that AMD chips are not affected by this.
>
> How the heck does something like this go unnoticed for so long?
>
> Sent from ProtonMail [2], Swiss-based encrypted email.
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
Links:
------
[1] https://protonmail.com
[2] https://protonmail.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20180105/18259b3d/attachment.html>
More information about the PLUG-discuss
mailing list