Major Intel Memory Vulnerability
der.hans
PLUGd at LuftHans.com
Fri Jan 5 10:47:14 MST 2018
Am 05. Jan, 2018 schwätzte Stephen Partington so:
> It is certainly a deciding factor in my desire to move to AMD on my CPU
> rollout.
Trying to imagine a car salesperson knowing which CPUs are in a particular
model and utterfly failing.
Luckily IoT generally has so many holes that we don't need to worry about
meltdown and spectre for them...
ciao,
der.hans
> On Fri, Jan 5, 2018 at 9:39 AM, <techlists at phpcoderusa.com> wrote:
>
>>
>> I think they have a moral obligation to destroy all effected chips that
>> are in the pipeline. Dell and others need to stop sales and not continue
>> selling until the CPU is fixed.
>>
>> This is much bigger than we know. Almost every computer is effected. The
>> intermittent fix is software. What keeps some smart and devious person
>> from creating an app that replaced the patch with their own and then they
>> can drain your bank account... crash your automated or self driving car....
>> Yikes.
>>
>> The real solution is a new generation of chips that are not exploitable.
>> That means replacing every computer and device that is effected.
>>
>> This should be a wake up call to all of us. We are way too dependent on
>> computers.
>>
>> There will be major fireworks over this. I can see a lot of companies
>> getting sued. And the only ones that win are the lawyers.
>>
>> This is going to be with us for years.
>>
>> I have 7 computers that can be or already are connected to the internet.
>> A lot of it is old technology, however it's value is in testing. I am a
>> software developer. As long as I keep them on a private net I am ok....
>> Otherwise I will need to replace at least 2.
>>
>> This is a potential nightmare.... Patching hardware with software is a
>> weak plan. All that need to happen is some wise person to figure out how
>> to replace the patch with their own. Say good by to our economy if that
>> happens.
>>
>> What a mess!!
>>
>>
>>
>>
>>
>>
>> On 2018-01-03 18:12, Matthew Crews wrote:
>>
>> I would be more concerned IF the next gen CPU has this fixed. All's I know
>> is that if Intel wants to fix the very next gen, they will need to scrap a
>> lot of silicon that has already been finished.
>>
>>
>> Sent from ProtonMail <https://protonmail.com>, Swiss-based encrypted
>> email.
>>
>>
>>
>>
>>
>> -------- Original Message --------
>> On Jan 3, 2018, 15:35, Nathan O'Brennan wrote:
>>
>>
>> I'm more curious to know which versions of Intel's upcoming chips have
>> been fixed already. I would like to upgrade my current workstation in the
>> next year and will stick with Intel despite any performance impact over AMD.
>>
>>
>>
>> On 2018-01-03 00:43, Aaron Jones wrote:
>>
>>
>> I read the performance hit for Intel chips will be %35 or so after the
>> fix.
>>
>> On Jan 2, 2018, at 7:49 PM, Eric Oyen <eric.oyen at icloud.com> wrote:
>>
>> so, does this mean that the UEFI might get patched first? OR, does the OS
>> ecology have to do so first? Lastly, how much of a performance hit will
>> this represent?
>>
>> -eric
>> from the central offices of the Technomage Guild, the "oh look! yet
>> another bug!" Dept.
>>
>> On Jan 2, 2018, at 3:39 PM, Matthew Crews wrote:
>>
>>
>> https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
>>
>> In a nutshell, it is a major security flaw in Intel hardware dating back a
>> decade that is requiring a complete kernel rewrite for every major OS
>> (Linux, Windows, Mac, etc) in order to patch out. It cannot be patched out
>> with a CPU microcode update. Major enough that code comments are redacted
>> in the patches until an embargo period is expired. Also the reported fix
>> will have a huge performance impact.
>>
>> Also crucial to note is that AMD chips are not affected by this.
>>
>> How the heck does something like this go unnoticed for so long?
>>
>>
>>
>>
>> Sent from ProtonMail <https://protonmail.com/>, Swiss-based encrypted
>> email.
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
>
>
--
# https://www.LuftHans.com https://www.PhxLinux.org
# The Internet is the front line of the battle
# to protect our freedom. -- Nathaniel Borenstein
More information about the PLUG-discuss
mailing list