Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux 4.3 Released As Stable; Improves On Open-Source Graphics, SMP Performance (lkml.org)

Posted by timothy on from the positive-externalities-galore dept.

An anonymous reader writes: The Linux 4.3 kernel was released as stable today. The Linux 4.3 kernel brings Intel Skylake support, reworked NVIDIA open-source graphics support, and many other changes with the code count hitting 20.6 million lines of code.

8 of 73 comments (clear)

  1. Re:How much of it do I have to trust? by Anonymous Coward · · Score: 2, Insightful

    I was reffering to BadUSB, which is for example the USB firmware suddendly adding a fake USB keyboard and running running curl | sh through ALT+F2, or maybe adding a USB network adapter that proxies your traffic through an attacker machine, or really all sorts of other fun things you could imagine.

    This isn't the things I'd worry about, but properly done rogue firmware is definitely among the 1% scary attacks.

  2. Re:How much of it do I have to trust? by zenlessyank · · Score: 5, Funny

    You have 11 choices. You can either 'Learn' the code, or you can 'Trust' the code, and lastly you can 'Not Use' the code.

  3. Re:How much of it do I have to trust? by smittyoneeach · · Score: 4, Informative

    Hey, don't forget the microcode on the chip. Or, rather, do forget it. "They" insist.

    --
    Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
  4. Re:How much of it do I have to trust? by Kjella · · Score: 2

    If I upgrade to this kernel, how many of those lines of code do I actually have to trust not to give away everything on my machine to a black hat? Hopefully less than 100k lines of code are actually critical.

    Depends on your threat model. If your "black hat" can plug malicious devices into your machine quite many but then your security is probably badly compromised anyway. If he's within wireless range then a few stacks like Bluetooth, WiFi, WiDi etc. if you have them enabled, but if that's a realistic fear I'd simply use wired accessories. If he's got a local user there might be many vectors for an escalation attack, but then he's already got a foot in the door. For packets coming down the wire from the Internet, there's some as the kernel does parsing, routing, firewalling and so on. But for the most part it's userspace clients like your browser or daemons like sshd that'll contain the primary exploits. Kernel bugs are mostly to go from limited access to full access.

    --
    Live today, because you never know what tomorrow brings
  5. Re:SMP improvements? by eutychus · · Score: 5, Informative

    "and the performance testing results are encouraging. Nevertheless we need to keep
    an eye on potential regressions, since this potentially affects every SMP workload
    in existence."

    http://lkml.iu.edu/hypermail/linux/kernel/1508.3/04818.html

  6. Re:How much of it do I have to trust? by OrangeTide · · Score: 2

    Firmware is just a fancy word for software. I write firmware for a living. Most of the fear around it is because many don't understand what firmware is.
    The very nature of having code that runs on a processor that is isolated from the rest of your system is generally considered a good thing in security, and that's all firmware really is. Now what your computer does with the output of that firmware is really what has been overlooked for years.

    --
    “Common sense is not so common.” — Voltaire
  7. Re:How much of it do I have to trust? by kervin · · Score: 2

    dude, you missed like 8 choices

  8. Re:How much of it do I have to trust? by Gravis+Zero · · Score: 4, Funny

    dude, you missed like 8 choices

    there are 10 kinds of people: people that understand binary and people who don't.

    --
    Anons need not reply. Questions end with a question mark.