Intel Has a New Spectre and Meltdown Firmware Patch For You To Try Out

Mark Wilson writes: The Spectre/Meltdown debacle continues to rumble on, and now the chip manufacturer has announced the availability of a new 'microcode solution' to the vulnerability. The updated firmware applies to 6th, 7th and 8th Generation Intel Core devices, and the release sees the company crossing its fingers and hoping that everything works out this time.

This is Intel's second attempt at patching the vulnerability, and this time around both the company and its customers will be praying that the fix for Skylake, Kaby Lake and Coffee Lake chips actually does the job.

Tricky decision

[bestweasel]

I'm waiting for the point when the Intel patch does less damage than Spectre and Meltdown. Are we there yet?

Re:Tricky decision

http://qanonposts.com/

!UW.yye1fxoQ5997a0
180445
>>180316
HK allowed his passport to clear customs WITH THE CLOWNS IN AMERICA AND DEPT OF DEFENSE PUTTING A NAT SEC HOLD WW?
How does he clear customs?
How does he end up in Russia?
Coincidence?
Who was the 1st agency he worked for?
Who taught him the game?
Who assigned him w/ foreign ops?
Why is this relevant?
Future unlocks past.
Watch the news.
Spider web.
Stop taking the sleeping pill.
Shake whatcha mamma gaveya.
Q

Feb 21 2018 20:41:03
!UW.yye1fxoQ
104
@SNOWDEN
WHERE ARE YOU?
NOT RUSSIA.
[EYES ON]
YOU ARE NOW A LIABILITY.
HELPING @JACK?
PROJECT DEEPDREAMv2[A]].
WE WILL NEVER FORGET.
ES FAILED.
WHERE IS ES?
JOHN PERRY BARLOW.
DEFINE THE END?
THE DAY OF RECKONING IS UPON US.
[THEY CALL COOL RANCH COOL AMERICAN]
JOHN 3:16
Q

Q: total take down of the deep state in progress
Q: knuckles is my fav sonic character

Re:Tricky decision

Well, considering that this is purely a Spectre patch, not a Meltdown patch, and that Spectre isn't particularly threatening (Intel's been hyping it up to distract people from their horrid Meltdown bug) I'd say we're probably still a long way off.

Re:Tricky decision

So, is there any chance my 3rd gen i7 2600k Will receive a patch? It cost a packet many years ago and still performs really really well and is most definitely not the bottle neck for any of my current gaming or processing workloads. I guess Intel wants me to have to update it and to buy another chip. Screw you, Intel! If only AMD had better Linux support there would be an option.

Re:Tricky decision

I am waiting for description of what the patch did, and what is now changed. The working description is missing!
I understand, before if was query cpu for unique ID, and if a match flip some flag bits at initialization. No talk of if they can be flipped back or manipulated later.
I speculate things like interrupts, DMA, Memeory management offloads in flight, and dirty cache may complicate things somewhat. Then add buggy drivers that croak when hardware interrupts take longer than expected, perhaps creating a race condition or deadly embrace. And very little talk of who used these cross-licensed designs in other hardware/cpus/gpu's. Who says video cards do not do speculative execution as well?

If they were really honest they would say when and what the new - really hardware protected design was done. I am thinking some proper IBM mainframe VM instructions need to be added, and real key protected memory rather than ring whatever nonsense. Intel has a conflict of interest here, because unqualified single stepping debugging was removed a while ago to protect DRM shit.

I'll let someone else go first, and await results

Not keen to be a guinea pig

another day another solution

You know what happens when someone claims they have a "final solution" to a problem.

Re:another day another solution

[MightyMartian]

Nonsense. He would have inserted how his hosts file utility protects against Spectre and Meltdown. And you can totally trust a guy whose website for his tool still shows Windows NT 4.0 screenshots!

Re:another day another solution

APK is a myth anyway. His sightings are about as credible as pictures of the Loch Ness monster.

Prayer vs. Testing.

[geekmux]

"...this time around both the company and its customers will be praying that the fix for Skylake, Kaby Lake and Coffee Lake chips actually does the job."

I can understand the masses praying for a legitimate fix, but the company is praying this will work? Did they suddenly abandon the concept of testing prior to release?

I mean, it's not like Intel has to go digging to find a metric fuckton of affected hardware...

Re: Prayer vs. Testing.

hey, what do you want. the readme says "cross your fingers"

Re:Prayer vs. Testing.

Faith based software development. It's quite a bit cheaper than alternatives like Agile

Re:Prayer vs. Testing.

But do they have a metric fuckton of effective test engineers? I imagine it would be hard to argue they do.

Re:Prayer vs. Testing.

It used to be a pretty small group hence the repeat floating point bugs etc.. I think now the MMX CPU's were Intels only major release without a major flaw still to this day. Coincides with the guy who only did testing that CPU hmmm?

Re:Prayer vs. Testing.

[Powys]

They are following the Google model of releasing everything as BETA so they have to provide no warranty, and push testing on the unwashed masses. Only after it is deemed successful will they remove the "BETA" moniker. Saves them the trouble.

Re: Prayer vs. Testing.

[DarthStrydre]

The Pentium MMX chips had the f00f bug.

Re:Prayer vs. Testing.

Yes, they took a page from Microsoft, who has achieved the holy grail of convergence between pre-alpha testers and paying customers.

Re:Prayer vs. Testing.

You are assuming that Intel does testing in the first place. We now know that they prefer to pray than test. "Our Father, who art in Silicon Valley, hallowed be thy chipsets. Thy breadboards come, thy NAND gates done, on XOR as it is in RAM. Give us this day our daily clock speed and lead us not into a Meltdown but deliver us from AMD. For thine is the multi-core, the multi-thread, and the L3 cache forever. Amen."

Re:Prayer vs. Testing.

[sjames]

Perhaps they're an AMD shop?

Re:Prayer vs. Testing.

[mindwhip]

My thoughts and prayers go out to Intel processors everywhere.

Re:Prayer vs. Testing.

[Aighearach]

That's only even one small team!

I don't think the free Mountain Dew in the breakroom is helping any, either. Nor does the Free Pizza Fridays.

I've spent some time in the Portland area, including near the Intel campus, and I have to say that if the team is entirely made up of H1B recipients then you'll get like, 3 times as many team members per metric ton compared to using domestic neckbeards.

Re:Prayer vs. Testing.

I think it is due to the way that while all the chip designs share the same basic architecture, the timing and clock propagation speeds of different areas on the chip die may vary from chip to chip. They basically aim to make multi-core Xeons, but due to manufacturing processes, each chip is basically unique. These get sorted out by number of working cores, cache size, and get branded accordingly; i3, i5, i7, Xeon.

Re: Prayer vs. Testing.

No they didn't. that was the original P5 release. 60 and 90Mhz models IIRC.

Re:Prayer vs. Testing.

Faith based software development. It's quite a bit cheaper than alternatives like Agile

Sometimes it seems that is what agile is. Keep working on it until we figure out what the actual requirements were or we run out of money.

That being said, sometimes you just don't have and can't get the requirements by any other means other than iterating through the complex problem until you have the understanding to determine the true requirements.

Still, maybe this faith based process has some virtue. Maybe we won't always pick the cheapest choice when having to make a choice, regardless of schedule risk.

Re: Prayer vs. Testing.

That was the FDIV bug.

The f00f bug was a few years later.

Re:Prayer vs. Testing.

[tomxor]

Armen

Re:Prayer vs. Testing.

[DeVilla]

Be reasonable. There is always a period between having something runnable and getting test results back. It sounds like this is just now going into test.

Who writes these taglines?

[Dwedit]

Who writes these taglines? This is clearly not a Meltdown patch at all, so it shouldn't be mentioned anywhere.

Re:Who writes these taglines?

Take it easy, brah, don't have a meltdown

Re:Who writes these taglines?

Intel writes them and sends them directly to the whores that run this site.

Re:Who writes these taglines?

I didn't know your mom was in the reception queue, but in hindsight it seems obvious

Re:Who writes these taglines?

Slashdot editiors haven't been technical in a decade. This new crop aren't even up to typical gadget blogger tech savvy. It's pathetic.

Re:Who writes these taglines?

They are up on their socjus though.

Re:Who writes these taglines?

[tomxor]

Lets face it, the FUD spread to blur Meltdown with Spectre has been won by Intel. It's up to the non-tech crowd to evolve to not take headlines at face value. It seems you can do no wrong in PR no matter how misleading... It's not possible to shout loudly enough against it, people have already moved onto the next headline.

Reminds me of an old TV show

[93+Escort+Wagon]

There was a campy, over-the-top parody TV show called "Sledge Hammer" back in the 80s... although even if you're old enough, you may not remember it since it wasn't exactly a roaring success. The "protagonist" (using that term loosely) was a gun-happy cop whose solution to everything involved using his gun. If someone was stealing a candy bar, he might shoot the candy bar out of the perp's hands, for instance. If an old lady missed her bus, he might shoot out the tires of the bus.

Anyway, right now Intel reminds me of the show's intro. Most of it just featured glamour shots of Sledge Hammer's gun... but, at the end, Sledge Hammer says "Trust me, I know what I'm doing", and he shoots - but the bullet miscarries, resulting in a (virtual) bullet hole on your TV screen.

That's Intel, in a nutshell.

Re:Reminds me of an old TV show

[Archangel+Michael]

https://www.youtube.com/watch?...

Re:Reminds me of an old TV show

[grasshoppa]

Ah memories. I loved my early 80s trash TV...and it was trash. Holy shit was it trash.

Still loved it.

Re:Reminds me of an old TV show

[93+Escort+Wagon]

Love it!

Another great show I managed to kill off... When I really like a show, you can pretty much guarantee it's not going to last. At least this one made it a couple seasons.

RIP Max Headroom, Twin Peaks, Andy Richter Controls the Universe, Firefly - and too many others to mention. Some of them you can't even get on DVD, the interest is so low...

Re:Reminds me of an old TV show

Another great show I managed to kill off... When I really like a show, you can pretty much guarantee it's not going to last.

Could you do the rest of the world a favour and develop a keen interest in the Kardashians?

kthanksbye

Re:Reminds me of an old TV show

https://www.youtube.com/watch?...

Thank you for confirming why Netflix should be condemned for not carrying a genre labeled "80's TV".

Bastards.

Re:Reminds me of an old TV show

[nwf]

Ha, I used to watch that. It was entertaining for the time. Too bad it ended on that cliffhanger.

Re: Reminds me of an old TV show

Is there a tv show about the Star Trek DS9 characters? Cool.

Re:Reminds me of an old TV show

Don't forget the episode "A Dog Day Sledge" where he used 5 shots to force someone threatening to jump off a building to dive into a window for safety. Then he walked into a bank robbery with only one bullet in his gun and was paralyzed when he couldn't figure out which of the bank robbers to shoot.

Q: "How did the police get here so fast?"
A: "There's a donut shop around the corner."

Re: Reminds me of an old TV show

[halivar]

Yes. It's called Star Trek DS9.

Re: Reminds me of an old TV show

[DarthStrydre]

It canâ€(TM)t be an Intel sledgehammer. AMD already used Sledgehammer as a trademark/code name for its K8 line of chips, the first that used the amd64 architecture.

Re:Reminds me of an old TV show

"is that a silencer?"

"No, it's a loudener" *blows target in half*

Re:Reminds me of an old TV show

[yorgasor]

Ha, one of my favorite shows from the 80s! Those were good times. I have the collection, and I'll still break it out every so often.

Re: Reminds me of an old TV show

[sconeu]

Ya gotta admit, AMD had much cooler names for their CPUs than Intel did.

Re:Reminds me of an old TV show

[Aighearach]

Max Headroom was certainly a great movie. But that TV show they made of it really sucked bad.

It was the only show on TV when I was a child where I would watch the awesome intro, and then change the channel when the show started.

Re:Reminds me of an old TV show

There was also Dick Hammer which was a "literal" cop show, which was hand animated.

Spitting Image (original series), Lexx, and many others. Starlost alway seemed to be a pre-concept idea for Battlestar Galactica.

Re:Reminds me of an old TV show

[antdude]

I loved that 80s series as a callow ant. :D

Re:Reminds me of an old TV show

[Hal_Porter]

Good times man. Good times.

https://www.youtube.com/watch?v=XGoU7urNTbI

Re:Reminds me of an old TV show

[freeze128]

There was an episode where he was cybernetically augmented like robocop, and the title of the episode was "Hammeroid". :)

Re:Reminds me of an old TV show

[bankman]

Another great show I managed to kill off... When I really like a show, you can pretty much guarantee it's not going to last.

You mean like I did with Bakersfield PD? It's depressing when you realize that you're the jinx of TV shows. :-(

Re:Reminds me of an old TV show

"Hammer, you can't defuse that [nuclear] bomb!" "Trust me, I know what I'm doing."

https://www.youtube.com/watch?v=XGoU7urNTbI

Spectre only

[PhrostyMcByte]

You can't fix Meltdown with a CPU patch.

Re:Spectre only

And even then it *requires* OS support and/or compiler patches and recompilation of everything with a JIT inside it...

Re: Spectre only

You can fix it with a flat-head screwdriver by prying the damn thing off your motherboard.

-Homer

Re:Spectre only

[suutar]

why not? My understanding was that meltdown was based on predictive branching, in which case if you disable predictive branching it doesn't happen.

Granted, that's a pretty heavyhanded fix, but there may be other ways that are still down to changing the cpu microcode...

Re:Spectre only

Trouble is, you can't, it's wired in the hardware, no microcode patch is able to fix it.

Re:Spectre only

I think you have confused meltdown and spectre.

Spectre impacts everything and is basically not something that can really go away. It will be haunting us for a long time, which is why they called it "Spectre." The upside is it's extremely difficult to exploit in a meaningful way.

Meltdown is actually fixable since it's a bounds check that intel doesn't enforce when they are supposed to. The microcode and firmware can both be fixed to resolve that issue.

Re:Spectre only

[amorsen]

It's a bit funny that this post is 5 Informative. It is exactly the wrong way around. Meltdown can be fixed with a patch. It involves speculating across a hardware security barrier, which is something that microcode has a chance to detect.

Spectre, on the other hand, does not involve speculating into inaccessible memory. It just involves speculating into memory that the program (typically a jit compiler) is carefully avoiding touching.

Re:Spectre only

No, GP had it right - Meltdown can't be fixed with a CPU patch, because the access-granting flaw isn't in the microcode. All the CPU patches are for Spectre variant 2.

Re:Spectre only

[thegarbz]

Heavy handed is why not. A patch that literally makes your CPU perform like something from the 90s is not a patch which 'works'.

Re:Spectre only

[PhrostyMcByte]

You've misunderstood the problem. The patchability of this issue has been public knowledge for quite a while, so there's no excuse for your flippant ignorance on it. The article even specifically calls out Spectre: you'll see only the summary incorrectly mentions Meltdown.

Meltdown is only patchable via software at the OS level. This is the entire reason operating systems put in these huge page table isolation pages. The CPU fix will come years from now.

Spectre variant 2 is patchable via software per-app via e.g. Retpoline, or via CPU microcode which is what Intel has just done.

Waiting for the next /. how-it-went update

[adosch]

Let me know how it goes, everyone! I'll see you all in therapy...

Re:Waiting for the next /. how-it-went update

[sinij]

Let me know how it goes, everyone! I'll see you all in therapy...

The meeting is in the next room to the "Patch Tuesday Support Group", down the hall from "Dependency Hell Anonymous", right?

Re:Waiting for the next /. how-it-went update

[jwhyche]

But I just got all my shit working again....

That patch...

That patch is called "buy AMD or get a new Intel processor when they actually fix Meltdown and Spectre".

It's probably the only way to really fix a hardware bug like this one. It's entirely possible this is mainly Intel trying to save face, and the performance hit will be just as bad as KPTI or something.

Why do they need to rely on hope?

[hawguy]

the release sees the company crossing its fingers and hoping that everything works out this time

Intel has relationships with pretty much every computer OEM and cloud computing provider -- why do they need to cross their fingers and hope for the best when they can get their partners (who are just as motivated as Intel to have a usable solution) involved in large-scale tests?

Re:Why do they need to rely on hope?

[BlueStrat]

Intel has relationships with pretty much every computer OEM and cloud computing provider -- why do they need to cross their fingers and hope for the best when they can get their partners (who are just as motivated as Intel to have a usable solution) involved in large-scale tests?

One possible answer is because those others might just discover other security vulnerabilities in the silicon, possibly either unintentional in nature and/or some that were requested/ordered to be left in or deliberately inserted by US TLAs.

Strat

Pray?

Prayer is literally the least you can do.

CAPTCHA: Nonsense (seriously, good one, Slashdot)

They've only had since June

[bill_mcgonigle]

Hey, Google only notified them in June and maybe they were going to get around to working on it after the holidays. And there are two new variants out this week that aren't considered, so be ready for the next round in a month or so as well.

You can't expect Intel to get these things done immediately, people! (the class action suits are going to love that they didn't fix it with six months' warning).

Re:They've only had since June

[cwsumner]

Hey, Google only notified them in June and maybe they were going to get around to working on it after the holidays. And there are two new variants out this week that aren't considered, so be ready for the next round in a month or so as well.

You can't expect Intel to get these things done immediately, people! (the class action suits are going to love that they didn't fix it with six months' warning).

This sounds very much like the Navy-owned submarine torbedo development facility, at the beginning of WWII. They sounded just the same and showed the same organizational problems, when the torbedoes that the submariners used failed to explode, over and over. Like 8 fired and one worked!

They were later found to have half a dozen serious bugs and defects, which had never been tested. Estimated to have caused a number of our ships to be destroyed and over 800 people to be killed!

And not all computers just run "Office", a hack really can cause people to be killed...

Re:They've only had since June

Nope, building a ship is the most complicated piece of engineering. Period.

Re:They've only had since June

[HiThere]

For Metldown, the quality of the last patch they offered, which was so bad that company after company said "don't install that" (though, AFAIK, only Linus added "garbage") seems to indicate that they didn't start development of the patch until after public notice.

Spectre is a different problem, but Meltdown ought to be fixable, if only by disabling the running speculative execution. (Whether they can do better than that I wouldn't guess.) OTOH, that approach should also solve Spectre...but nobody wants to pay that price.

Re:They've only had since June

For Metldown, the quality of the last patch they offered, ...

What patch did Intel offer for Meltdown? Seriously, Intel has gone out of its way to be incredibly vague about what exactly its patches do, but all the technical talk on the OS side make it clear that the patching for Meltdown is 100% in software (with some hardware assistance from the PCID feature if available).

Spectre is a different problem, but Meltdown ought to be fixable, if only by disabling the running speculative execution.
  (Whether they can do better than that I wouldn't guess.) OTOH, that approach should also solve Spectre...but nobody wants to pay that price.

The only way to avoid speculative execution through a microcode update (that I know of) would be to put in effective nops or locks on every memory access. That would effectively reduce the performance down to 1/5th or 1/6th speed and with a fraction of the ALUs (except in some specific loops and the like). And like you say, it'd fix Spectre and Meltdown. The current workaround is to either (1) in software execute a specific set of instructions in kernel functions to avoid the wrong speculation or (2) include an effective speculative flush barrier through new microcode instructions which includes an enormous performance penalty on each usage in kernel functions. Little to nothing is being done for process to process barrier violations on Spectre, but AFAIK they effectively already exist in the same manner that the Meltdown software patch works--not having the memory mapped in to read.

So, yea, if you have actual further information, I'd be interested. Citations included, of course.

Re:They've only had since June

[HiThere]

And I'm no expert, so I can't give you the details you want. But you could check the Linux Kernel developers list where it was discussed. Abusively. Linus did not think highly of the patch at all. Other companies just said "don't install that" and said things like "it won't work with our equipment". If any of them gave details, I didn't hear them. (OTOH, I only hear of this on Slashdot and Soylent News. As I said, that's not where I'm an expert.)

Re:They've only had since June

Abusively. Linus did not think highly of the patch at all.

The problem Linus had is with the microcode update Intel was pushing for Spectre seemingly making the new work around instructions as optional and seemingly designed for the long term: Linus talking about the insanity of the Spectre patches to go along with the Intel microcode updates. The Meltdown stuff needs fixed in hardware (ie, not a microcode update) and should in theory be relatively easy to fix.

In his words for Spectre though: "since we already know that the IBRS overhead is huge on existing hardware, all those hardware capability bits are just complete and utter garbage. Nobody sane will use them, since the cost is too damn high. So you end up having to look at "which CPU stepping is this" anyway." Ie, because IBRS has such massively overhead, Linux developers are trying to avoid it as much as possible with other software workarounds. Even if Intel manages to integrate IBRS in a future revision of their chips that doesn't have the huge performance cost, they're going to have to use yet another CPUID to differentiate the ones they have patched now with IBRS and future ones so kernel developers can use that instead of the various software workarounds, but then that's still going to involve looking at CPU model/steppings/whatever.

Other companies just said "don't install that" and said things like "it won't work with our equipment"

That's because the microcode update introducing IBRS/IBPB was causing reboots. Also, the kernel still has to be modified to use the feature, but only if it exists. So, at the moment it's basically a waiting game. Oh, and AMD chips also have to be patched for the Spectre variant(s?) they're vulnerable to, and I don't know if that's something workaroundable in software only. In any case, Linus was talking about the patches to the kernel and what it seemed to represent upon Intel's intentions for the future in reference to Spectre, not the microcode update itself.

Q3 2015

[darkain]

Skylake launched Q3 2015. So Intel is pushing the patch for barely more than 2 years worth of product. What about the millions (billions?) of systems out there that were not replaced in the past two years? Are they going the same way of Android in the "well fuck, sucks to be you!" mentality of security because the device isn't the absolute latest and greatest? I'm thinking they only supported back that far is because there are Xeon-D CPUs that launched Q1 2018 with Skylake architecture, and Intel is all over that Xeon-D right now (this is what Facebook is now using)

Re:Q3 2015

[KingMotley]

My guess is that they will go back further than they need to in order to cover all their products under warranty. Anything beyond that is them just being nice.

Re: Q3 2015

Well, my next CPUs will be AMDs, for the foreseeable future. Fuck Intel.

Re:Q3 2015

[AHuxley]

Re: systems out there that were not replaced in the past two years?
Buy a new CPU soon that will be tested before its approved for the production line.

Sure, slap it on me.

Dear Intel,

Sock it to me.

Signed
Another Slaphappy Customer

Try out?

[PPH]

Don't we have a chimp or a rabbit that we could test this stuff on first?

Re:Try out?

[wonkey_monkey]

Always mount a scratch monkey.

Re:Try out?

[jwhyche]

Don't we have a chimp or a rabbit that we could test this stuff on first?

No, but we have a bunch of dumb ass naked apes.

Re:Try out?

[Aighearach]

Sure, trim the neckbeard back a bit and call it a "chimp," nobody will notice.

Also, I think that rabbit was an ewok yesterday, so be careful.

get gallger to smash some intel chips

get gallger to smash some intel chips

It depends...

[gwolf]

Does losing up to ~30% of your chip's speed mean more or less damage to you, to your usual workload, to the threat model you feel as better applying to your person?

Re:It depends...

[Tough+Love]

Now feeling a bit smug about my move back to AMD. Pure dumb luck that it doesn't get Spectred of course, but this is just one reason I like Zen more than Core arch.

Re:It depends...

[Tough+Love]

Ah, I meant Meltdown of course, not Spectre.

Re:It depends...

Advance execution of calls to the operating system cease working, leading to large loss in performance.

Re:It depends...

It's not "dumb luck." Intel's advances, and the edge those advances gave them against AMD, came at the cost of security. And they probably fucking knew it.

Re:It depends...

[AmiMoJo]

It's academic anyway. You can't get the patch yourself, you have to wait for your motherboard manufacturer to release BIOS update.

Intel hasn't updated it's boards yet. Probably never will.

Re:It depends...

Spectre hasn't really been exploited yet anyway, meltdown is the lowlying fruit. AMD wins on both counts and the IntelME is a huuuuuuge ongoing problem where the PSP is virtually unmentioned. Dumb luck? I'll take it - half off too.

Re:It depends...

Or your next OS update to include them.

Re:It depends...

[RavenLrD20k]

Pure inference here, though it may be a conclusion jump, but I think he meant that the dumb luck part of it is that he chose to go AMD for his latest build instead of Intel ahead of finding out about Meltdown.

Are the other manufacturers onboard yet?

[grilled-cheese]

So have we finally put to bed the finger pointing going on between Intel, Dell, and Redhat yet?

Re:There all bad fixes

Thank you, official NSA statement.

Not available on intel download site

[Cronq]

Well

https://downloadcenter.intel.c...

finds only ancient, 2017 microcode version :-(

Cardassians/Kardashians - The difference

[knarfling]

Remember that there are two groups with similar names, the Cardassians and the Kardashians. One group is vaguely reptilian, have large misshapen heads and an overblown and undeserved sense of superiority. The other group, of course, invaded Bajor.

Re:Cardassians/Kardashians - The difference

[sconeu]

I should have seen this joke coming, but never the less.... You owe me a new keyboard.

Re:Cardassians/Kardashians - The difference

I should have seen this joke coming, but never the less.... You owe me a new keyboard.

If I really couldn't laugh at a joke without destroying equipment, I'd be far too embarassed and ashamed about this to write a post about it.

Being spastic like an ADHD child is not normal behavior.

Now with less reboot!

But more crashes!

Disable JavaScript

You can gain performance and improve your security (even in the face of Meltdown) by turning off JavaScript (and ActiveX, and Flash, and Silverlight) in your browser.

Install a hosts file as well. I recommend this one. The problem with APK's hosts file is his engine is not signed by a trusted source. And several sites are mirroring it now, with no clear indication on modifications they may have made. Best not to risk your security with disreputable executables from ne'er-do-wells these days.

ZIP

Re:Disable JavaScript

Meltdown (and Spectre) was never an issue for servers, unless you've set them up like a complete moron.

ZIP

Still shipping vulnerable processors?

[NewtonsLaw]

Is Intel still shipping processors with these vulnerabilities?

If so, you have to ask "what the hell are they thinking"?

Would Ford or Chevy be allowed to keep selling a vehicle which was known to have defects that made it unroadworthy even before you drove it off the showroom floor?

Re: Still shipping vulnerable processors?

It will take several cpu generations before we will se fixed architectures from Intel.

Re:Still shipping vulnerable processors?

Yep!
Heck; they pushed out Coffee Lake back in October of last year; for all those holiday sales. BEFORE, the public at large knew. They are absolute scum.

(Haha, the captcha: recalls)

Re: Still shipping vulnerable processors?

"I felt a great disturbance in the Force, as if millions of legal counselors suddenly cried out in terror and were suddenly silenced. I fear something terrible has happened."

they can't really afford to not fix this for generations. they may think they do, sure.

Yes, they would.

As the defects are known, caveat emptor applies.

Moreover, there is a fix that the end user can apply as he sees fit.

If you are an end user of cloud service providers, then it is up to YOU to get a provider to make certain security guarantees in writing.

Re:Yes, they would.

[NewtonsLaw]

"Moreover, there is a fix that the end user can apply as he sees fit."

Really? I thought it was still in beta-test, hence this discussion.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Sledge Hammer

"Sledge Hammer. The only guy that could make Dirty Harry look like a bleeding heart Liberalï." -- Unknown

Speaking of Intel. I can't remember... did Dirty Harry fire 5 shots or 5.999999999999?

fool me once, shame on you

fool me... you cant get fooled again!

I could be a "ne'er-do-well" like you OR

I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell February 16 2017

(APK's work), I've flat out said it's good by BronsCon February 11 2016

his hosts program is actually pretty good by xenotransplant August 10 2015

his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg September 25 2015

I like your host file system by Karmashock September 09 2015

I do use APK's host file on all my systems at home by OrangeTide December 01 2017

I personally use a HOSTS file blocker produced from a genius called APK by 110010001000 October 27 2017

* See subject:... Get good reviews on my work via /. peers!

APK

P.S.=> It's better being ME vs. "CNN=Conde Nast Network FAKE NEWS" ArseHoleTECHNICA (lol) instead https://it.slashdot.org/comments.pl?sid=11776235&cid=56166549/

I was thinking about spectre/meltdown the other...

day.

Isn't all that is really needed is for certain instructions to either trigger the branch flush themselves while in mixed code, or, at the risk of damaging user mode realtime apps, randomly adjust the tsc/other performance timers when specific operations are triggered so that the cache timing doesn't align with the actual fetch?

Agile IS hope and prayer. Build random thing, hope

[raymorris]

Agile is the practice of building software without first figuring out what kind of software you need to build. It IS development by prayer - build something, anything, and then pray that it somehow related to the user's need.

Re:Agile IS hope and prayer. Build random thing, h

[Hal_Porter]

Full speed ahead and let's pray the shields hold up!

Need a push for...

The microcode signing keys for Pentium/PPro up, as well as the Redbooks for the microcode programming guides to be publicly released since they refuse to patch the older processors themselves.

The same concerns people have with the Intel ME apply to the microcode updates, only at least in the early days Intel limited access to that microcode information to a *VERY* small group of people, a half dozen by claim of someone involved at Intel at the time, but not in the hardware division.

Wrong title.

[Keith_Beef]

Should have been:

Intel Has a New Spectre and Meltdown Firmware Patch And Wants You To Test It Because Intel Couldn't Be Arsed To Do Its Own Testing.