Windows 10 Will Banish Spectre Slowdowns With Google's Retpoline Patch

Microsoft is including Google's mitigation for the Spectre Variant 2 speculative execution side-channel attack in the next release of Windows 10, currently codenamed 19H1. ZDNet reports: Google developed a software-based mitigation for Spectre Variant 2 called Retpoline that constrains speculative execution behavior sufficiently to mitigate an attack. Google's testing found its fix had a negligible effect on performance. Retpoline was implemented by Linux distributions such as Red Hat and SUSE, as well as by Oracle for Oracle Linux 6 and 7. And now, as MSPoweruser spotted, Microsoft's kernel engineers have confirmed that Retpoline will be part of the next version of Windows 10, 19H1, which is due out next year. Google's Retpoline plus Microsoft's own kernel modifications have reduced the performance impact to "noise level", according to Mehmet Iyigun of Microsoft's Windows and Azure kernel team. "Yes, we have enabled Retpoline by default in our 19H1 flights along with what we call 'import optimization' to further reduce perf impact due to indirect calls in kernel-mode. Combined, these reduce the perf impact of Spectre v2 mitigations to noise-level for most scenarios," wrote Iyigun.

"The bad news is that Microsoft didn't include the Retpoline fix in the latest Windows 10 October 2018 Update Redstone 5, or RS5, release, even though, according to CrowdStrike researcher Alex Ionescu, it could have," reports ZDNet.

Use APK Hosts File Engine instead... apk

See subject: APK Hosts File Engine 10.0++ 64-bit for Windows h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r W i n d o w s . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 Windows!

(Better vs. Windows version 9.0++ in speed/efficiency)

APK

P.S.=> I am God's gift to Slashdot and my work is world-class. China copied my work because they can't do better. Protects against Spectre & Meltdown + all other known & unknown threats... apk

Re:Use APK Hosts File Engine instead... apk

Windows 10 is still a pile of spyware, adware, bloatware and crippleware crap. It's not even a real operating system, it's a marketing platform.

Re:Use APK Hosts File Engine instead... apk

yes seriously, I'm using win10 pro with classic shell on all my machines, 5 laptops( 2 dell, 2 lenovo, and 1 HP) and 4 desktops(3 asus/amd, 1 intel/asus based machines). I have never seen a single case of adware and most of the apps can be removed including IE11. With the new release coming, you'll be able to remove even more apps that are installed by default. I don't use any of the included software so you'll have to explain the crippleware apps because I'm unfamiliar with any. Most of the telemetry and Cortana can be disabled almost completely except some parts of Cortana is needed for search.

-geekpoet

Re:Use APK Hosts File Engine instead... apk

I have never seen a single case of adware

Doesn't mean they aren't there. They were widely publicised on the lock screen, the start menu and the file manager, so you must live under a rock.

most of the apps can be removed including IE11

No they can't. You might be able to "disable" a few, but you cannot actually remove them.

With the new release coming, you'll be able to remove even more apps that are installed by default.

Oh, how very generous of them to give a tiny bit of control back to the user! Keep licking the boots of your overlords at Microsoft, for they control your computer and your data.

you'll have to explain the crippleware apps

Windows 10 itself is crippleware. It limits what the owner/administrator can do with their own computers. For example, you cannot disable automatic "updates", you cannot remove the bloatware and it serves up ads...all in a commercial, paid-for product.

Most of the telemetry and Cortana can be disabled almost completely except some parts of Cortana is needed for search.

"Most" is relative. When the "basic" spyware level collects a *massive* amount of data, that means "full" must collect an unimaginable amount of data...for no legitimate reason, without a way to disable *all of it* (some is not good enough) and without Microsoft paying users for that data. Really, that spyware should not even exist in the OS at all. It should be 100% impossible for Microsoft to collect any data whatsoever via the OS.

Windows 10 a huge pile of shit and the worst excuse for an operating system I have seen in my 40 years of computing.

Re:Use APK Hosts File Engine instead... apk

Oh and also I hope you enjoy your OS subscription because it's coming. Office went subscription for enterprise customers first but later went subscription for everyone. If you think Windows 10 isn't following suit, then you are naive and/or stupid beyond comprehension.

That's not even mentioning how Microsoft is using users as unpaid QA and making them suffer the consequences, such as every single Windows 10 "update" breaking something, destroying data or even destroying hardware because the "developers" are incompetent morons who copy and paste code from other sources into spaghetti without even understanding what it does. When you see a piece of software that receives updates very rapidly, you know the developers behind that software are crap.

Re: Use APK Hosts File Engine instead... apk

[emil]

It is unlikely that subscription charges to Windows 10 will ever be enforced. ChromeOS and Android have supplanted Windows as the main consumer OS, and Microsoft likely will not want to see their market share decay any more rapidly than necessary. It is more likely that adware will be introduced on systems that do not have corporate subscriptions.

Re:Use APK Hosts File Engine instead... apk

"You might be able to "disable" a few, but you cannot actually remove them."

Simply not true. Look online into the use of the powershell commands:

remove-appxpackage and remove-appxprovisionedpackage *

You can easily remove almost all the Windows Store style apps from your account with the first, then remove them from the cache that installs them on newly created accounts with the second.

The apps that can't be removed are few: depending on the particular version of Windows family , you may or may not be able to remove Store. Edge (and IE - although it's not a Store "app") can be hidden but they are baked in because the WinAPIs rely on some of the underpinning components. But just about everything else can not only be disappeared, but removed. On Pro, Enterprise etc., whether or not you can remove Store, you can disable the Store outright via Group Policy.

* Please note there's more than one way to employ those commands, which allows for differing results. Read up.

Re:Use APK Hosts File Engine instead... apk

Just about very single mainstream OS major update of any OS for desktop / laptop / workstation computers breaks something, and that since the beginning of time: OSX, Windows 95 thru Server 2019, most Linux distros, macOS etc. etc.

br.
Stop being all indignant, it's silly.

Re:Use APK Hosts File Engine instead... apk

Those are old instructions that don't work for many apps any more. Microsoft "fixed" that a long time ago.

Re:Use APK Hosts File Engine instead... apk

They might break minor, unnoticeable things, they don't change all of your settings, erase your files, fry your video card and kill your hard drive like Windows 10 has.

Reptillian Patch

Vladimir Putin is the latest in a long line of people to have come forward recently claiming to have witnessed The Queen and other members of the British Royal Family shapeshift into a reptile – such as Lady Gaga and Oscar Winning actress Dame Helen Mirren – but perhaps none of them quite command the same sort of authority as the Russian President.

According to sources close to Putin, Queen Elizabeth II shapeshifted into a “reptile form” in front of him “as a warning” to him personally and a “show of power”.

Putin told senior staff and associates that The Queen “is a reptilian that shapeshifts between human and reptile form” at will, and that she uses it to intimidate and show strength to warn him and others not to mess with the dominant reptilian-Illuminati bloodline.

YourNewsWire reports that Putin met the Queen at the 70th anniversary of the D-Day landings in Normandy, France, in 2014. He was widely criticized by the Western media for failing to help the monarch up the stairs and keeping his distance from her in general.
It has now emerged that Putin stayed as far away from the Queen as possible because he witnessed her shapeshift moments earlier.

“The Queen has a long reptile face, almost like a beak, and she is a sickly gray dishwater color.”

She shifted between this form and her human state “three or four times” while greeting Putin. He also saw her shapeshift later while she was being helped to her position for the world leaders’ photo, by Barack Obama and New Zealand’s Governor General Jerry Mateparae.

“Her hands turned into reptile hands while they helped her up the stairs. When she smiled her teeth changed into sharp reptile teeth and glistened.”

Putin has told senior staff and close associates that he believes she shapeshifted while greeting him as a show of strength and a warning not to mess with the dominant reptilian-Illuminati bloodline of which she is a high priestess.

It is said that Putin had first-hand experiences with the reptilian-Illuminati chime by people who have dedicated years to researching the elusive, tyrannical powers that rule our world. They were traveling across the globe and recall stories of people from very different walks of life who have told stories about seeing “people” briefly turn into reptilians before their very eyes.

One of these researchers’ reports: “I’ve been told this by Californian news anchors, Ethiopian goatherds and Australian Aboriginals, just to name a few. A Danish taxi driver described driving past a group of VIP guests at the 2014 Bilderberg meeting in Copenhagen and seeing some of their faces turn reptilian and some of their hands and feet take on a reptilian look. In Peru, a respected psychic told me she sees people in power, like Obama, David Cameron, and Hillary Clinton, turn into reptiles whenever she watches an international news channel.”

The world’s ruling class have tyrannical control over the mainstream media, as well as our food, water, and air supply, and they are actively dumbing down the masses. The evidence against them, ancient and modern, is enormous and continuing to grow.

What is taking them so long ?

[Alain+Williams]

Linux vendors had patches out in March!

Re:What is taking them so long ?

Well obviously, the windows kernel developers got sick at the thought of using Google's code. Just look at that version number....

Re:What is taking them so long ?

A lot more PCs are running Windows. As such, they have a much larger user base with a wider variety of hardware and software to test. With Linux, you just throw it out there and people who have problems can roll back because those users know what they're doing, usually.

Re:What is taking them so long ?

The mitigations are already in. This is about converting the implementation to use retpolines everywhere.

Re:What is taking them so long ?

It's the same thing with patching Meltdown. The Linux folk figured a way to use PCID which was added in 2010 to Westmere vs WIndows that uses INVPCID which was added in 2013 to Haswell. As a result, I've actually disabled the Meltdown protection on my Windows system (I use it almost exclusively for games and not online multiplayer) because the potential performance cost without the hardware assistance is pretty horrible. Seriously, there's something really wrong at Microsoft that they can't get their act together on much of anything it seems, these days.

Re:What is taking them so long ?

Actually... the INVPCID version was the first version proposed for Linux... by Intel. 3rd party developers managed to hack PCID to do the same thing, yet the performance improvement (or rather reduction of mitigation's degradation) is not as big as using INVPCID. That's why Linux will now try to use INVPCID if available, then PCID if not or just suck up the mitigation cost.

Microsoft probably had the patches ready from Intel way before the PCID method was even conceived. Remember that Intel was notified a long time before those vulnerabilities were made public, they even extended the deadlines for publication multiple times.

Re: What is taking them so long ?

[Zero__Kelvin]

A lot more servers, routers, smartphones, home appliances and other systems are running Linux. What's your point? Mostly that it didn't occur to you that Linux isn't the niche OS you are trying to claim it is I suppose.

Re: What is taking them so long ?

[Zero__Kelvin]

So then ... the mitigations *weren't* all in then we're they? Thus this new one.

Re: What is taking them so long ?

[Zero__Kelvin]

So you are saying Microsoft was way ahead of the pack but came in last anyway? Sounds about right.

Re: What is taking them so long ?

Microsoft and Linux have very different patching processes. Linux tends to be very fast while Microsoft has to go through their usual corpobullshit. Microsoft recently failed to act to a 0day discovered and reported to them in May (ZDI-18-1075, CVE-2018-8423).

Another aspect is that Microsoft is a holistic vendor of operating systems while the burden of pushing patches for Linux to end users ends up at the distribution maintainers which are separate from the kernel. For Microsoft this adds bureaucracy, this adds delays, and firing the QA department doesn't help one bit. They made their own bed with profit-oriented short term gain decisions.

On the other hand Windows itself isn't as profitable as it was before so they might simply just not care. All that matters to them is Azure and other services now.

Re:What is taking them so long ?

3rd party developers managed to hack PCID to do the same thing, yet the performance improvement (or rather reduction of mitigation's degradation) is not as big as using INVPCID. That's why Linux will now try to use INVPCID if available, then PCID if not or just suck up the mitigation cost.

3rd party developers, other than Microsoft. That's my whole point. They swallowed the Intel version, didn't care to investigate any possible other mitigations that'd work on earlier versions, and haven't adopted what everyone has done even after it became clear there's other approaches. I understand why Intel wouldn't work too hard on supporting older CPUs, but Microsoft trying to push itself as some sort of service should be focusing on trying to keep its customers happy.

It'd be different if Meltdown was going to be fixed meaningfully soon, but only the latest Intel CPUs now finally have a hardware fix and actual wide adoption is going to take years at the least. It'd also be different if the CPUs in question were actually substantially inferior to modern ones but their new this year i3-8300 is pretty comparable to the i5-3570 (what I have) released in 2012 yet right before the Haswell cut-off. That doesn't even include the more high end i7-4960X released in 2013 which is also before the cut-off and near twice the performance.

Microsoft probably had the patches ready from Intel way before the PCID method was even conceived. Remember that Intel was notified a long time before those vulnerabilities were made public, they even extended the deadlines for publication multiple times.

I get that, but the point is that they've had over 6 months to introduce the PCID method into Windows. They're announcing only the Retpoline Patch method and that's not coming until next year. If Intel had to wait for Microsoft to have done the patching themselves without Intel's help, would we still not know about Meltdown or Spectre?

Re: What is taking them so long ?

Many of those servers, routers, phones do not run Intel processors. Many have a very constrained i/o and memory map. Many run linux kernels specifically compiled for just that hardware.

It's a completely different thing.

Re: What is taking them so long ?

Windows 7 is why

To address it in win7 all systems need a BIOS newer than may 2018

Unfortunately only HP, Dell and Apple update their BIOS after 2 years due to enterprise demands. You are SOL if you have anything else and this have to rely on software to migitate the bugs.

Re:What is taking them so long ?

3rd party developers, other than Microsoft. That's my whole point. They swallowed the Intel version, didn't care to investigate any possible other mitigations that'd work on earlier versions, and haven't adopted what everyone has done even after it became clear there's other approaches. I understand why Intel wouldn't work too hard on supporting older CPUs, but Microsoft trying to push itself as some sort of service should be focusing on trying to keep its customers happy.

I agreed with your point and was just providing more context in terms of timing.

I get that, but the point is that they've had over 6 months to introduce the PCID method into Windows. They're announcing only the Retpoline Patch method and that's not coming until next year. If Intel had to wait for Microsoft to have done the patching themselves without Intel's help, would we still not know about Meltdown or Spectre?

This is standard Microsoft practice, and yes it sucks :)

Re:What is taking them so long ?

[greenwow]

> didn't care to investigate any possible other mitigations

To be fair, I don't think Microsoft has the expertise on staff to do that. They got rid of most of their more experienced devs in order to save money. Several friends that are great devs got fired since they were so good at their jobs they couldn't be promoted, but Microsoft fires you if you don't get promoted enough. Their system gets rid of the people that are the best at their jobs.

Re: What is taking them so long ?

Transitioning from an inefficient mitigation to a more efficient one. Stop trying so hard to be a fuck wad.

Re:What is taking them so long ?

[p0p0]

Microsoft has tried adding it in but when they test Windows Update, it just deletes the patch from the filesystem!

Re:What is taking them so long ?

[arglebargle_xiv]

As such, they have a much larger user base with a wider variety of hardware and software to test.

Funny, just a few stories down there's this one, which implies that testing for Windows 10 changes is more or less optional:

Either tests do not exist at all for this code (and I've been told that yes, it's permitted to integrate code without tests, though I would hope this isn't the norm), or test failures are being regarded as acceptable, non-blocking issues, and developers are being allowed to integrate code that they know doesn't work properly...

Re: What is taking them so long ?

A lot more servers, routers, smartphones, home appliances and other systems are running Linux. What's your point? Mostly that it didn't occur to you that Linux isn't the niche OS you are trying to claim it is I suppose.

How many of those devices actually run Intel processors where this code would even be included? Even if they did, the vast majority of the Linux smartphones in the world will never get close to running the latest version that implements this fix anyway.

Re: What is taking them so long ?

Wrong. Most servers run Intel chipsets by a huge margin. Many routers do as well.

Re: What is taking them so long ?

[emil]

Big companies are slow. This is especially so with profound changes to the kernel compiler, which were likely reviewed by Dave Cutler himself.

Re: What is taking them so long ?

[Highdude702]

Correct for servers, Routers however the majority run broadcom or atheros chips, go look at lede hardware support list or dd-wrt support list.

Re:What is taking them so long ?

Yeah but nobody uses it apart from script kiddies. All the cool kids who need to get work done or play games are on Windows.

Re: What is taking them so long ?

Wrong.
Intel is NOT making available patches that might be reverse engineered and studied.
Most BIOS's have reserved pointers for such extensions - but hey obsolesence is the name of the game.
We dont know the benchmarks. or even how/when the baseline was taken. MS do seem to populating releases before anyone else does an independant audit. Stack smashing sounds OK - but is there security stuff in the stack tht might be readable? One fix opens another problem.

Re: What is taking them so long ?

[AmiMoJo]

Difference being that "Linux" isn't responsible for patching all those devices. Microsoft has taken on a maintenance contract for hundreds of millions of computers. The terms are pretty shitty, if they brick your machine you are on your own, but they do at least pretend to try to make the update process kinda robust.

So while the Linux kernel was patched in March, it takes time for distros to adopt the patch, and then even longer for admins to roll the patch out to devices. In fact many devices will never be patched. One thing you can say about Windows 10 is that most machines do get patched, even if it bricks them.

Re:What is taking them so long ?

Because they are actually testing it before releasing it

Re:What is taking them so long ?

Life tip: Your friends lied to you. They simply aren't that good at their jobs.

Re: What is taking them so long ?

Old and barebones systems can be turned into routers with operating systems like OPNSense. It's a good use for laptops that would otherwise be destined for the trash. A lot of those run Intel chips.

But yes, I also completely understand that covers a small minority of households. Realistically, most people just buy off-the-shelf routers.

Re:What is taking them so long ?

So the developers have admitted to being amateurs who don't know what they are doing. Microsoft is also using spyware embedded directly into Windows 10 to turn its customers into unpaid labour for free QA so that their company makes more money which they don't share with the people who did the work while simultaneously stealing customers' computer resources, customers' electricity and inflicting wear and tear on customer owned equipment.. They also use their collected customer's data for marketing purposes on top of that with advertisements that, much like the embedded spyware, are built into Windows 10 itself. Microsoft forbid customisation or control over Windows 10 and revert all changes with forced "updates" which almost always break the system and make it more vulnerable to attack.

Only idiots use Windows 10.

Microsoft should be liable $1,000 / lost document

They force their shitty upgrades on people. Any document lost due to unwanted reboot or a buggy patch must cost Microsoft $1,000. No mass discount. If they go bankrupt after one week, too bad, they wanted it.

NSA told them to hold off

There's still a few system they have yet to infiltrate.

Remember to back up all your files

several days before Windows 10 19H1 is released -- Microsoft will forcefully install it, and delete all your files at the same time.

Great news!

[Zero__Kelvin]

The great news? The highly unlikely possibility that you will fall victim to a speculative execution based attack has been addressed. The horrible news? It was implemented by the same company that can't guarantee your files won't be randomly deleted by the greatest security threat known in modern times, to wit Microsoft. I'm sure it's been well tested and there will be no problems though. Even Microsoft has to get it right occasionally, amirite?

Re: Great news!

Did Microsoft fuck your mommy and convince her to abandon you only to do it again with the next woman?
Did the kid who made the winning shot against you... was he wearing a Windows 95 backpack?
Did a Microsoft commercial come on right when you were about to have your first orgasm watching Days Of Our Lives?
Did they not hire you in spite of your obvious mastery of sorting algorithms in your senior year at DeVry?
Or are you just a fucking loser with too much time on your hands? I am genuinely curious. I would read your book. Please write it. But for fuck sakes do not write it in Word.

A little late with it

Seems like Microsoft again is late to the party in protecting its users with better security solutions and instead created its own performance robbing patches. So 6 or so months from now most Windows 10 users will finally get what Linux and Chrome OS have had for a year. Brilliant Microsoft, and why couldn't this make it into 1809??

Microsoft management is becoming worse.

[Futurepower(R)]

"Microsoft again is late to the party in protecting its users with better security solutions and instead created its own performance robbing patches."

Microsoft: More than 10 years of poor management

Microsoft needs a new CEO and a re-organization of management.

Re:Microsoft management is becoming worse.

Bring Back Balmer!

Re:Microsoft management is becoming worse.

Microsoft needs a new CEO and a re-organization of management.

With this kind of thing it could have been a legal decision that Microsoft's team just decided the other way. Until they could prove the patch was as safe, they didn't want to risk it.

I doubt they failed to investigate it in a timely manner. That would be grounds for a new CEO.

We need a better way to run trusted and untrusted code side by side, but the only way that comes to mind is via provable isolation, with disjoint resources. For instance if the core set of applications used in a business were trusted, then you might be able to run them with less paranoid on access scanning and such. Unfortunately, I can't see that being anything but expensive, slow, or both.

Maybe the docker container idea or similar? The stuff in this box is good, and isn't allowed to access anything questionable, so give it an isolated core/cache/memory/video interface and leave it alone? Similarly the stuff in the container would be protected from the rest of what is going on by using the dedicated resources.

Another idea that comes to mind is web pages that don't use script languages. They used to exist, and certainly still could for a lot of content. Whenever you bring a Turing complete language into the mix, well its harder to limit. A lot is possible with just plain html, and only server side elements, including basic advertisements and such. The web pages would certainly load a lot faster.

Seriously?

According to TFS, most Linux distros don't have the patch either.
Only Big-Money distros like SUSE and Red-Hat, and their user-base is tiny compared to windows.

Re:Seriously?

[r1348]

Nonsense, the patches are already upstreamed in the kernel code, any distro can distribute them.

Another case of Microsoft pushing Win10.

[SeaFox]

Oh, we gave you a patch that will slow down your machine because of Spectre.
Did we mention we're getting a much better patch now? You have to update to 10 to get it, though.

Retpoline does not "banish" slowdowns

[complete+loony]

The retpoline hack is a deliberate stack smash, to execute an indirect jump that the CPU will not speculate. Since the CPU cannot speculate it, execution *must* be slower than code from before spectre was discovered. But it does mean you can turn off *really* slow CPU mitigations.

The real trick is avoiding the need for retpoline in the first place. Make sure that indirect jumps have shortcuts for commonly executed branches that aren't affected by Spectre.

BTW, I watched a great talk about spectre, for application developers, by a clang compiler engineer who was involved in the research on spectre.

MS: what about Server OSes? And why so slow?

[mattb47]

How about the patch where it really matters: on servers? Will this patch be available on Server 2016? Server 2019? 2012 R2? (OK, not really expecting it on 2012 R2 or earlier, but one can hope.)

Server 2016 and Windows 10 share (or at least used to share) a lot of the same codebase, so one would think Server 2016 could be patched here fairly easily.

And that this won't happen until the next Windows 10 release (probably April 2019)? Absolutely ridiculous. Get it out. NOW.

Codename 19H1?

Finally, Microsoft is naming their products like proper any proper virus should be.

Re:Codename 19H1?

Sounds more like the pig flu than a computer virus

c6gunner's impersonating me & lying

See subject: c6gunner's name on this post as submitter yet signed "APK" (me) https://linux.slashdot.org/com...

I never say hosts cure Spectre/Meltdown OR it'd be on the Start64.com download page for it & I do NO MacOS X one!

* Too bad I publicly DESTROYED you c6gunner both here https://tech.slashdot.org/comm... + here https://tech.slashdot.org/comm... vs. your LIES/LIBEL + on hosts' technicals https://tech.slashdot.org/comm...

APK

P.S.=> Due to you TRYING TO PUT WORDS IN MY MOUTH I NEVER SAID!: DNS in kernel? I never said that! I did get the BLOW YOU AWAY ON IT 4th link above! Hosts is tunable NATIVE resolver driven by tcpip.sys IN kernelmode in Windows + kernelmode diskcache in Linux + hosts resolves faster, safer vs. slow remote DNS that can be DOWN or DNS poisoned & NO DNS TRACKING for fav sites I use @ TOP of hosts for speed/security vs. DNS poisoning & rest are BLOCKED (who cares how 'fast' getting to them - I NEVER INTEND TO GET TO THEM, TTL does rest))

Retpoline?

Retpoline? That sounds like a hair oil used in the 1920's! And brought back in the 1950's.

Greasers forever!

c6gunner's impersonating me & lying

See subject: c6gunner's name on this post as submitter yet signed "APK" https://linux.slashdot.org/com...

* I never say hosts cure Spectre/Meltdown OR it'd be on the Start64.com download page & I do NO MacOS X one!

APK

P.S.=> You say hosts = shit https://slashdot.org/comments.... ?

FACTS: /.ers & security pros + RESULTS say DIFFERENT:

1st: /.ers https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments....

2nd: SECURITY PROS https://slashdot.org/comments....

3rd: REAL RESULTS w/ hosts vs. threats https://slashdot.org/comments....

EAT YER WORDS

Glad it wasn't included in 1809

[sydbarrett74]

[from TFS] "The bad news is that Microsoft didn't include the Retpoline fix in the latest Windows 10 October 2018 Update Redstone 5, or RS5, release, even though, according to CrowdStrike researcher Alex Ionescu, it could have," reports ZDNet.

Not such bad news in light of 1809's data-losing file system bugs. I'd like to see something like this much more thoroughly tested, given the grave security implications.

Re:MS: what about Server OSes? And why so slow?

[sydbarrett74]

My guess is that it will be prioritised for inclusion in Server 2019, then back-ported to 2016.