|
06-01-2018, 07:34
|
#3
|
Registered User
Join Date: Mar 2012
Location: Boston, MA
Boat: 1981 Bristol 32 Sloop
Posts: 17,494
|
Re: Processor Vulnerabilities
That it was known so long, while the Intel president, traded out of his stock options and had months to change the "rules" is totally criminal. Intel abandoned serving their customer base, an act Andy would not have tolerated.
Thanks Carcode. I will read it. Looks like we have to go all the way back to Atom processors to be safe.
|
|
|
06-01-2018, 07:44
|
#4
|
Registered User
Join Date: Feb 2008
Boat: 2017 Leopard 40
Posts: 2,661
|
Re: Processor Vulnerabilities
It makes good headlines, and it’s a very serious design error, but it’s VERY difficult to exploit in a useful way. It would require sophisticated skills and computing power to reassemble the memory fragments into usable information. Criminal types wouldn’t see a good ROI so they’ll stick with ransomware, credit fraud and phishing. This is fodder for nation states and even then it would only be used on focused high value targets.
Bottom line, you and me should be more concerned about other stuff. Do your software and firmware updates and move on.
PS you can’t stick with old unsupported software forever.
|
|
|
06-01-2018, 07:45
|
#5
|
Registered User
Join Date: Mar 2012
Location: Boston, MA
Boat: 1981 Bristol 32 Sloop
Posts: 17,494
|
Re: Processor Vulnerabilities
https://spectreattack.com/#faq-fix
https://www.axios.com/what-you-need-...522229386.html
Microsoft issued updates for Windows 10, Windows 8 and Windows 7 as well as for its Azure cloud operating system
As of Wednesday evening, Apple had yet to comment on how its products are impacted.
INtel has it's head in the sand!
Quote:
The costs: Despite how widespread the problem is, Intel says it doesn't expect any significant financial impact. Other potential costs will be born by software makers creating patches and those that may see a performance impact from the software patches needed to close the security hole. It's also possible class-action lawyers may see this as a prime opportunity to litigate.
|
|
|
|
06-01-2018, 09:53
|
#6
|
Registered User
Join Date: Nov 2015
Location: Ireland
Posts: 466
|
Re: Processor Vulnerabilities
Quote:
Originally Posted by rgleason
As of Wednesday evening, Apple had yet to comment on how its products are impacted.
|
Apple now say all Mac and iOS devices are affected too.
https://support.apple.com/en-us/HT208394
|
|
|
06-01-2018, 10:03
|
#7
|
Moderator Emeritus
Join Date: Sep 2007
Location: Eastern Tennessee
Boat: Research vessel for a university, retired now.
Posts: 10,406
|
Re: Processor Vulnerabilities
It's overblown. Google: "Intel overblown" and "Intel overreaction".
__________________
David
Life begins where land ends.
|
|
|
06-01-2018, 12:43
|
#8
|
Registered User
Join Date: Jan 2011
Location: France/UK
Boat: Gib'Sea 402
Posts: 546
|
Re: Processor Vulnerabilities
I'm sure it is. My (limited) understanding is that to gather any data at all the undetected malware has to be virtually inside the processor. It's just not going to happen for the vast majority of users.
|
|
|
06-01-2018, 12:57
|
#9
|
Registered User
Join Date: Feb 2010
Location: Tierra del Fuego
Boat: Phantom 19
Posts: 6,145
|
Re: Processor Vulnerabilities
And now everybody grab your tea, sit back, take a deep breath, update your browser for the, hard to exploit, stuff through Javascript when available during the next few days, and let the big cloud running guys do their job they started to do before you even heard the words Meltdown and Spectre for the first time. These are "disaster" for the cloud industry, of limited importance for the end user, certainly not more important than the other dozen we have seen in the last year, really.
|
|
|
06-01-2018, 14:21
|
#10
|
Registered User
Join Date: Oct 2014
Location: Netherlands
Boat: Halmatic 30
Posts: 1,101
|
Re: Processor Vulnerabilities
Quote:
Originally Posted by AedanC
|
Eben Upton (Raspberry PI):
"Meltdown and Spectre are examples of what happens when we reason about security in the context of that abstraction, and then encounter minor discrepancies between the abstraction and reality. The lack of speculation in the ARM1176, Cortex-A7, and Cortex-A53 cores used in Raspberry Pi render us immune to attacks of the sort."
|
|
|
07-01-2018, 01:35
|
#11
|
Registered User
Join Date: Jul 2005
Location: Bellingham
Boat: Outbound 44
Posts: 9,319
|
Re: Processor Vulnerabilities
If you could sneak a program that exploits this vulnerability onto an OpenCpn user's machine you could capture the assembly code, reverse compile it and then publish the source code to O.
__________________
Paul
|
|
|
23-01-2018, 03:55
|
#12
|
Registered User
Join Date: Jul 2010
Location: Hannover - Germany
Boat: Amel Sharki
Posts: 2,535
|
Re: Processor Vulnerabilities
|
|
|
|
Thread Tools |
Search this Thread |
|
|
Display Modes |
Rate This Thread |
Linear Mode
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
Advertise Here
Recent Discussions |
|
|
|
|
|
|
|
|
|
|
|
|
Vendor Spotlight |
|
|
|