Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Security alert - "Meltdown" and "Spectre"
RE: Security alert - "Meltdown" and "Spectre"
#26
An aside: Moore's Law was already on its last legs; Meltdown and Spectre drove the final nails into its coffin.
--
Rob Kelk

Sticks and stones can break your bones,
But words can break your heart.
- unknown
Reply
RE: Security alert - "Meltdown" and "Spectre"
#27
OpenBSD releases Meltdown patch
--
Rob Kelk

Sticks and stones can break your bones,
But words can break your heart.
- unknown
Reply
RE: Security alert - "Meltdown" and "Spectre"
#28
Intel knew about Meltdown/Spectre and didn't inform CERT

Time to seriously investigate AMD chips for the next PC...
--
Rob Kelk

Sticks and stones can break your bones,
But words can break your heart.
- unknown
Reply
RE: Security alert - "Meltdown" and "Spectre"
#29
You did notice that AMD was part of the non-informing cabal, right?
Reply
RE: Security alert - "Meltdown" and "Spectre"
#30
<sigh> No, I missed that. But Intel was the company that discovered the issue.
--
Rob Kelk

Sticks and stones can break your bones,
But words can break your heart.
- unknown
Reply
RE: Security alert - "Meltdown" and "Spectre"
#31
Probably time to seriously consider making my next web surfing computer be a Raspberry Pi then...
"You know how parents tell you everything's going to fine, but you know they're lying to make you feel better? Everything's going to be fine." - The Doctor
Reply
RE: Security alert - "Meltdown" and "Spectre"
#32
Raspberry Pi ala Modem, then?
Hear that thunder rolling till it seems to rock the sky?
Thats' every ship in Grayson's Navy taking up the cry!
NO QUARTER!

No Quarter by Echo's Children
Reply
RE: Security alert - "Meltdown" and "Spectre"
#33
<rimshot>
-- Bob

I have been Roland, Beowulf, Achilles, Gilgamesh, Clark Kent, Mary Sue, DJ Croft, Skysaber.  I have been 
called a hundred names and will be called a thousand more before the sun grows dim and cold....
Reply
RE: Security alert - "Meltdown" and "Spectre"
#34
Apparently it's AMD's turn. Although, instead of having months to work on a solution and arrange a quick sell off of corporate shares there's only been 24 hours notice in this case.

Things are a bit light on the technical description and eyebrows are being raised at the lab itself.

It seems like a sort of perfectly normal level of insecurity that you'd expect in such hideously complex systems - insecurity and untrustworthiness is the normal state of affairs. The more complex a thing is, the more likely there'll be holes in it somewhere. This is, after all, the reason why Europe is laughing at the idea of a hard border in NI - it's got more holes and crossings than any other EU border.


Also. Why the fuck does every security vulnerability have to have a fucking brand these days? Is it some idiotic way of drawing attention to the brander.

I love the smell of rotaries in the morning. You know one time, I got to work early, before the rush hour. I walked through the empty carpark, I didn't see one bloody Prius or Golf. And that smell, you know that gasoline smell, the whole carpark, smelled like.... ....speed.

One day they're going to ban them.
Reply
RE: Security alert - "Meltdown" and "Spectre"
#35
(03-13-2018, 05:12 PM)Dartz Wrote: Also. Why the fuck does every security vulnerability have to have a fucking brand these days? Is it some idiotic way of drawing attention to the brander.

That's for the system administrators' benefit.

Have we patched CVE-2715? I don't know, there's a lot of CERT alerts for stuff that often doesn't apply to our servers.
Have we patched Meltdown? Yes.

(CVE-2715 is one of Meltdown's CERT serial numbers, IIRC. Not the only one.)
--
Rob Kelk

Sticks and stones can break your bones,
But words can break your heart.
- unknown
Reply
RE: Security alert - "Meltdown" and "Spectre"
#36
Maybe I'm just feeling catastrophically cynical about this one....

It came with premade branding - so was known about it for long enough for someone to cook up said branding, without actually revealing the problem to the manufacturer.

And as much as branding the things helps with public (and managerial awareness), it just feels a bit foolish for me. If it's utterly catastrophic, then yeah - but you're quickly into a sort of semantic satiation if you're naming every vulnerability you discover.

I love the smell of rotaries in the morning. You know one time, I got to work early, before the rush hour. I walked through the empty carpark, I didn't see one bloody Prius or Golf. And that smell, you know that gasoline smell, the whole carpark, smelled like.... ....speed.

One day they're going to ban them.
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)