|
Security alert - "Meltdown" and "Spectre"
|
--
Rob Kelk Sticks and stones can break your bones, But words can break your heart. - unknown Forever neighbours, never neighbors Government of Canada: How to immigrate to Canada
--
Rob Kelk Sticks and stones can break your bones, But words can break your heart. - unknown Forever neighbours, never neighbors Government of Canada: How to immigrate to Canada
Intel knew about Meltdown/Spectre and didn't inform CERT
Time to seriously investigate AMD chips for the next PC...
--
Rob Kelk Sticks and stones can break your bones, But words can break your heart. - unknown Forever neighbours, never neighbors Government of Canada: How to immigrate to Canada 
You did notice that AMD was part of the non-informing cabal, right?
<sigh> No, I missed that. But Intel was the company that discovered the issue.
--
Rob Kelk Sticks and stones can break your bones, But words can break your heart. - unknown Forever neighbours, never neighbors Government of Canada: How to immigrate to Canada 
Probably time to seriously consider making my next web surfing computer be a Raspberry Pi then...
"You know how parents tell you everything's going to fine, but you know they're lying to make you feel better? Everything's going to be fine." - The Doctor
Raspberry Pi ala Modem, then?
Hear that thunder rolling till it seems to rock the sky?
Thats' every ship in Grayson's Navy taking up the cry! NO QUARTER! No Quarter by Echo's Children 
<rimshot>
-- Bob
I have been Roland, Beowulf, Achilles, Gilgamesh, Clark Kent, Mary Sue, DJ Croft, Skysaber. I have been called a hundred names and will be called a thousand more before the sun grows dim and cold.... 
RE: Security alert - "Meltdown" and "Spectre"
03-13-2018, 05:12 PM (This post was last modified: 03-13-2018, 05:15 PM by Dartz.)
Apparently it's AMD's turn. Although, instead of having months to work on a solution and arrange a quick sell off of corporate shares there's only been 24 hours notice in this case.
Things are a bit light on the technical description and eyebrows are being raised at the lab itself. It seems like a sort of perfectly normal level of insecurity that you'd expect in such hideously complex systems - insecurity and untrustworthiness is the normal state of affairs. The more complex a thing is, the more likely there'll be holes in it somewhere. This is, after all, the reason why Europe is laughing at the idea of a hard border in NI - it's got more holes and crossings than any other EU border. Also. Why the fuck does every security vulnerability have to have a fucking brand these days? Is it some idiotic way of drawing attention to the brander.
Oh sweet meteor of death
Fall upon us. Deliver us in fire To Peace everlasting.
RE: Security alert - "Meltdown" and "Spectre"
03-14-2018, 05:50 AM (This post was last modified: 03-14-2018, 05:52 AM by robkelk.) (03-13-2018, 05:12 PM)Dartz Wrote: Also. Why the fuck does every security vulnerability have to have a fucking brand these days? Is it some idiotic way of drawing attention to the brander. That's for the system administrators' benefit. Have we patched CVE-2715? I don't know, there's a lot of CERT alerts for stuff that often doesn't apply to our servers. Have we patched Meltdown? Yes. (CVE-2715 is one of Meltdown's CERT serial numbers, IIRC. Not the only one.)
--
Rob Kelk Sticks and stones can break your bones, But words can break your heart. - unknown Forever neighbours, never neighbors Government of Canada: How to immigrate to Canada
Maybe I'm just feeling catastrophically cynical about this one....
It came with premade branding - so was known about it for long enough for someone to cook up said branding, without actually revealing the problem to the manufacturer. And as much as branding the things helps with public (and managerial awareness), it just feels a bit foolish for me. If it's utterly catastrophic, then yeah - but you're quickly into a sort of semantic satiation if you're naming every vulnerability you discover.
Oh sweet meteor of death
Fall upon us. Deliver us in fire To Peace everlasting. |
|
« Next Oldest | Next Newest »
|
