On 01/18/2018 04:04 PM, cooloutac wrote:
SO it doesn't look like 4th or 5th generation boards are going to get a bios 
patch.  IS the bios patch nescessary?

Meltdown can be patched on Kernel and/or Hypervisor level with a performance loss by doing in the Kernel what should be done by the CPU. It also seems that Qubes 4 isn't affected in certain virtualisation modes, see the QSB & XSA.

It might be possible to patch Spectre 1 & 2 in limited ways as well, but there are only ideas out yet, see https://blog.xenproject.org/2018/01/04/xen-project-spectremeltdown-faq/

So the Microcode patches would be the proper way to do it and even there it seems to be hard if I recall the Spectre paper correctly, but the Open Source community attempts to implement (partial) mitigations anyway.

Or Should we just assume our desktop pc's are about as secure as android phones 
now?   Are they no good after a year or two?  I joke that real security costs 
alot of money because when firmware gets compromised nothing you can do but 
replace the pc.    But if you have to buy a new mobo and pc every year or two 
to stay up to date that is a sad future for most people.

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to