On Thursday, January 18, 2018 at 12:20:49 PM UTC-5, David Hobach wrote:
> On 01/18/2018 04:04 PM, cooloutac wrote:
> > SO it doesn't look like 4th or 5th generation boards are going to get a 
> > bios patch.  IS the bios patch nescessary?
> 
> Meltdown can be patched on Kernel and/or Hypervisor level with a 
> performance loss by doing in the Kernel what should be done by the CPU. 
> It also seems that Qubes 4 isn't affected in certain virtualisation 
> modes, see the QSB & XSA.
> 
> It might be possible to patch Spectre 1 & 2 in limited ways as well, but 
> there are only ideas out yet, see 
> https://blog.xenproject.org/2018/01/04/xen-project-spectremeltdown-faq/
> 
> So the Microcode patches would be the proper way to do it and even there 
> it seems to be hard if I recall the Spectre paper correctly, but the 
> Open Source community attempts to implement (partial) mitigations anyway.
> 
> > Or Should we just assume our desktop pc's are about as secure as android 
> > phones now?   Are they no good after a year or two?  I joke that real 
> > security costs alot of money because when firmware gets compromised nothing 
> > you can do but replace the pc.    But if you have to buy a new mobo and pc 
> > every year or two to stay up to date that is a sad future for most people.

OHH  so thats why people say there is a performance loss,  in other words if 
your vendor doesn't patch the bios?  because I got a huge increase in 
performance with my board that got patched.  So i'm having a hard time 
believing all the hype about it.

And so yes I'm reading that the Qubes team is working to make some changes even 
to 3.2,  which is great news.  But I wasn't sure if they are able to address 
all the problems.

I guess a performance loss because lack of vendor support, is better then no 
mitigations at all.   If this is even the case,  I'm still skeptical.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/30159d48-6ecf-4b30-a4a2-60bec7f545ec%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to