Re: Malware history was: Spectre & Meltdown
> On Jan 17, 2018, at 6:55 PM, Fred Cisin via cctalk> wrote: > >>> I used to have a tiny portable manual card punch. >>> An acquaintance used it to punch /* in the first two columns of his >>> punchcard based utility bills. (those characters have special meaning >>> to 360 JCL. They have multiple punches per column, so it required >>> making a punch, then backspacing to make the other punch(es)) > > On Wed, 17 Jan 2018, Chuck Guzis via cctalk wrote: >> /* = end of data set >> /& = end of job >> One wonders how a S/360 "C" compiler might deal with this. Preceding it >> with a space might do the trick. > > Yes, it would, but how would you get 100% compliance wiht no mistakes from > PROGRAMMERS? > > A 360 s'posedly COULD be told to ignore, or to respond to something else, but > that wasn't usually available. // DD DATA would ignore // in cols 1,2, but not /*. I found // DD DATA,DLM='@@' -- not sure when that appeared. I don't remember it from my OS/360 dabblings. paul
Re: Malware history was: Spectre & Meltdown
I used to have a tiny portable manual card punch. An acquaintance used it to punch /* in the first two columns of his punchcard based utility bills. (those characters have special meaning to 360 JCL. They have multiple punches per column, so it required making a punch, then backspacing to make the other punch(es)) On Wed, 17 Jan 2018, Chuck Guzis via cctalk wrote: /* = end of data set /& = end of job One wonders how a S/360 "C" compiler might deal with this. Preceding it with a space might do the trick. Yes, it would, but how would you get 100% compliance wiht no mistakes from PROGRAMMERS? A 360 s'posedly COULD be told to ignore, or to respond to something else, but that wasn't usually available. Accordinglyly, when we needed to use a 360 to duplicate a deck that had JCL cards, we would turn the source/data deck upside down. (hope that it didn't have '/' in column 80?)
Re: Malware history was: Spectre & Meltdown
On 01/17/2018 01:23 PM, Fred Cisin via cctalk wrote: >> We might as well all contribute. >> Back in college in 1969 > > I used to have a tiny portable manual card punch. > An acquaintance used it to punch /* in the first two columns of his > punchcard based utility bills. (those characters have special meaning > to 360 JCL. They have multiple punches per column, so it required > making a punch, then backspacing to make the other punch(es)) /* = end of data set /& = end of job One wonders how a S/360 "C" compiler might deal with this. Preceding it with a space might do the trick. --Chuck
Re: Malware history was: Spectre & Meltdown
We might as well all contribute. Back in college in 1969 I used to have a tiny portable manual card punch. An acquaintance used it to punch /* in the first two columns of his punchcard based utility bills. (those characters have special meaning to 360 JCL. They have multiple punches per column, so it required making a punch, then backspacing to make the other punch(es))
Re: Malware history was: Spectre & Meltdown
On Tue, 16 Jan 2018, David C. Jenner via cctalk wrote: This isn't malware, but back in 1962 when I was taking a college class in assembly language programming for the IBM 709, my innocence led to the following. We might as well all contribute. Back in college in 1969 we would submit our Fortran IV assignments on punched card of course. One day I got back junk and discovered that it was not my card deck under the account ID card so I went through the pile of returned decks and printouts and found that another student had swiped my deck and put his name on top so I took back the deck and shuffled his deck well before returning his ID card to the top and resubmitting it. I never heard a thing about that episode but I sometimes wonder what his next output looked like. -- Richard Loken VE6BSV: "...underneath those tuques we wear, Athabasca, Alberta Canada : our heads are naked!" ** rllo...@telus.net ** :- Arthur Black
Re: Malware history was: Spectre & Meltdown
On 1/16/18 4:27 PM, Sam O'nella via cctalk wrote: > Enjoying the virus/malware history as its always interesting to see > what people thought. Tricks, boredom, etc cause interesting results. > For punch cards i thought someone was going to mention punching all > the holes and jamming the reader. I'm not sure if thats real but heard > some folks had to check their opcodes or it could potentially lead to > that or flimsy card integrity if not. > Did anyone here ever see animal or other shared system malware? Animal > was just a nondestructive trojan (other than potential to take up disk > space) but interesting that someone would run a program that appeared > unexpected in their home folder. Cards that were mostly holes were called "lace cards". Not uncommon to see one punched (and offset if the punch had the feature) to indicate the start of a punched output file--usually showing the file name or job ID in "see-thru" fashion. High-speed punches generally could be very noisy when punching lace cards (or column/row binary) and prone to errors as they heated up. I'm thinking of the CDC 415 punch as an example, but the 1402 could put out quite a racket as well. Never tried duping a lace card on an 029 or 514. It doubtless would have been noisy as well. --Chuck
Re: Malware history was: Spectre & Meltdown
This isn't malware, but back in 1962 when I was taking a college class in assembly language programming for the IBM 709, my innocence led to the following. Of course, I had, on the typewriter, for my high school years, always typed ' backspace . to get an exclamation point. I did this in a comment in my first punched card submittal using an 026 keypunch. The program was rejected, and I lost $0.25 from my lab fee. So my first real computer program was a flaming failure. Had to wait for the 029 to be emphatic in punching. Dave On 1/16/18 4:27 PM, Sam O'nella via cctalk wrote: Enjoying the virus/malware history as its always interesting to see what people thought. Tricks, boredom, etc cause interesting results. For punch cards i thought someone was going to mention punching all the holes and jamming the reader. I'm not sure if thats real but heard some folks had to check their opcodes or it could potentially lead to that or flimsy card integrity if not. Did anyone here ever see animal or other shared system malware? Animal was just a nondestructive trojan (other than potential to take up disk space) but interesting that someone would run a program that appeared unexpected in their home folder. Original message (I'm unaware of any punch-card attacks, but trojans were possible when people used prior subroutines)
Re: Malware history was: Spectre & Meltdown
On Tue, Jan 16, 2018 at 4:27 PM, Sam O'nella via cctalk < cctalk@classiccmp.org> wrote: > Enjoying the virus/malware history as its always interesting to see what > people thought. Tricks, boredom, etc cause interesting results. > For punch cards i thought someone was going to mention punching all the > holes and jamming the reader. I'm not sure if thats real but heard some > folks had to check their opcodes or it could potentially lead to that or > flimsy card integrity if not. > Did anyone here ever see animal or other shared system malware? Animal was > just a nondestructive trojan (other than potential to take up disk space) > but interesting that someone would run a program that appeared unexpected > in their home folder. > Original message > (I'm unaware of any punch-card attacks, but trojans were possible when > people used prior subroutines) > For CDC 6000 SCOPE, the second card in the job deck was 'ACCOUNT,name,password' (or something like that; it was a long time ago). In a corner of the keypunch room was a large card recycling bin right next to a card sorter. One would set the card sorter to pull out cards that had an 'A' in column one, and shovel cards out of the bin into card sorter and end up with a tidy pile of user accounts and passwords, Or so I've heard. -- Charles
Malware history was: Spectre & Meltdown
Enjoying the virus/malware history as its always interesting to see what people thought. Tricks, boredom, etc cause interesting results. For punch cards i thought someone was going to mention punching all the holes and jamming the reader. I'm not sure if thats real but heard some folks had to check their opcodes or it could potentially lead to that or flimsy card integrity if not. Did anyone here ever see animal or other shared system malware? Animal was just a nondestructive trojan (other than potential to take up disk space) but interesting that someone would run a program that appeared unexpected in their home folder. Original message (I'm unaware of any punch-card attacks, but trojans were possible when people used prior subroutines)
Re: Spectre & Meltdown
On 01/13/2018 06:38 PM, jim stephens via cctalk wrote: And even worse, if he took too long, a fun feature of MVT and not corrected in MVS was if a console channel went unavailable for too long, the system would crash. Luckily the game would print out a line, and a blob of console messages would come out then ask for another move. Took 10 minutes to lose a game. The system administrators regenerated the system to add privilege and authorization to jobs using WTOR which they'd missed. We found other fun holes like that in MVT. Yup, OS/360 had a number of holes wide enough to let 5 ocean liners through, abreast. My favorite was the stock exception handler for the SPIE (specify program interruption exit) allowed you to change a program from problem state to supervisor state. Nobody ever thought anybody would ever abuse such a thing. Jon
Re: Spectre & Meltdown
On 01/13/2018 05:40 PM, Chuck Guzis via cctalk wrote: > All of this reminds me of a trick that I witnessed on a Model 40 running > DOS/360. Some guy wrote a chained CCW set with a TIC back to the > beginning of the list of CCBs that rang the bell on the 1052 operator's > console and locked the keyboard. The din panicked at least one > operator who pulled the "Emergency Stop" big red button. > Typo--not "CCB" but "CCW". --Chuck
Re: Spectre & Meltdown
On 1/13/2018 3:24 PM, Fred Cisin via cctalk wrote: > (I'm unaware of any punch-card attacks, but trojans were possible when > people used prior subroutines). Depends on what you mean "attack". CDC 6000 SCOPE had two PP programs (which could be invoked via user control card). One was "RPV"--reprieve job. The purpose was to recover control after a program error so that appropriate cleanup by the user could be performed. It was effective for *any* error, including operator killing the job. The other was "RSJ", reschedule job. Usually, this was used when a device or resource wasn't available--basically, it would put a job back into the input queue and terminate the caller. Unless, of course, the caller had included an RPV call also, in which case it was something like the sorcerer's apprentice--you'd get *two* copies of the job, which would then spawn 4 more copies, etc. Operator drop just exacerbated the situation, and eventually, the input queue would be full of the malicious job and all available PPUs would be allocated to doing nothing but RSJs and RPVs. The only way out of the situation was to deadstart the system without recovering the input queue. After a couple of incidents of this, a memo came down from on high saying that anyone attempting this gambit would be subject to discipline and/or termination. I think someone also did an EDITLIB and renamed both RPV and RSJ and kept the new names on a "need to know" basis. -- Another gambit I recall made use of a new I/O call in SCOPE 3.4, called "Read List String". Basically, the point of it was to streamline loader (linkage editor) operation by presenting CIO and, by extension, the disk stack processor overlay, 1SP with a list of disk addresses and lengths to be read. 1SP would dutifully go through the list, advancing its list pointer (so that the caller could keep track of progress). It was very effective and bypassed a lot of ancillary PP code. Some enterprising fellow wondered what might happen, if his CP program kept track of the READLS progress and kept backing the pointer up every time it advanced. Since 1SP attempted to complete an entire I/O request before terminating, it never terminated and kept the disk busy basically forever. That one was fixed by checking the user's control point area for the "DROP" flag--something that should have been done from the outset. --- All of this reminds me of a trick that I witnessed on a Model 40 running DOS/360. Some guy wrote a chained CCW set with a TIC back to the beginning of the list of CCBs that rang the bell on the 1052 operator's console and locked the keyboard. The din panicked at least one operator who pulled the "Emergency Stop" big red button. But then DOS/360 was easy to fool--it wasn't even much of a challenge. Good times... --Chuck
Re: Spectre & Meltdown
Although reduction in sneaker-net has virtually eliminated boot-sector spread. On Sun, 14 Jan 2018, Tapley, Mark wrote: I never made that connection before! Glad you toed me. There had already been some reduction. The first PCs with a hard disk would always attempt to boot from floppy first. Once it was possible to rearrange the boot sequence to try the hard disk first, we had a substantial reduction in boot sector virus incidents. MOST boot sector virus infections on hard disks could be trivially solved by the [undocumented at that time] /MBR option of FDISK.COM The "Alameda" Virus was first discovered [and thoroughly analyzed] in our ("Merritt College") lab. (We had a good idea of who might have been the author) One of the student workers at our sister college, "College Of Alameda", who was brother of a guy who wrote a book on the subject, asked nicely for naming rights. A few years later, the administration informed me that they had waived the computer literacy requirement for a student transferring to Yale. A few months later, Yale "discovered" it, and named it "Yale Virus".
Re: Spectre & Meltdown
On 1/13/2018 3:24 PM, Fred Cisin via cctalk wrote: (I'm unaware of any punch-card attacks, but trojans were possible when people used prior subroutines) When I was using cards with our campus 360/50 MVT system and you could submit probably anything, a friend in EE (we were squatters in the CS area) had worked a summer job and had a really nice program they'd ran which now days would be called a text based football game. All one had to do was stick a job card in front of a deck, and we submitted our own jobs via a 2501 which was in the hall outside the computer room. Users loaded and fed their own cards, so there was no restriction on when the job ran. He decided to get a listing and figured if he stuck a job card in front if it and a couple of DD statements the job would blow up and he'd get a listing. All of the I/O was with WTO and WTOR. The operator that afternoon quickly discovered that WTOs were not disabled by the sysgen, and worse, there was only the single 1050 console, so the only way to get thru the job and get other things running was to play a game. And even worse, if he took too long, a fun feature of MVT and not corrected in MVS was if a console channel went unavailable for too long, the system would crash. Luckily the game would print out a line, and a blob of console messages would come out then ask for another move. Took 10 minutes to lose a game. The system administrators regenerated the system to add privilege and authorization to jobs using WTOR which they'd missed. We found other fun holes like that in MVT. When we were put over to a VS/1 system via TSO terminals, a console message monitor, and a password snarfing program was developed and ran quite a lot via remote access (system and terminals were in different cities). That was all OS of course, and some of it was something that could be disabled by sysgen options. The password snarfing was not. thanks Jim
Re: Spectre & Meltdown
On Jan 13, 2018, at 5:24 PM, Fred Cisin via cctalkwrote: > Although reduction in sneaker-net has virtually eliminated boot-sector spread. I never made that connection before! Glad you toed me.
Re: Spectre & Meltdown
On Sat, 13 Jan 2018, Murray McCullough via cctalk wrote: I wrote about Spectre and Meltdown recently: INTEL took its time to inform the world! Did it inform the world back in earlier days about potential flaws? Not to blame INTEL only: What about Zilog, etc.? Or did pre-Internet era protect us computer-classic users? What about running emulation software as I???ve been doing with ADAM? Happy computing! Few emulations are exact enough to duplicate all bugs. Q: Should an emulator do an exact imitation, or should it work the way that it is s'posed to? (behavior? or specs?) Pre-internet protected against most web based malware. But, there are instances of virus software ever since people exchanged files and disks. (I'm unaware of any punch-card attacks, but trojans were possible when people used prior subroutines) Most prevalent were boot-sector virus attacks and executable file virus attacks. As software became too eager to help provide dancing kangaroos and yodelling jellyfish, harmful macros in "productivity software" macro capabilities also started to surface. Internet made it much easier to acquire a trojan that would mess you up. Although reduction in sneaker-net has virtually eliminated boot-sector spread. How fast SHOULD the public response be? If they become aware of that kind of flaw, and can delay public knowledge until they have patches, they significantly reduce the risk of actual instances of malware using the exploits. Note: AFAIK, no examples of actual use of Spectre nor Meltdown have yet been encountered. If Microsoft had been in less of a rush, would they still have shipped patches that gave a BSOD with AMD processors? After public announcement, there ARE people actively working on developing malware using it. Similarly, after the Michelangelo Virus media panic, one of the variants later encountered was a fairly obvious "wannabe" consisting of "Stoned" patched to behave like the publicized Michelangelo behavior. The "thousands or millions of computers will be destroyed" was bogus. (BTW, the name "Michelangelo" was based on looking at a calendar to see what was special about March 6. If McAfee had had a Texas calendar, instead of a KQED (PBS) one, then it would have been named "Alamo") Intel made some mistakes in handling the FDIV bug. First, they made the assumption that the bug would be amazingly rarely encountered due to their calculations of probability of randomly hitting "winning" combinations of numerator and denominator, but failed to allow for any of the "winning" numbers happening to be more commonly used. THEN, they offered replacements to anybody who could PROVE that it actually affected their use of the machine. A more appropriate response would have been, "We WILL replace all affected processors! BUT, there aren't enough in stock right now to handle all immediately, so we will START by replacing those for all who can prove that they are affected, and then get to all others as we can manufacture more suitable replacements." (Perhaps the majority of people would have already replaced their machine before their turn came around! What is it? "a new machine every 18 months"?) Many of the general public had been led to believe that it would produce completely WRONG results, rather than the LOW ORDER bits of the mantissa being incorrect. No, it was not capable of "causing the wrong amount of sales tax to be charged!"
Re: Spectre & Meltdown
On Jan 13, 2018 11:36 AM, "Paul Koning via cctalk"wrote: > On Jan 13, 2018, at 1:22 PM, Dave Wade via cctalk wrote: > > ... > It delayed telling the world to allow time for OS providers to apply fixes. This is now standard and the delays are defined... > > http://abcnews.go.com/Technology/wireStory/intel- fixing-security-vulnerability-chips-52122993 > > but it looks like in this case it leaked early. Similar bugs affect ARM, AMD and PowerPC but nothing from them either. IBM won't tell the world (it will tell customers, but I am not a customer) if and how it affects Z. There are two bugs that are largely unrelated other than the fact they both start from speculative execution. One is "Meltdown" which is specific to Intel as far as is known. The other is "Spectre" which is a pretty much unavoidable side effect of the existence of speculative execution and appears to apply to multiple architectures. There may be variations; I assume some designs have much shorter speculation pipelines than others and if so would be less affected. Meltdown has a software workaround (it could also be fixed in future chips by changing how speculative loads work, to match what other companies did). Sorta. A 10% performance hit and tthe workaround is extensive. So it's forcing everyone to eat a shit sandwich to work around it. Spectre needs software fixes, possibly along with microcode changes (for machines that have such a thing). You're likely to hear more when the fixes are available; it would not make sense to have much discussion before then for the reason you mentioned at the top. Spectre for Intel requires microcode changes and OS level changes to cope, and changes to the compiler for retpoline support. The os guys need to talk about their piece a lot, so it needs disclosure as well... it's a smaller shit sandwich in terms of performance hit... Warner
RE: Spectre & Meltdown
On Jan 13, 2018 11:22 AM, "Dave Wade via cctalk" <cctalk@classiccmp.org> wrote: > -Original Message- > From: cctalk [mailto:cctalk-boun...@classiccmp.org] On Behalf Of Murray > McCullough via cctalk > Sent: 13 January 2018 18:09 > To: cctalk <cctalk@classiccmp.org> > Subject: Spectre & Meltdown > > I wrote about Spectre and Meltdown recently: INTEL took its time to inform > the world! Did it inform the world back in earlier days about potential flaws? > Not to blame INTEL only: What about Zilog, etc.? Or did pre-Internet era > protect us computer-classic users? What about running emulation software > as I’ve been doing with ADAM? It delayed telling the world to allow time for OS providers to apply fixes. This is now standard and the delays are defined... http://abcnews.go.com/Technology/wireStory/intel- fixing-security-vulnerability-chips-52122993 Linux, Windows and Mac got notified early November. FreeBSD just before Christmas with no time to cope. All other BSDs and OpenSolaris found out on release :(. But this embargo was super long. Intel found out in June... Warner but it looks like in this case it leaked early. Similar bugs affect ARM, AMD and PowerPC but nothing from them either. IBM won't tell the world (it will tell customers, but I am not a customer) if and how it affects Z. > > > > Happy computing! > > > > Murray J Dave
Re: Spectre & Meltdown
> On Jan 13, 2018, at 1:22 PM, Dave Wade via cctalk> wrote: > > ... > It delayed telling the world to allow time for OS providers to apply fixes. > This is now standard and the delays are defined... > > http://abcnews.go.com/Technology/wireStory/intel-fixing-security-vulnerability-chips-52122993 > > but it looks like in this case it leaked early. Similar bugs affect ARM, AMD > and PowerPC but nothing from them either. IBM won't tell the world (it will > tell customers, but I am not a customer) if and how it affects Z. There are two bugs that are largely unrelated other than the fact they both start from speculative execution. One is "Meltdown" which is specific to Intel as far as is known. The other is "Spectre" which is a pretty much unavoidable side effect of the existence of speculative execution and appears to apply to multiple architectures. There may be variations; I assume some designs have much shorter speculation pipelines than others and if so would be less affected. Meltdown has a software workaround (it could also be fixed in future chips by changing how speculative loads work, to match what other companies did). Spectre needs software fixes, possibly along with microcode changes (for machines that have such a thing). You're likely to hear more when the fixes are available; it would not make sense to have much discussion before then for the reason you mentioned at the top. paul
Re: Spectre & Meltdown
> On Jan 13, 2018, at 1:08 PM, Murray McCullough via cctalk >wrote: > > I wrote about Spectre and Meltdown recently: INTEL took its time to inform > the world! Of course, and for good reason. The current practice has been carefully crafted by the consensus of security vulnerability workers. That is: when a vulnerability is discovered, the responsible party is notified confidentially and given a reasonable amount of time to produce a fix before the issue is announced publicly. There's a big incentive for that response to happen and typically it does. If the issue is ignored, the announcement happens anyway along with public shaming of the part who didn't bother to respond. With this approach, a fix can often be released concurrently with the disclosure of the issue, which dramatically reduces the oppportunity for criminals to take advantage of the problem. This isn't a case of being nice to Intel; it's an attempt to benefit Intel's customers. If you read the Meltdown and Spectre papers (by the researchers who discovered the problem, not the news rags reporting on it) you'll see this policy mentioned in passing. paul
RE: Spectre & Meltdown
> -Original Message- > From: cctalk [mailto:cctalk-boun...@classiccmp.org] On Behalf Of Murray > McCullough via cctalk > Sent: 13 January 2018 18:09 > To: cctalk <cctalk@classiccmp.org> > Subject: Spectre & Meltdown > > I wrote about Spectre and Meltdown recently: INTEL took its time to inform > the world! Did it inform the world back in earlier days about potential flaws? > Not to blame INTEL only: What about Zilog, etc.? Or did pre-Internet era > protect us computer-classic users? What about running emulation software > as I’ve been doing with ADAM? It delayed telling the world to allow time for OS providers to apply fixes. This is now standard and the delays are defined... http://abcnews.go.com/Technology/wireStory/intel-fixing-security-vulnerability-chips-52122993 but it looks like in this case it leaked early. Similar bugs affect ARM, AMD and PowerPC but nothing from them either. IBM won't tell the world (it will tell customers, but I am not a customer) if and how it affects Z. > > > > Happy computing! > > > > Murray J Dave
RE: Spectre & Meltdown
> I wrote about Spectre and Meltdown recently: INTEL took its time to > inform the world! Did it inform the world back in earlier days about > potential flaws? Not to blame INTEL only: What about Zilog, etc.? Or Yes, of course it did. The famous Pentium FDIV bug comes immediately to mind. Of course pre-internet days and everything being online all the time security was a whole lot easier. If you could keep someone out of the building your data was secure. Now a day all it takes is a bad JS on a site to compromise you... -Ali
Spectre & Meltdown
I wrote about Spectre and Meltdown recently: INTEL took its time to inform the world! Did it inform the world back in earlier days about potential flaws? Not to blame INTEL only: What about Zilog, etc.? Or did pre-Internet era protect us computer-classic users? What about running emulation software as I’ve been doing with ADAM? Happy computing! Murray J
Re: Spectre & Meltdown
On 01/06/2018 12:30 PM, Ken Seefried via cctalk wrote: > The exploit effects the speculative execution facility, so no it's not > "all P6 forward": nothing 32-bit or PAE, nothing just OOO, etc. The > current word I have (from my risk management folks, who got it from > Intel) is the oldest chips verified to be affected are the Xeon 3400 > (server) and 2nd Gen Core (desktop) processors. So, probably nothing > later than 2009 or so. Ken, I'm not sure I understand. Do you mean nothing earlier than 2009 or so is affected? --Chuck
Re: Spectre & Meltdown
From: Murray McCullough> >This may be off-topic but these latest uprocessor exploits has raised >a question: Are the 'old/classic' uprocessors using x86 technology in >the same boat? > The exploit effects the speculative execution facility, so no it's not "all P6 forward": nothing 32-bit or PAE, nothing just OOO, etc. The current word I have (from my risk management folks, who got it from Intel) is the oldest chips verified to be affected are the Xeon 3400 (server) and 2nd Gen Core (desktop) processors. So, probably nothing later than 2009 or so. KJ
Re: Large discs (Was: Spectre & Meltdown
On Thu, Jan 04, 2018 at 06:38:10PM -0800, Fred Cisin via cctalk wrote: > On Thu, 4 Jan 2018, TeoZ wrote: > >Hard drives NEVER keep up. Bragging about how many DVD's (90's technology) > >you can store on current HD means little to people who have ultra HD > >Blueray videos that take up to 100GB of space. Heck even a single game > >download can be 50GB these days. > > I'd be interested in hearing about opinions of the 100GB "M-disc". I've > heard that they have decent longevity, and, the "low" capacity ones are > interchangeable with conventional DVDs. I've recently turned to using 25 & 100 GB M-disc BD discs for archival storage (mostly my digital camera image archive, so data that doesn't change). One downside of the 100 GB ones: they forever to write (with the defaults on growisofs, IIRC ~3h or so). > I can still put 20 100GB DVDs (2017 technology) on a 2TB 2.5" Thin SATA. > However, I'm also looking for multi-terabyte storage. > Are higher capacity DVDs on their way? > Howzbout multi-TearByte SSDs? I wouldn't trust SSDs (or any flash based storage) for archival purposes, those are strictly for online storage. Kind regards, Alex. -- "Opportunity is missed by most people because it is dressed in overalls and looks like work." -- Thomas A. Edison
Re: Spectre & Meltdown
On Fri, 5 Jan 2018 11:18:53 -0800 Rick Bensene via cctalkwrote: Of course, update your OS as soon as updates are available, > as patches (which will likely slow your system down) are forthcoming > from Microsoft and various Linux trees. > You want to test those updates before you apply them to remote production VM's. The latest CentOS 6.9 kernel update (2.6.32-696.18.7.el6 64-bit, which addresses meltdown) is broken on at least some Xen PV platforms and fails to boot. See https://bugs.centos.org/view.php?id=14336. You can't even get into grub from a remote console to select a working kernel. Well, you could set "default x", in /etc/grub.conf, where x = working kernel, before you update. Hindsight being 20/20. jbdigriz
Re: R: Large discs (Was: Spectre & Meltdown
On Fri, Jan 5, 2018 at 1:13 PM, Fred Cisin via cctalkwrote: > On Fri, 5 Jan 2018, Mazzini Alessandro wrote: > >> I'm not sure I would use SSD for long term "secure" storage, unless maybe >> using enterprise level ones. >> Consumer level SSD are, by specifics, guaranteed to retain data for 6 >> months >> > The JEDEC spec for Consumer grade SSDs is 1 year unpowered at 30C at end of life. The JEDEC spec for Enterprise grade SSDs is 90 days, unpowered at 30C at end of life. As far as I've seen, all SATA and NVME drive vendors adhere to these specs as a minimum, but there's also a new class of drive for 'cold storage' which has high retention, but low endurance and longer data read times... > if unpowered... any more time means being lucky. Would suck to save, store, >> and after some years find the data mangled... >> > > Yep! > SSD would be very unsuitable for archiving. > Unworn (meaning only a few P/E cycles) SSDs made from MLC or SLC NAND have data retention measured in the decade range. Stored at 0C, these would have ~300 year data retention since every 10C below the benchmark temperature gives you 3x longer retention. Conversely, storing at 40C or 50C puts the data at risk. Worn (meaning near end of life) SSDs, especially those that have been pushed past end of life, have issues. But, it is a nice fast medium for short-term uses. > AND, it MIGHT be the first to get a unit larger than 2TB that will fit in > a thin 2.5" form factor. > Probably better SHORT-TERM reliability than the Seagate 2TB thin SATA > spinning rust. > > > What is the archival life of a BDXL, other than M-disc? > M-disc media is a bit expensive. > It looks like an excellent medium for data collections a tenth the size of > what I'm playing with. > > > It seems that it is still necessary to maintain multiple copies > (geographically separate - we had a 4.4 quake yesterday morning), on > multiple different media, and make new copies on a regular basis.
Re: R: Large discs (Was: Spectre & Meltdown
In cases where the source remains available, in case of problems, nothing can beat it for sneaker-net. It does not contribute noticeably to the transfer speeds. On Fri, 5 Jan 2018, Sam O'nella via cctalk wrote: You're one of the first people I've heard quote that. Do you know where that is said? Years ago several friends and myself all picked up 64mb usb thumb drives so we could have multiple backups of a game and few other projects we were coding. Maybe it was an extended period of time (we ended up switching to compatible removable drive bays) but 2 out of 3 of us lost all the data on our thumb drives around the same time. I haven't heard may others share the concern but i wouldn't use ssd as a tech unless im forced to for that reason. Original message From: Mazzini Alessandro via cctalkDate: 1/5/18 7:15 AM (GMT-06:00) I'm not sure I would use SSD for long term "secure" storage, unless maybe using enterprise level ones. Consumer level SSD are, by specifics, guaranteed to retain data for 6 months if unpowered... any more time means being lucky. Would suck to save, store, and after some years find (over snipped)
Re: R: Large discs (Was: Spectre & Meltdown
On Fri, 5 Jan 2018, Mazzini Alessandro wrote: I'm not sure I would use SSD for long term "secure" storage, unless maybe using enterprise level ones. Consumer level SSD are, by specifics, guaranteed to retain data for 6 months if unpowered... any more time means being lucky. Would suck to save, store, and after some years find the data mangled... Yep! SSD would be very unsuitable for archiving. But, it is a nice fast medium for short-term uses. AND, it MIGHT be the first to get a unit larger than 2TB that will fit in a thin 2.5" form factor. Probably better SHORT-TERM reliability than the Seagate 2TB thin SATA spinning rust. What is the archival life of a BDXL, other than M-disc? M-disc media is a bit expensive. It looks like an excellent medium for data collections a tenth the size of what I'm playing with. It seems that it is still necessary to maintain multiple copies (geographically separate - we had a 4.4 quake yesterday morning), on multiple different media, and make new copies on a regular basis. -- Grumpy Ol' Fred ci...@xenosoft.com
RE: Re: Spectre & Meltdown
Ed Sharpe wrote: >what about xenon processors?? Xenon? You mean the processor jointly developed by Microsoft & IBM based on the PowerPC architecture, developed and used in the Xbox 360? Or perhaps did you mean Xeon (note no N in the middle)? There is a big difference. Don't know if the Xenon is susceptible, but given that the problem is with the way VM works, it could be susceptible, but the code to exploit it would be completely different because of the PowerPC architecture. Intel Xeon processors are marketed toward non-consumer computers such as servers and workstations. All Xeon processors are susceptible because they all do speculative execution. The solution to avoiding infection is not to use any web browser that has Java enabledat least for now. Of course, get rid of Flash if you have it. It could also be a vector, though that hasn't been proven. Use no-script. Better yet, use a text-only browser that ignores all scripting of any kind. Don't install /any/ software for any source for which you are not completely assured of safety (good luck). Get rid of any software on your machine that you are not 100% sure about, especially if it can automatically update itself. If you have any third-party software that is set to auto-update, either turn the feature off, or only allow you to determine when updates are applied. Of course, update your OS as soon as updates are available, as patches (which will likely slow your system down) are forthcoming from Microsoft and various Linux trees. The best defense, however, is simply call your ISP and tell them you want your connection turned off. ;-) It's getting really dangerous out there. -Rick --- Rick Bensene The Old Calculator Museum http://oldcalculatormuseum.com
Re: R: Large discs (Was: Spectre & Meltdown
You're one of the first people I've heard quote that. Do you know where that is said? Years ago several friends and myself all picked up 64mb usb thumb drives so we could have multiple backups of a game and few other projects we were coding. Maybe it was an extended period of time (we ended up switching to compatible removable drive bays) but 2 out of 3 of us lost all the data on our thumb drives around the same time. I haven't heard may others share the concern but i wouldn't use ssd as a tech unless im forced to for that reason. Original message From: Mazzini Alessandro via cctalkDate: 1/5/18 7:15 AM (GMT-06:00) I'm not sure I would use SSD for long term "secure" storage, unless maybe using enterprise level ones. Consumer level SSD are, by specifics, guaranteed to retain data for 6 months if unpowered... any more time means being lucky. Would suck to save, store, and after some years find (over snipped)
Re: Spectre & Meltdown
A 6TB hard drive, available for about $130 (or less), would be equivalent to about 60 of the 100GB BDXL disks, which seem to go for about $6 each, so $360 for around 6TB. And the hard disk will take less time to read and write. And the hard drive would take up less space. JRJ On 1/4/2018 7:50 PM, TeoZ via cctalk wrote: > Hard drives NEVER keep up. Bragging about how many DVD's (90's > technology) you can store on current HD means little to people who have > ultra HD Blueray videos that take up to 100GB of space. Heck even a > single game download can be 50GB these days. > > And I wouldn't mind one of those old networked DVD changers (I think > Sony sold them commercially) to play around with. >
R: Large discs (Was: Spectre & Meltdown
I'm not sure I would use SSD for long term "secure" storage, unless maybe using enterprise level ones. Consumer level SSD are, by specifics, guaranteed to retain data for 6 months if unpowered... any more time means being lucky. Would suck to save, store, and after some years find the data mangled... -Messaggio originale- Da: cctalk [mailto:cctalk-boun...@classiccmp.org] Per conto di Fred Cisin via cctalk Inviato: venerdì 5 gennaio 2018 03:38 A: General Discussion: On-Topic and Off-Topic Posts Oggetto: Large discs (Was: Spectre & Meltdown On Thu, 4 Jan 2018, TeoZ wrote: > Hard drives NEVER keep up. Bragging about how many DVD's (90's > technology) you can store on current HD means little to people who > have ultra HD Blueray videos that take up to 100GB of space. Heck even > a single game download can be 50GB these days. I'd be interested in hearing about opinions of the 100GB "M-disc". I've heard that they have decent longevity, and, the "low" capacity ones are interchangeable with conventional DVDs. I can still put 20 100GB DVDs (2017 technology) on a 2TB 2.5" Thin SATA. However, I'm also looking for multi-terabyte storage. Are higher capacity DVDs on their way? Howzbout multi-TearByte SSDs? > And I wouldn't mind one of those old networked DVD changers (I think > Sony sold them commercially) to play around with. I still want one of the ones that Kieth Hensen designed. Converting it from CD to DVD would be completely TRIVIAL (finding DVD drives with suitable form factors and loading options) -- Grumpy Ol' Fred ci...@xenosoft.com > I always wanted Keith Hensen's "Kubik"? CD changer. Big "carousel > slide tray" full of 240?! CDs/DVDs, in a square box, with a drive in > each corner. The drives were SCSI, and the load/unload/select control > was RS232. The big square boxes could be stacked, for a larger > collection, and there was a trivial mod to make the tray removable, so > that the top box could be swapped with as many trays as you had shelf space for. > > 'course hard drives caught up, and I now have about a thousand DVDs in > MP4s on a shirt pocket HDD. (including ALL of the Doctor Who's that > were released on DVD, Red Dwarf 1 - XII, Dark Matter, Torchwood, > Twilight Zone, Prisoner, Marx Brothers, Doc Martin, One Foot In The > Grave, etc.) The DVD images (V .MP4) take over 5TB.
Re: Large discs (Was: Spectre & Meltdown
On Jan 4, 2018 22:17, "TeoZ via cctalk"wrote: 100GB M-Discs are dual layer BlueRay media correct (not readable on a DVD player)? I actually have a BDXL BR burner. They are three-layer, and will ONLY work on BDXL drives, not older BD drives.
Re: Spectre & Meltdown
You forgot "Outer Limits". I put that show in the same category. Wayne Sudol Riverside PressEnterprise A DigitalFirst Media Newspaper. On Thu, Jan 4, 2018 at 3:53 PM, Fred Cisin via cctalkwrote: > On Thu, 4 Jan 2018, Chuck Guzis via cctalk wrote: > >> Funny, I've been saying since the 1980s that it you have something >> that's critical to your survival, keep it offline. >> Until any of my PCs develop the ability to go to my storage cabinet and >> fetch a DVD and load it into itself, I'm not sorried. >> > > So, that Exabyte Tape/cartridge Silo might not be such a good idea. > > I always wanted Keith Hensen's "Kubik"? CD changer. Big "carousel slide > tray" full of 240?! CDs/DVDs, in a square box, with a drive in each > corner. The drives were SCSI, and the load/unload/select control was > RS232. The big square boxes could be stacked, for a larger collection, and > there was a trivial mod to make the tray removable, so that the top box > could be swapped with as many trays as you had shelf space for. > > 'course hard drives caught up, and I now have about a thousand DVDs in > MP4s on a shirt pocket HDD. (including ALL of the Doctor Who's that were > released on DVD, Red Dwarf 1 - XII, Dark Matter, Torchwood, Twilight Zone, > Prisoner, Marx Brothers, Doc Martin, One Foot In The Grave, etc.) The DVD > images (V .MP4) take over 5TB. >
Re: Large discs (Was: Spectre & Meltdown
For other reasons, I was just at costco and bought a 500Gig solid state for $150. It is about the size of a postcard ( only square ). It is USB though, so loading that much may take a while. Dwight From: cctalk <cctalk-boun...@classiccmp.org> on behalf of TeoZ via cctalk <cctalk@classiccmp.org> Sent: Thursday, January 4, 2018 9:16:43 PM To: Fred Cisin; General Discussion: On-Topic and Off-Topic Posts Subject: Re: Large discs (Was: Spectre & Meltdown 100GB M-Discs are dual layer BlueRay media correct (not readable on a DVD player)? I actually have a BDXL BR burner. I also have the M-Disc capable DVD burners but never tried that media on them. -Original Message- From: Fred Cisin via cctalk Sent: Thursday, January 04, 2018 9:38 PM To: General Discussion: On-Topic and Off-Topic Posts Subject: Large discs (Was: Spectre & Meltdown On Thu, 4 Jan 2018, TeoZ wrote: > Hard drives NEVER keep up. Bragging about how many DVD's (90's technology) > you can store on current HD means little to people who have ultra HD > Blueray videos that take up to 100GB of space. Heck even a single game > download can be 50GB these days. I'd be interested in hearing about opinions of the 100GB "M-disc". I've heard that they have decent longevity, and, the "low" capacity ones are interchangeable with conventional DVDs. --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
Re: Large discs (Was: Spectre & Meltdown
100GB M-Discs are dual layer BlueRay media correct (not readable on a DVD player)? I actually have a BDXL BR burner. I also have the M-Disc capable DVD burners but never tried that media on them. -Original Message- From: Fred Cisin via cctalk Sent: Thursday, January 04, 2018 9:38 PM To: General Discussion: On-Topic and Off-Topic Posts Subject: Large discs (Was: Spectre & Meltdown On Thu, 4 Jan 2018, TeoZ wrote: Hard drives NEVER keep up. Bragging about how many DVD's (90's technology) you can store on current HD means little to people who have ultra HD Blueray videos that take up to 100GB of space. Heck even a single game download can be 50GB these days. I'd be interested in hearing about opinions of the 100GB "M-disc". I've heard that they have decent longevity, and, the "low" capacity ones are interchangeable with conventional DVDs. --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
Re: Spectre & Meltdown
On 01/04/2018 12:00 PM, Murray McCullough via cctalk wrote: This may be off-topic but these latest uprocessor exploits has raised a question: Are the 'old/classic' uprocessors using x86 technology in the same boat? The very earliest ones, i.e., 1970s and early 80's. probably not. How many are actually in use and/or on the Net? No, these did not have a translation lookaside buffer or memory management. In fact, they mostly all ran in real mode, no protection. Jon
Re: Spectre & Meltdown
On 01/04/2018 05:50 PM, TeoZ via cctalk wrote: > Hard drives NEVER keep up. Bragging about how many DVD's (90's > technology) you can store on current HD means little to people who have > ultra HD Blueray videos that take up to 100GB of space. Heck even a > single game download can be 50GB these days. In my case, it's mostly a matter of the following: What can't I afford to lose? This falls into the following general ares: 1. Customer data (kept offline anyway, as it can be sensitive) 2. Code I have written and would be hard put to reconstruct. 3. Documentation that would be difficult to find again. 4. Emails. 5. Business records The rest I can afford to lose and could be duplicated if needed. This model has served me well for at least 40 years. --Chuck
Re: Large discs (Was: Spectre & Meltdown
Files grew up in size, in an unbelieable scale. I follow the tips of my friends: Buy new HDs and use old ones for storage. I have a 5TB (expensive) external 3 1/2 HD on my home server, and some 1TB HDs used as backups. If you count capacity, cheaper than DVDs-DL or BDs. Em 05/01/2018 00:38, Fred Cisin via cctalk escreveu: On Thu, 4 Jan 2018, TeoZ wrote: Hard drives NEVER keep up. Bragging about how many DVD's (90's technology) you can store on current HD means little to people who have ultra HD Blueray videos that take up to 100GB of space. Heck even a single game download can be 50GB these days. I'd be interested in hearing about opinions of the 100GB "M-disc". I've heard that they have decent longevity, and, the "low" capacity ones are interchangeable with conventional DVDs. I can still put 20 100GB DVDs (2017 technology) on a 2TB 2.5" Thin SATA. However, I'm also looking for multi-terabyte storage. Are higher capacity DVDs on their way? Howzbout multi-TearByte SSDs? And I wouldn't mind one of those old networked DVD changers (I think Sony sold them commercially) to play around with. I still want one of the ones that Kieth Hensen designed. Converting it from CD to DVD would be completely TRIVIAL (finding DVD drives with suitable form factors and loading options) -- Grumpy Ol' Fred ci...@xenosoft.com I always wanted Keith Hensen's "Kubik"? CD changer. Big "carousel slide tray" full of 240?! CDs/DVDs, in a square box, with a drive in each corner. The drives were SCSI, and the load/unload/select control was RS232. The big square boxes could be stacked, for a larger collection, and there was a trivial mod to make the tray removable, so that the top box could be swapped with as many trays as you had shelf space for. 'course hard drives caught up, and I now have about a thousand DVDs in MP4s on a shirt pocket HDD. (including ALL of the Doctor Who's that were released on DVD, Red Dwarf 1 - XII, Dark Matter, Torchwood, Twilight Zone, Prisoner, Marx Brothers, Doc Martin, One Foot In The Grave, etc.) The DVD images (V .MP4) take over 5TB.
Large discs (Was: Spectre & Meltdown
On Thu, 4 Jan 2018, TeoZ wrote: Hard drives NEVER keep up. Bragging about how many DVD's (90's technology) you can store on current HD means little to people who have ultra HD Blueray videos that take up to 100GB of space. Heck even a single game download can be 50GB these days. I'd be interested in hearing about opinions of the 100GB "M-disc". I've heard that they have decent longevity, and, the "low" capacity ones are interchangeable with conventional DVDs. I can still put 20 100GB DVDs (2017 technology) on a 2TB 2.5" Thin SATA. However, I'm also looking for multi-terabyte storage. Are higher capacity DVDs on their way? Howzbout multi-TearByte SSDs? And I wouldn't mind one of those old networked DVD changers (I think Sony sold them commercially) to play around with. I still want one of the ones that Kieth Hensen designed. Converting it from CD to DVD would be completely TRIVIAL (finding DVD drives with suitable form factors and loading options) -- Grumpy Ol' Fred ci...@xenosoft.com I always wanted Keith Hensen's "Kubik"? CD changer. Big "carousel slide tray" full of 240?! CDs/DVDs, in a square box, with a drive in each corner. The drives were SCSI, and the load/unload/select control was RS232. The big square boxes could be stacked, for a larger collection, and there was a trivial mod to make the tray removable, so that the top box could be swapped with as many trays as you had shelf space for. 'course hard drives caught up, and I now have about a thousand DVDs in MP4s on a shirt pocket HDD. (including ALL of the Doctor Who's that were released on DVD, Red Dwarf 1 - XII, Dark Matter, Torchwood, Twilight Zone, Prisoner, Marx Brothers, Doc Martin, One Foot In The Grave, etc.) The DVD images (V .MP4) take over 5TB.
Re: Spectre & Meltdown
Hard drives NEVER keep up. Bragging about how many DVD's (90's technology) you can store on current HD means little to people who have ultra HD Blueray videos that take up to 100GB of space. Heck even a single game download can be 50GB these days. And I wouldn't mind one of those old networked DVD changers (I think Sony sold them commercially) to play around with. -Original Message- From: Fred Cisin via cctalk Sent: Thursday, January 04, 2018 6:53 PM To: General Discussion: On-Topic and Off-Topic Posts Subject: Re: Spectre & Meltdown On Thu, 4 Jan 2018, Chuck Guzis via cctalk wrote: Funny, I've been saying since the 1980s that it you have something that's critical to your survival, keep it offline. Until any of my PCs develop the ability to go to my storage cabinet and fetch a DVD and load it into itself, I'm not sorried. So, that Exabyte Tape/cartridge Silo might not be such a good idea. I always wanted Keith Hensen's "Kubik"? CD changer. Big "carousel slide tray" full of 240?! CDs/DVDs, in a square box, with a drive in each corner. The drives were SCSI, and the load/unload/select control was RS232. The big square boxes could be stacked, for a larger collection, and there was a trivial mod to make the tray removable, so that the top box could be swapped with as many trays as you had shelf space for. 'course hard drives caught up, and I now have about a thousand DVDs in MP4s on a shirt pocket HDD. (including ALL of the Doctor Who's that were released on DVD, Red Dwarf 1 - XII, Dark Matter, Torchwood, Twilight Zone, Prisoner, Marx Brothers, Doc Martin, One Foot In The Grave, etc.) The DVD images (V .MP4) take over 5TB. --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
OT: MP4s (Was: Spectre & Meltdown
On Thu, 4 Jan 2018, Wayne Sudol wrote: You forgot "Outer Limits". I put that show in the same category. I'll be adding the Original Series later this month. I haven't made a decision about the revival. I use a Seagate GoFlex-TV; 2TB is the largest thin 2.5" SATA currently available. also in the "bay" of my Lenovo laptops. Currently, the cheapest source is to buy it as a USB3 external, and strip off the case, and then put some of them in computers, and others into Seagate GoFlex cases (just a shell around a SATA) -- Grumpy Ol' Fred ci...@xenosoft.com
Re: Spectre & Meltdown
On Thu, 4 Jan 2018, Chuck Guzis via cctalk wrote: Funny, I've been saying since the 1980s that it you have something that's critical to your survival, keep it offline. Until any of my PCs develop the ability to go to my storage cabinet and fetch a DVD and load it into itself, I'm not sorried. So, that Exabyte Tape/cartridge Silo might not be such a good idea. I always wanted Keith Hensen's "Kubik"? CD changer. Big "carousel slide tray" full of 240?! CDs/DVDs, in a square box, with a drive in each corner. The drives were SCSI, and the load/unload/select control was RS232. The big square boxes could be stacked, for a larger collection, and there was a trivial mod to make the tray removable, so that the top box could be swapped with as many trays as you had shelf space for. 'course hard drives caught up, and I now have about a thousand DVDs in MP4s on a shirt pocket HDD. (including ALL of the Doctor Who's that were released on DVD, Red Dwarf 1 - XII, Dark Matter, Torchwood, Twilight Zone, Prisoner, Marx Brothers, Doc Martin, One Foot In The Grave, etc.) The DVD images (V .MP4) take over 5TB.
RE: Spectre & Meltdown
> Funny, I've been saying since the 1980s that it you have something > that's critical to your survival, keep it offline. Here here! I hope this is a wakeup call to all the people out there with all the unnecessary connected "lives". Forget all the social media BS but also the cloud storage, streaming everything (and not really having control of anything you "own"), IoT, and of course software as a service. As I understand it the exploits only work if run on the machine locally - which can occur if you run a malicious JavaScript through your browser So if you don't have to go on the internet just to run your email program to check your mail you (i.e. webmail or outlook online vs. POP/IMAP access) then you are more secure... I've gone out of my way to make sure I buy only equipment that I can connect to directly and is not dependent on some ephemeral cloud service whenever humanly possible. It may be less convenient or more technical but at the end it is always more secure (well not always but you get the idea). -Ali
Re: Spectre & Meltdown
On 01/04/2018 01:08 PM, Sophie Haskins via cctalk wrote: > It's kind of fascinating to run in to a cross-platform vulnerability > like this! Is anyone else aware of similar vulnerabilities from > history that also affected multiple processors, but relied on their > implementation details? Funny, I've been saying since the 1980s that it you have something that's critical to your survival, keep it offline. Until any of my PCs develop the ability to go to my storage cabinet and fetch a DVD and load it into itself, I'm not sorried. --Chuck
Re: Re: Spectre & Meltdown
I misspoke - Spectre potentially affects all processors that use *pipelining and speculative execution*, not just superscalar ones (I mis-parsed "all modern processors capable of keeping many instructions in flight"). There's been ongoing patches to the Linux kernel for Meltdown (and for other OSes, though we can't read their mailing lists). For Spectre, though, it seems like solutions might take longer to distribute. It's kind of fascinating to run in to a cross-platform vulnerability like this! Is anyone else aware of similar vulnerabilities from history that also affected multiple processors, but relied on their implementation details? On Thu, Jan 4, 2018 at 4:03 PM, Ed Sharpe <couryho...@aol.com> wrote: > http://www.zdnet.com/article/intel-starts-issuing-patches-for-meltdown-spectre-vulnerabilities/?loc=newsletter_large_thumb_related=TREc64629f=46856739 > > this just hit my email box. Ed# > > In a message dated 1/4/2018 1:54:43 PM US Mountain Standard Time, > cctalk@classiccmp.org writes: > > From the exploit homepage (https://spectreattack.com/) , it seems like the > Meltdown vulnerability affects all out-of-order executing Intel *branded* > CPUs (from the P6 onward), and the Spectre vulnerability potentially > impacts all superscalar processors of...all brands potentially :( > > Sophie > > On Thu, Jan 4, 2018 at 3:44 PM, jim stephens via cctalk < > cctalk@classiccmp.org> wrote: > >> >> >> On 1/4/2018 12:34 PM, Ed Sharpe via cctalk wrote: >> >>> what about xenon processors?? >>> ed# >>> In a message dated 1/4/2018 1:18:14 PM US Mountain Standard Time, >>> cctalk@classiccmp.org writes: >>> >>> >>> >> There is no difference between them and any other intel x86 or x64 >> processor as far as the flaw involved. >> >> Though they are not mentioning it, I suspect one can target P3 and P4 >> equally well with the exploit. It has been around that long. >> thanks >> Jim >> >> >>> - Original Message - >>> From: "Warner Losh via cctalk" <cctalk@classiccmp.org> >>> To: "Murray McCullough" <c.murray.mccullo...@gmail.com>; "General >>> Discussion: On-Topic and Off-Topic Posts" <cctalk@classiccmp.org> >>> Sent: Thursday, January 04, 2018 1:05 PM >>> Subject: Re: Spectre & Meltdown >>> >>> >>> On Thu, Jan 4, 2018 at 11:00 AM, Murray McCullough via cctalk < >>>> cctalk@classiccmp.org> wrote: >>>> >>>> This may be off-topic but these latest uprocessor exploits has raised >>>>> a question: Are the 'old/classic' uprocessors using x86 technology in >>>>> the same boat? The very earliest ones, i.e., 1970s and early 80's. >>>>> probably not. How many are actually in use and/or on the Net? >>>>> >>>>> I've seen it reported, but haven't verified, that this bug extends >>>> about 20 >>>> years back in the past to the Pentium Pro/Pentium II class of machines. >>>> If >>>> I read that correctly, there's only two generations of Pentium not >>>> affected, the P54C and P55C, the former of F00F fame... 386 and 486 CPUs >>>> apparently aren't affected since they didn't have speculative execution. >>>> The 8088/8086/80186/80286 presumably are also immune... If you extend >>>> things further back, CP/M on Z80/8080 is also fine, but I don't think >>>> those >>>> are properly x86 :) >>>> >>>> Warner >>>> >>> >>> Finally, an excuse to use all those old 486 boxes... >>> >>> m >>> >>> >>> >>
Re: Re: Spectre & Meltdown
http://www.zdnet.com/article/intel-starts-issuing-patches-for-meltdown-spectre-vulnerabilities/?loc=newsletter_large_thumb_related=TREc64629f=46856739 this just hit my email box. Ed# In a message dated 1/4/2018 1:54:43 PM US Mountain Standard Time, cctalk@classiccmp.org writes: From the exploit homepage (https://spectreattack.com/) , it seems like the Meltdown vulnerability affects all out-of-order executing Intel *branded* CPUs (from the P6 onward), and the Spectre vulnerability potentially impacts all superscalar processors of...all brands potentially :( Sophie On Thu, Jan 4, 2018 at 3:44 PM, jim stephens via cctalk < cctalk@classiccmp.org> wrote: > > > On 1/4/2018 12:34 PM, Ed Sharpe via cctalk wrote: > >> what about xenon processors?? >> ed# >> In a message dated 1/4/2018 1:18:14 PM US Mountain Standard Time, >> cctalk@classiccmp.org writes: >> >> >> > There is no difference between them and any other intel x86 or x64 > processor as far as the flaw involved. > > Though they are not mentioning it, I suspect one can target P3 and P4 > equally well with the exploit. It has been around that long. > thanks > Jim > > >> - Original Message - >> From: "Warner Losh via cctalk" <cctalk@classiccmp.org> >> To: "Murray McCullough" <c.murray.mccullo...@gmail.com>; "General >> Discussion: On-Topic and Off-Topic Posts" <cctalk@classiccmp.org> >> Sent: Thursday, January 04, 2018 1:05 PM >> Subject: Re: Spectre & Meltdown >> >> >> On Thu, Jan 4, 2018 at 11:00 AM, Murray McCullough via cctalk < >>> cctalk@classiccmp.org> wrote: >>> >>> This may be off-topic but these latest uprocessor exploits has raised >>>> a question: Are the 'old/classic' uprocessors using x86 technology in >>>> the same boat? The very earliest ones, i.e., 1970s and early 80's. >>>> probably not. How many are actually in use and/or on the Net? >>>> >>>> I've seen it reported, but haven't verified, that this bug extends >>> about 20 >>> years back in the past to the Pentium Pro/Pentium II class of machines. >>> If >>> I read that correctly, there's only two generations of Pentium not >>> affected, the P54C and P55C, the former of F00F fame... 386 and 486 CPUs >>> apparently aren't affected since they didn't have speculative execution. >>> The 8088/8086/80186/80286 presumably are also immune... If you extend >>> things further back, CP/M on Z80/8080 is also fine, but I don't think >>> those >>> are properly x86 :) >>> >>> Warner >>> >> >> Finally, an excuse to use all those old 486 boxes... >> >> m >> >> >> >
Re: Spectre & Meltdown
>From the exploit homepage (https://spectreattack.com/) , it seems like the Meltdown vulnerability affects all out-of-order executing Intel *branded* CPUs (from the P6 onward), and the Spectre vulnerability potentially impacts all superscalar processors of...all brands potentially :( Sophie On Thu, Jan 4, 2018 at 3:44 PM, jim stephens via cctalk < cctalk@classiccmp.org> wrote: > > > On 1/4/2018 12:34 PM, Ed Sharpe via cctalk wrote: > >> what about xenon processors?? >> ed# >> In a message dated 1/4/2018 1:18:14 PM US Mountain Standard Time, >> cctalk@classiccmp.org writes: >> >> >> > There is no difference between them and any other intel x86 or x64 > processor as far as the flaw involved. > > Though they are not mentioning it, I suspect one can target P3 and P4 > equally well with the exploit. It has been around that long. > thanks > Jim > > >> - Original Message - >> From: "Warner Losh via cctalk" <cctalk@classiccmp.org> >> To: "Murray McCullough" <c.murray.mccullo...@gmail.com>; "General >> Discussion: On-Topic and Off-Topic Posts" <cctalk@classiccmp.org> >> Sent: Thursday, January 04, 2018 1:05 PM >> Subject: Re: Spectre & Meltdown >> >> >> On Thu, Jan 4, 2018 at 11:00 AM, Murray McCullough via cctalk < >>> cctalk@classiccmp.org> wrote: >>> >>> This may be off-topic but these latest uprocessor exploits has raised >>>> a question: Are the 'old/classic' uprocessors using x86 technology in >>>> the same boat? The very earliest ones, i.e., 1970s and early 80's. >>>> probably not. How many are actually in use and/or on the Net? >>>> >>>> I've seen it reported, but haven't verified, that this bug extends >>> about 20 >>> years back in the past to the Pentium Pro/Pentium II class of machines. >>> If >>> I read that correctly, there's only two generations of Pentium not >>> affected, the P54C and P55C, the former of F00F fame... 386 and 486 CPUs >>> apparently aren't affected since they didn't have speculative execution. >>> The 8088/8086/80186/80286 presumably are also immune... If you extend >>> things further back, CP/M on Z80/8080 is also fine, but I don't think >>> those >>> are properly x86 :) >>> >>> Warner >>> >> >> Finally, an excuse to use all those old 486 boxes... >> >> m >> >> >> >
Re: Spectre & Meltdown
On 1/4/2018 12:34 PM, Ed Sharpe via cctalk wrote: what about xenon processors?? ed# In a message dated 1/4/2018 1:18:14 PM US Mountain Standard Time, cctalk@classiccmp.org writes: There is no difference between them and any other intel x86 or x64 processor as far as the flaw involved. Though they are not mentioning it, I suspect one can target P3 and P4 equally well with the exploit. It has been around that long. thanks Jim - Original Message - From: "Warner Losh via cctalk" <cctalk@classiccmp.org> To: "Murray McCullough" <c.murray.mccullo...@gmail.com>; "General Discussion: On-Topic and Off-Topic Posts" <cctalk@classiccmp.org> Sent: Thursday, January 04, 2018 1:05 PM Subject: Re: Spectre & Meltdown On Thu, Jan 4, 2018 at 11:00 AM, Murray McCullough via cctalk < cctalk@classiccmp.org> wrote: This may be off-topic but these latest uprocessor exploits has raised a question: Are the 'old/classic' uprocessors using x86 technology in the same boat? The very earliest ones, i.e., 1970s and early 80's. probably not. How many are actually in use and/or on the Net? I've seen it reported, but haven't verified, that this bug extends about 20 years back in the past to the Pentium Pro/Pentium II class of machines. If I read that correctly, there's only two generations of Pentium not affected, the P54C and P55C, the former of F00F fame... 386 and 486 CPUs apparently aren't affected since they didn't have speculative execution. The 8088/8086/80186/80286 presumably are also immune... If you extend things further back, CP/M on Z80/8080 is also fine, but I don't think those are properly x86 :) Warner Finally, an excuse to use all those old 486 boxes... m
Re: Re: Spectre & Meltdown
what about xenon processors?? ed# In a message dated 1/4/2018 1:18:14 PM US Mountain Standard Time, cctalk@classiccmp.org writes: - Original Message - From: "Warner Losh via cctalk" <cctalk@classiccmp.org> To: "Murray McCullough" <c.murray.mccullo...@gmail.com>; "General Discussion: On-Topic and Off-Topic Posts" <cctalk@classiccmp.org> Sent: Thursday, January 04, 2018 1:05 PM Subject: Re: Spectre & Meltdown > On Thu, Jan 4, 2018 at 11:00 AM, Murray McCullough via cctalk < > cctalk@classiccmp.org> wrote: > >> This may be off-topic but these latest uprocessor exploits has raised >> a question: Are the 'old/classic' uprocessors using x86 technology in >> the same boat? The very earliest ones, i.e., 1970s and early 80's. >> probably not. How many are actually in use and/or on the Net? >> > > I've seen it reported, but haven't verified, that this bug extends about 20 > years back in the past to the Pentium Pro/Pentium II class of machines. If > I read that correctly, there's only two generations of Pentium not > affected, the P54C and P55C, the former of F00F fame... 386 and 486 CPUs > apparently aren't affected since they didn't have speculative execution. > The 8088/8086/80186/80286 presumably are also immune... If you extend > things further back, CP/M on Z80/8080 is also fine, but I don't think those > are properly x86 :) > > Warner Finally, an excuse to use all those old 486 boxes... m
Re: Spectre & Meltdown
- Original Message - From: "Warner Losh via cctalk" <cctalk@classiccmp.org> To: "Murray McCullough" <c.murray.mccullo...@gmail.com>; "General Discussion: On-Topic and Off-Topic Posts" <cctalk@classiccmp.org> Sent: Thursday, January 04, 2018 1:05 PM Subject: Re: Spectre & Meltdown > On Thu, Jan 4, 2018 at 11:00 AM, Murray McCullough via cctalk < > cctalk@classiccmp.org> wrote: > >> This may be off-topic but these latest uprocessor exploits has raised >> a question: Are the 'old/classic' uprocessors using x86 technology in >> the same boat? The very earliest ones, i.e., 1970s and early 80's. >> probably not. How many are actually in use and/or on the Net? >> > > I've seen it reported, but haven't verified, that this bug extends about 20 > years back in the past to the Pentium Pro/Pentium II class of machines. If > I read that correctly, there's only two generations of Pentium not > affected, the P54C and P55C, the former of F00F fame... 386 and 486 CPUs > apparently aren't affected since they didn't have speculative execution. > The 8088/8086/80186/80286 presumably are also immune... If you extend > things further back, CP/M on Z80/8080 is also fine, but I don't think those > are properly x86 :) > > Warner Finally, an excuse to use all those old 486 boxes... m
Re: Spectre & Meltdown
On Thu, Jan 4, 2018 at 11:00 AM, Murray McCullough via cctalk < cctalk@classiccmp.org> wrote: > This may be off-topic but these latest uprocessor exploits has raised > a question: Are the 'old/classic' uprocessors using x86 technology in > the same boat? The very earliest ones, i.e., 1970s and early 80's. > probably not. How many are actually in use and/or on the Net? > I've seen it reported, but haven't verified, that this bug extends about 20 years back in the past to the Pentium Pro/Pentium II class of machines. If I read that correctly, there's only two generations of Pentium not affected, the P54C and P55C, the former of F00F fame... 386 and 486 CPUs apparently aren't affected since they didn't have speculative execution. The 8088/8086/80186/80286 presumably are also immune... If you extend things further back, CP/M on Z80/8080 is also fine, but I don't think those are properly x86 :) Warner
Spectre & Meltdown
This may be off-topic but these latest uprocessor exploits has raised a question: Are the 'old/classic' uprocessors using x86 technology in the same boat? The very earliest ones, i.e., 1970s and early 80's. probably not. How many are actually in use and/or on the Net? Happy computing! Murray :)