[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
security: a software patch can always be exploited or reversed. Hardware fixes are much more secure !!! what you think about this?
[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
It should work. One one your extension must interfere. Disable them and see. Then, by disabling half of them, then half of the incriminated half, ... you can spot the problematic extension.
[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
I indeed did not understand it right. There are currently three demonstrated ways to do a Spectre attack. AMD is quite fine ("near zero risk") after a kernel patch solves one of these ways (which can therefore be solved through a software update, unlike the other ways): https://www.amd.com/en/corporate/speculative-execution However, https://spectreattack.com/spectre.pdf says: Further attacks can be designed by varying both the method of achieving speculative execution and the method used to leak the information. Examples of the former include mistraining return instructions or return from interrupts. Examples of the latter include leaking information through timing variations or by generating contention on arithmetic units. It looks like all modern processors (including AMD's) will be at risk. Without a way to solve the problem through software updates. Well, in each case it would appear that exploiting spectre is quite tough and to my understanding nowhere near as grave as meltdown. Well, Meltdown is grave (any data in the RAM can be read at a rather high speed)... but can be solved once and for all with the KPTI patch (accepting performance regressions). A Spectre attack only allows to read data in the kernel space (but there are private keys there!) at a slower speed (50 times slower than Meltdown according to the original publications). Nevertheless, it basically affects all processors in use and cannot be entirely solved by software update. In the medium/long term, it looks far more problematic than Meltdown: to be immune, everybody will have to throw their current hardware and spends money on a newer processors that do not exist yet!
[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
Hardening is, well, making harder, not impossible, to make a Spectre attack, whereas the KAISER patch makes Meltdown attacks impossible... at the cost of a performance penalty.
[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
Oh! But according to: --- https://spectreattack.com/#faq-fix Is there a workaround/fix? There are patches against Meltdown for Linux ( KPTI (formerly KAISER)), Windows, and OS X. There is also work to harden software against future exploitation of Spectre, respectively to patch software after exploitation through Spectre ( LLVM patch, ARM speculation barrier header). --- I guess "hardening" isn't fixing? ;)
[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
They are getting patches against Meltdown. No software (including firmware) update can solve Spectre.
[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
So Windows, linux kernel, iOS, macOS are all getting patches to help mitigate until we can get all new chips lol. Can anyone tell me if the Trisquel update engine has picked up anything for itself or will soon? I just want to do what I can for my Ministry of Freedom Libreboot Trisquel Lenovo laptop. :)
[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
As far as I understand, there are two vulnerabilities, Meltdown and Spectre, but two different ways to exploit Spectre were shown. And Spectre cannot be solved through software (so no kernel configuration helps, neither does a firmware update): only the next generation of CPUs will be immune.
[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
I believe the researchers only verified Intel/AMD and ARM architectures because they are far more widespread. POWER9 processors use speculative pipelines: https://en.wikichip.org/wiki/ibm/microarchitectures/power9 (see "Speculative" in the info box). That is why I believe they suffer from Spectre, like all modern processors.
[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
Spectre has nothing to do with 'Management Engines" and the like. It deals with "speculative execution" (e.g., "branch prediction") that aims at faster executions: https://en.wikipedia.org/wiki/Speculative_execution The POWER architecture uses speculative pipelines too: https://en.wikichip.org/wiki/ibm/microarchitectures/power9 (see "Speculative" in the info box). I believe researchers only verified Intel/AMD and ARM architectures because they are far more widespread. POWER processors are probably at risk too.
[Trisquel-users] Re : Hot news - Major flaw in Intel CPUs
They are. By Spectre. See RNK's post: https://trisquel.info/forum/hot-news-major-flaw-intel-cpus#comment-125812