Quantcast
[ 3 / biz / cgl / ck / diy / fa / g / ic / jp / lit / sci / tg / vr / vt ] [ index / top / reports / report a bug ] [ 4plebs / archived.moe / rbt ]

Due to resource constraints, /g/ and /tg/ will no longer be archived or available. Other archivers continue to archive these boards.Become a Patron!

/g/ - Technology


View post   

[ Toggle deleted replies ]
File: 106 KB, 250x250, 1511219276071.gif [View same] [iqdb] [saucenao] [google] [report]
64135683 No.64135683 [Reply] [Original] [archived.moe] [rbt]

Retard here.
What's the quick rundown on the Intel shit.

>> No.64135717

>>64135683
It affects everyone, including AMD.

>> No.64135721

All intel cpu even pentium 2 is fuked

Making Damage control saying all arm/amd is affected

>> No.64135722

>>64135717
no it doesn't.

>> No.64135734

>>64135717
Incorrect

>> No.64135742

>>64135717
>>64135721
>>64135722
Ok but what do you mean by fucked

>> No.64135743

>>64135683
Bogdanoffs answer to the
Wait, what was the question?

>> No.64135746

>>64135722
>>64135734
Wrong.

>> No.64135769

>>64135683
the biggest impact is going to be in datacenters since the data flaws affect server CPUs as well. We can expect loss in market share where Intel gets most of its business.

>> No.64135827

>>64135717
hm... we might have a bot.

>> No.64135830

>>64135717
wrong. its intel only

>> No.64135851

>>64135683

meltdown, which is the really scary vulnerability, affects the last 20 years of intel products

amd is not affected by meltdown

>> No.64135960

>>64135683
Two bugs. Both make it possible for a program to read protected information that it shouldn't have access to.

Everyone's up in a craze about the more dangerous one, Meltdown, and patches are rolling out currently for it. Reports are saying that there are performance losses for Intel processors, due to the how the patch works.

The degree of performance loss depends on your workload, but the numbers being thrown around so far suggest anywhere from 'negligible' loss all the way up to 30% performance drops for Intel chips.

It's also very widespread, too, and affects essentially everything all the way back to the original Pentium.

There is a second bug which is harder to make use of, called Spectre. It affects both Intel and AMD, as well as other makes. Unsure about this one yet, since everyone's focused on Meltdown.

>> No.64136086

>>64135960
Does it mean a literal meltdown? Burning out the chipset? Or is it a fancy name

>> No.64136113

>>64136086
Yes, it heats up your processor until it melts.

>> No.64136129

>>64136086
Fancy name.

>> No.64136131
File: 275 KB, 1297x846, file.png [View same] [iqdb] [saucenao] [google] [report]
64136131

>>64135960
benchmarks

>> No.64136176

>>64136086
it's referring to Intel's stock value when the full implications of their incompetence goes public after all the datacenters in the world become 60% slower in the blink of an eye

>> No.64136184

>>64136131
Saw this earlier, but good to post nonetheless. This is why I'm not too worried about the performance losses. I'm waiting for the update to hit my system so I can do some testing for myself and see.

>> No.64136196

>>64136131
>everything is about gayms and shitty file compression
basement menchildren get out!

>> No.64136204
File: 94 KB, 814x803, C6762A81-62AD-475D-A8F4-506FDD8FFF38.jpg [View same] [iqdb] [saucenao] [google] [report]
64136204

>>64136131
>gaymen

>> No.64136210

disable javascript

>> No.64136220

>>64136131
>Video games

>> No.64136228

>>64136196
Very useful to see if your daily use will be affected by Metldown.

>> No.64136230

>>64136196
Use some common sense. For 90% of the people here, that's all they care about.

>> No.64136232

>>64135683
in a nutshell
>it's fucking nothing

>> No.64136233

>>64135722
>>64135734
>>64135830
https://meltdownattack.com/
There are two vulnerabilities: Meltdown and Spectre
AMD is affected by Spectre (the harder to exploit of the two)
Intel is affected by both

>> No.64136256

morons don't know what caching is and got buttmad

>> No.64136258

>>64136196
What do you do with your home personal computer? Genuinely curious.

>> No.64136282

is this what a happening looks like on /g/? because it's pretty damn amazing

>> No.64136286
File: 6 KB, 275x183, BRAIN THINKING.jpg [View same] [iqdb] [saucenao] [google] [report]
64136286

>>64136196
is it menchildren, manchildren, menchild, menchilds, or manchilds?

>> No.64136287
File: 32 KB, 617x1054, phoronix_intel.png [View same] [iqdb] [saucenao] [google] [report]
64136287

>>64136233
Wrong.
https://www.amd.com/en/corporate/speculative-execution

Spectre 1 has been fixed, Spectre 2 has not yet been proven to work on AMD hardware.

>>64136131
Benchmarks.

>> No.64136308

>>64136258
maybe being a paid shill.
Anyhow, those "benchmarks" are misleading at best, the problem for Intel isn't some manchildren will get less FPS, it's the server and datacenter that matters.
If /v/ doesn't realize computing exist beyond call of duty it's their problem.

>> No.64136339

>>64136086
No but in theory the exploit can be used to brick your motherboard.

>> No.64136368

>>64136131
>leshockedanimuface

>> No.64136371

>>64136258
I use my personal computer to program, compile other software, render videos (from that time your girlfriend went out for girl's night), and trade stocks.

Compiling software just got 30% slower, video rendering is fucked, and I can't trade stock because my bank is 'under heavy load' -- all of these are Intel's fault.

>> No.64136409

>>64136308
While technically correct, this is /g/; nobody shitposting on here has any reason to care about that. What matters to them is what is going to happen to *them* specifically, and that is what we're starting to figure out now.

>>64136371
Show me some vc for your projects.
Your editing portfolio?
What terminal software?

I highly doubt you can. You sit and shitpost on /g/ all day, that's what you do.

>> No.64136441

>>64136233
Show one example of AMD having Spectre v2 on it, i'm fucking waiting

>> No.64136444

>>64136371
>(from that time your girlfriend went out for girl's night)
Why'd you have to add such cringy shit into your post? I forget how young the posters are here sometimes.

>> No.64136510
File: 43 KB, 256x256, Confused High King with Interrogation Marks.png [View same] [iqdb] [saucenao] [google] [report]
64136510

I've pretty much got downs.

How does this effect me, as someone who just browses a select few websites and plays some vido gams?

As long as I'm not retarded and download coolmusic.mp3.exe, will anything change for me?

Yes I have intel. I'm on W7 and I have automatic updates off

>> No.64136544

>>64136510
Rogue JavaScript can read your full memory, find right place to Inject data and you are fucked

>> No.64136561

>>64136510
I'm reading what you're typing right now.

>> No.64136574

>>64136561

NANI

>> No.64136642

>>64135683
Marketing

>> No.64137180
File: 7 KB, 267x323, 1500651567607.jpg [View same] [iqdb] [saucenao] [google] [report]
64137180

>>64136210
>having js enabled in the first place

>> No.64137206
File: 15 KB, 353x251, 4b8f2111ff516bd2be4f6f915f7aeaf5d50552d5fd0a008663586a6a16d520a6.jpg [View same] [iqdb] [saucenao] [google] [report]
64137206

>>64135717
Who could be behind this post?

>> No.64137217
File: 18 KB, 261x181, 1421468497753.jpg [View same] [iqdb] [saucenao] [google] [report]
64137217

>>64135960
ty for this

>> No.64137228
File: 90 KB, 633x746, file_5.png [View same] [iqdb] [saucenao] [google] [report]
64137228

>>64136131
Not gayman here for the assmad

>> No.64137252

my computers are both old I have q6600 and fx6350 am fucked? do I need to download anything to fix it?

>> No.64137296

>>64135717
>first reply again
Pretty funny shill

>> No.64137310

>>64136510
Exploitable through Javascript which means it would be very easy for someone to hack your stuff if you don't update

>> No.64137374

>>64137252
It's too late, kiddo, you've already been hacked ;)

>> No.64137390

>>64135683
You are as valuable has you have always been exploits are every where. You just know about this one. You will be fine.

>> No.64137479

inb4 this was an NSA exploit and just now someone found it. Just like juniper finding their backdoor.

>> No.64137671

I don't know about Windows but it seems the more syscalls you have the more you're hurt.
You might also find lots of performance degradation for the kernel itself.

So for most applications this will barely matter. I've always perceived code that does lots of syscalls as inherently uninterested in performance. Kernels having to isolate their own memory I could only speculate on.

Overall this looks very bad for Intel though, that's probably a much bigger factor than the actual performance impact. It destroys trust in them as a secure platform for people who really care about this. How old this is is especially bad.
With how virtual machines for servers is pretty much the only way we do server hosting now it's pretty major on that front. Performance there matters a lot for the companies hosting the VMs. You'll probably not see any difference as a customer though.

>> No.64137683

>>64136510
>I'm on W7 and I have automatic updates off
You face greater threats already.

>> No.64137732
File: 26 KB, 600x610, 1302809172318.jpg [View same] [iqdb] [saucenao] [google] [report]
64137732

>> No.64137756
File: 1.63 MB, 1415x2326, 2018-01-03-15-18-07.png [View same] [iqdb] [saucenao] [google] [report]
64137756

>>64135717

>> No.64137761

>>64135960
Only the simplest patchable Spectre attack affects AMD, the other two do not.

>> No.64137786

>>64137761
It's not the exploits you know about you should be worried about. Exploits have always been around.

>> No.64137791
File: 173 KB, 396x385, 254673568.png [View same] [iqdb] [saucenao] [google] [report]
64137791

>mfw I don't care

Building a server machine what kind of flashy shit should I put in it ?

>> No.64137816

>>64137791
Threadripper

>> No.64137843

>>64137732
No it's a big thing. Just not for gaymers.
Regardless you should be considering Ryzen as your next purchase. Just read Agners Ryzen tests and his manual. It's pretty clear cut.

>> No.64137850
File: 63 KB, 499x523, 3574368.jpg [View same] [iqdb] [saucenao] [google] [report]
64137850

>>64137816
Nah my nigga that shit is too weak I am thinking Quantum processors for cpu and vga
I mean't flashy lights n maybe like a smoke machine and strobe lights or some shit.

>> No.64137866
File: 65 KB, 744x687, 124234534.png [View same] [iqdb] [saucenao] [google] [report]
64137866

though I could certainly make use of them.
what would be comparable ? ?

>> No.64137898
File: 298 KB, 654x639, 15101592520326.png [View same] [iqdb] [saucenao] [google] [report]
64137898

sorry to hijack the thread op.

>> No.64137906

>>64136510
>I'm on W7 and I have automatic updates off
the absolute state of gamer retards

>> No.64137912
File: 61 KB, 1000x800, 1506616670826.jpg [View same] [iqdb] [saucenao] [google] [report]
64137912

as my gift to you
https://www.youtube.com/watch?v=s7ALdl0gkaY

>> No.64137931

Pajeet please. This is not effectively achieving your goals.

>> No.64137984

>>64136131
None of those is IO intensive. Post IO benchmarks

>> No.64138021

>>64135960
>>64136086
All three attacks rely on a side channel element. AMD is immune to meltdown because privileged memory addresses immediately rejected before entering the execution stage at all. Spectre v1 uses a similar OOE/line cache attack which simply searches for kernel pages by repeatedly injecting eBPF bytecode which runs speculatively during a misprediction until cached kernel memory is detected and then can be completely dumped. Spectre v2 demonstrates that an attack can be executed from a guest kernel on the HOST kernel by recovering branch predictor history buffers within a root run hypervisor allowing hypercalls (e.g. KVM acceleration, Xen).

For sure meltdown is the easiest to access because it is possible from Ring 3 directly and not from guessing addresses thrown from kernel context bytecode interpreters or root privileged VMs. The other two do present alarming problems with the aggressive and potentially unsafe way all processors are designed.

>> No.64138042

>>64138021
English, doc.

>> No.64138097
File: 11 KB, 478x97, amd.jpg [View same] [iqdb] [saucenao] [google] [report]
64138097

Linux kernel patch

>> No.64138116

lmao just sort your shit to not cache miss

>> No.64138126

>>64138116
Has nothing to do with this you fucking moron.

>> No.64138143

>>64138126
>which runs speculatively during a misprediction
ok

>> No.64138193
File: 1.34 MB, 1294x1222, milkwalker.png [View same] [iqdb] [saucenao] [google] [report]
64138193

>be a company
>release first desirable product in years in a market that you have been clawing away at after decades of shrewd business practices by your competitor
>its revealed your competitor's product is dangerous and broken
>its revealed your competitor's product has 3 major faults that the only known fixes are to make them preform worse
>competitor issues statement it is working with other companies to fix the products they and YOU made
>issue a statement that your products are not dangerous and broken in these ways
>vendors don't care and nerf everything anyway
>your competitor gets off scott-free using FUD
epic timeline.

>> No.64138205

>>64137984
They can't do that, it goes against the narrative.

>> No.64138208

>these bugs coming to light now
Is there any evidence anyone's exploited them?

>> No.64138233

HOW DO I MAKE SURE I'M PATCHED ON UBUNTU PLS HELP IM SCARED AND I BROWSING THE INTERNET SUCKS WITH NOSCRIPT I WANT TO DISABLE IT ALREADY

>> No.64138371
File: 19 KB, 300x300, jackie-chan.jpg [View same] [iqdb] [saucenao] [google] [report]
64138371

>>64138021
>root run hypervisor

>> No.64138465

>>64138233
>NOSCRIPT
javascript control is better

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5753.html

>> No.64138520
File: 54 KB, 679x758, 1515028545376.jpg [View same] [iqdb] [saucenao] [google] [report]
64138520

>>64135717

>> No.64138583

What's the name of the fucking update for Win10?

>> No.64138594
File: 65 KB, 679x711, 1515046611979.jpg [View same] [iqdb] [saucenao] [google] [report]
64138594

>>64135683
>>64135717

>> No.64138620

Should I stay away from browsing manga websites for now

>> No.64138632
File: 283 KB, 1024x1099, 1511726702227.png [View same] [iqdb] [saucenao] [google] [report]
64138632

>>64138620

>> No.64138683
File: 248 KB, 680x486, hiroshimanagasaki.png [View same] [iqdb] [saucenao] [google] [report]
64138683

>>64135960
Thanks for the spoon feed, I only wish I was lurking /g/ like I usually do when this broke.

>> No.64138688

>>64135683
computers are 100% obsolete now
buy an abacus

>> No.64138717

>>64137479
doesn't the nsa have a treasure trove of zero days they're just sitting on?

>> No.64138733

>>64138583

What's the name of the fucking update for Win10?
>What's the name of the fucking update for Win10?
What's the name of the fucking update for Win10?
>What's the name of the fucking update for Win10?
What's the name of the fucking update for Win10?
>What's the name of the fucking update for Win10?

>> No.64138759

Spectre is INCREDIBLY hard to implement. It's based on artifacts left behind by the type of branch optimization and speculative execution that modern chip architecture uses, allowing people to guess the timing of memory references. You can use this to guess the functions that the underlying code uses, and in turn guess the data that is being returned.

THAT'S SO HARD TO DO, especially when you're operating on a non familiar system.

That's why people aren't exactly freaking out about Spectre.

>> No.64138783

>>64138733
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892

>> No.64138791

>>64138620
You shouldnt go to them in the first place, lame weeaboo.

>> No.64138877 [DELETED] 

>>64137228
So, it's nothing. Just install the patches.

>> No.64138889

>>64138783
And for Windows 7?

>> No.64138905

>>64137228
What about older architectures?

>> No.64138908

>>64138759
This. People freaking out about javascript implementations forget that you have the V8 engine introducing latencies of it's own. It's like they never worked with the language before

>> No.64138910

>>64138889
Fucking upgrade to Windows 10.

>> No.64139024

>>64138042
Basically Meltdown allows for privileged memory to be exposed by loading kernel memory references into CPU registers and executes an incoming instruction that loads probed data into cache. The reason the CPU does this without causing the program the crash as would be in normal cases is because instructions don't necessarily execute sequentially on modern processors; by executing certain instructions ahead in a conditional which is believed to be more likely executed, there is potential speedup.
Spectre also exploits this by loading out-of-bound addresses from kernel context or loading foreign data pointers into the branch target buffer (a buffer containing what the CPU believes is the next set of instructions to execute next) in a root run VM.

>>64138143
Misprediction does NOT arise from a cache miss. A cache miss will halt the instruction to wait for the MMU to feed it data. Branch misprediction AND BTP (target prediction) explicitly predetermine conditional execution by feeding the target address next into the pipeline - a misprediction would mean that the pipeline is cleared and the new branch must be fed in. The exploits rely on loading the payload into cache (in Meltdown and Spectre v1) because the speculated branch has preloaded the following instruction into cache and executed - however, in Spectre, additionally, it is possible to measure the amount of time the speculative branch takes as the saturated cache line loads an out of bounds memory offset to rebuild the memory map and determine the address of the kernel. With this OOB bypass, you can then dump kernel memory.

>>64138877
Yes, those programs are not syscall heavy and so the performance should remain roughly the same.

>>64138908
With a large number of instructions you can still discern with the Chrome performance timer the behavior of the CPU with the use of shared array buffers. Google will be updating Chrome to mitigate this at the cost of SAB and a performance cost.

>> No.64139038
File: 100 KB, 288x288, death is certain.jpg [View same] [iqdb] [saucenao] [google] [report]
64139038

>>64135683
>What's the quick rundown on the Intel shit.

>> No.64139059

>>64138620
you stupid faggot, you should be downloading them instead of reading them off a site
mangatraders still exist

>> No.64139078

>>64138910
>recommending moving to a malicious operating system to fight a malicious exploit

>> No.64139163

>>64139024
But measuring the memory reference timings is so so so ambiguous. Building a memory map by timing the returns appears to me to be an almost impossible task in an unfamiliar system. Similarly, I understand that using POSIX safe functions is good form when writing for portability, but it always struck me as overkill.

Give me a reasonable example of a time when memory reference timing was used to a negative.

>> No.64139223

How would this affect me, personally? If I do not update and just ignore all of this and so avoiding the performance hit, what kind of danger, exactly, would I be in and how?

>> No.64139326

>>64138791
Dumb normalfag.

>> No.64139382
File: 150 KB, 198x328, 1514231965285.png [View same] [iqdb] [saucenao] [google] [report]
64139382

In the 1.5 days or so I've gone unpatched can my computer still be considered safe or it might as well be physically in the hands of criminals? I've been doing basically nothing but watching Hidamari Sketch and playing Blazblue those past few days.

>> No.64139420

>>64135717
>>64135960
What are the effects and what programs can read what data?

>> No.64139421
File: 1.60 MB, 200x151, shits on fire yo.gif [View same] [iqdb] [saucenao] [google] [report]
64139421

>>64139223
All your system credentials and keys stolen and complete pwnage of your machine, all from a small slice of javascript on a webpage.

>> No.64139425

>>64139024
>>64138143 here
I see. Thank you. I've been reading the paper and your explanation is really good. Now I understand why they mentioned buffer overflows. The issue is that the speculated branch has access into kernel memory, correct?

Optimization is truly the root of all evil.

>> No.64139433

>>64139223
javascript malware can now bypass all security on your OS and basically gain administrator rights to do whatever the fuck it wants.

you may potentially be safe when firefox/chrome updates their browsers, but you'll still be wide open to untrusted executables.

basically means all anti virus/os protections are useless at the moment.

>> No.64139450

>>64139433
won't the microsoft patch fix this vulnerability though?

>> No.64139462
File: 906 KB, 500x282, 1514750961583.gif [View same] [iqdb] [saucenao] [google] [report]
64139462

>>64138594
>windows, mac, linux
>os, device, kernel

>> No.64139690

>>64139462
yes it would be much easier to understand if they listed NT, XNU, Linux

>> No.64139788

The fix needs to be specific to the motherboard manufacturer, right? I have an itx board that doesnt appear to have been addressed yet.

>> No.64139797

SPECTRE AFFECTS ALL CPUS CREATED SINCE 1994
INTEL
AMD
ARM

>> No.64139831
File: 81 KB, 244x274, Intel glue fanboy.png [View same] [iqdb] [saucenao] [google] [report]
64139831

>>64139797
Except it doesn't affect AMD.

>> No.64139842

>>64139433
>javascript malware can now bypass all security on your OS
we Runescape botnet now

>> No.64139846

>>64139831
except it does

>> No.64139926

Since nobody actually cared to read the academic papers and, those who did and post here, clearly lack and academic background to understand them, here's a quick rundown.

>>64135717
correct.
>>64135830
wrong.
>>64138594
incorrect and badly formatted.
>>64136287
>Spectre 1 has been fixed
Wrong.
>Spectre 2 has not yet been proven to work on AMD hardware.
Almost correct.
>>64139831
Wrong.

>> No.64139929

>>64139846
Nope. But if you want to get semantic, only v1 on certain older CPUs.
>>64138594

>> No.64139952

>>64139926
Academics please respond.

>> No.64139975

>>64139926
>all this "proof"

>> No.64140021

>>64139952

Not an anon thats posted on this thread but the academic papers you speak of, is it related to the 2016 blackhat report that's been floating around?

>> No.64140022

>Meltdown

What is KB for windows and can it be downloaded and installed individually?

>> No.64140024

>>64139433
>javascript malware can now bypass all security on your OS
Post proof. It's a third day but nobody can provide any proof on this. The shit is made up.

>> No.64140037

>>64140022
Not ready yet.

>> No.64140077

>>64135742
You are all fucking assholes shilling AMD instead of helping our fellow faggot

It's basically a 5% (Some say 50 or 25%, but the 5% was confirmed by an intel employee) performance hit on everything with intel in it because there's a design flaw which theoretically allows anything to bypass the kernel and talk directly with the hardware. Since it's hardware based, the fix can only be applied using software. Software fix makes I/O slower but more secure. Servers and data centers will be the most affected as their only job is I/O.

Of course, the fix - not the bug - will affect everything, including AMD. If you have an Intel CPU then if you don't get the fix anything including shitty javascript can skip the kernel and run as an administrator.

>> No.64140080
File: 897 KB, 800x430, 64FE9DDF-DBE4-48F4-A955-D015BB39F941.gif [View same] [iqdb] [saucenao] [google] [report]
64140080

>can’t lose productivity if it’s a Core 2 Duo

>> No.64140087

>>64135717
Meltdown are Intel exclusive

>> No.64140174

>>64140077
5% eh
https://twitter.com/grsecurity/status/948170302286172160 more like 65

>> No.64140234

>>64140174
I don't know anything about the PC stuff but this does not look good...

>> No.64140241

So for Intel to fix this they have to make a new cpu layout right?

>> No.64140252

>>64140241
The last time they tried that it did not go so well.

>> No.64140269

>>64137252
please respond I still don't know what to do. I don't want to get computer aids.

>> No.64140305

>>64140269
also the computer with the intel cpu is still on xp. it's an old pc I kept around for compatibility with older games and stuff. since there's probably not going to be a fix for it can I just never go on the internet with it and be safe?

>> No.64140321

just say it doesn't affect Ryzen so they can't worm their way out of it

>> No.64140322

>>64140269
>>64140305
yes you're fucked, what part of ALL INTEL SHITS SINCE 1995 IS AFFECTED do you not understand?

>> No.64140359

>>64140305
if that old XP pc is just for old gaymen, then you can limit what you do on it internet-wise, eg don't be logging on to critical shit from that pc....maybe that would work?

>> No.64140406

>>64139926
More accurately, Spectre 1 is scheduled to be fixed by AMD, so this will make AMD invulnerable to all three provided no one can come up with SP2/Variant 2 on AMD hardware.

I wonder how all the advertised encryption for Zen CPUs has worked out, does Spectre return garbage data because of said enryption?

>> No.64140439

>>64140077
>Of course, the fix - not the bug - will affect everything, including AMD
Not anymore because Linus declined jew bribes
https://github.com/torvalds/linux/commit/00a5ae218d57741088068799b810416ac249a9ce#diff-678874d00bf0df04f6f427f16f1dea36R926
Well it still may affect amd to some degree because the fix was made in a hurry and probably not all the changes are configurable, but it won't be as dramatic as intel wanted it to be for amd.

>> No.64140445

>>64140077
So for us retarded non-enterprise faggots, what kind of shit's going to see the biggest hits out of this and what won't? Is any generally heavy CPU shit like video encode/decode fucked? Or is the worst shit just going to be database shit and stuff?

>> No.64140448
File: 53 KB, 563x268, DSpf9XAX4AAikB4.jpg [View same] [iqdb] [saucenao] [google] [report]
64140448

>>64140077
>complains about shills
>literally parroting shill propaganda
there are 2 different sets of bugs, only one of them requires a solution that causes a 30-60% slowdown, and that one strictly affects Intel and they can't fix it via firmware update.

AMD is affected by a different bug that doesn't have the large performance penalty solution, and it can be patched via firmware update anyway.

you can scream and shout "IT AFFECTS BOTH" all you want, but it's completely misleading.

>> No.64140451
File: 105 KB, 820x602, 1497925037039.jpg [View same] [iqdb] [saucenao] [google] [report]
64140451

another retard here who fell for the Enterprise 2016 ltsb meme
will we get an update too? when?

>> No.64140455

>>64140406
Spectre 1 only happen on FX pro and apu, it using custom bios setting.

>> No.64140489

>>64140406
Well they will definitely address the issue in the new stepping, for sure. But it was already fixed in software anyway. Same thing as linux segfaults on ryzen, it was indeed hardware bug of early batches but was patched in kernel anyway.

>> No.64140494

>>64140305
Just disable the JS in your browser. Use Noscript/Umatrix (google on how to disable js by default with it) and you'll be fine as long as the admins of the websites you visit and enable js for aren't dicks enough to insert malicious code (wouldn't trust Hiro on that though).

>> No.64140514

absolutely nothing u gaymer

https://www.youtube.com/watch?v=_qZksorJAuY

>> No.64140524

TAKE EVERYTHING OFFLINE ON AN OFFLINE BACKUP


I REPEAT


PUT ALL SENSITIVE DATA ON OFFLINE BACKUP NOW

N O W
O
W

C R I T I C A L

B U G


NO FIX

N O
O

F I X
I
X


OFFLINE BACKUP NOW

NOW

>> No.64140542

>>64140451
The meme you fell for was intel, senpai.

>> No.64140550

>>64140494

can you tell me if running a fresh install of 17.10 ubuntu is safe enough on a computer with intel cpu? should i enable the tick box for intel microcode in additional drivers setting?

besides enabling ufw is there anything else i need to do? do i need a bleeding edge kernel? like enable the 'proposed' package tree?

>> No.64140552

>>64140524
Why should I
I run Ryzen

>> No.64140567

>>64140550
>can you tell me if running a fresh install of 17.10 ubuntu is safe enough
go and get openpepe
I mean opensuse
that or clover os

>> No.64140585

>>64140567

now is not the time for epeen comparing and distro wars

i just want to know how to avoid getting pwned not get memed with a meme distro

>> No.64140618

>>64140585
actually now is absolutely the time for choosing a distro that doesn't have systemdicks
make a live USB and test out an OS right fucking now, it's as easy as choosing the USB stick with the OS on it from the bootloader

>> No.64140656

>>64140359
is just not using a web browser or downloading anything enough or do I need to do something in network configuration to prevent it from connecting to the internet? I would just unplug it, but I want to be able to transfer stuff to my other computer.

>>64140322
so what do I have to do to fix shit on my computer with the amd?

>> No.64140659

>>64140550
Well they haven't released a patched kernel for 16.04 LTS so I can't imagine they'd done so for 17.10

>> No.64140674

What do I do tho?

>> No.64140711

>>64140656
you shouldn't be on FX anymore when Ryzen stomps on it

>> No.64140735

>>64140674
Install TempleOS

>>64140528

>> No.64140736

>>64140711
I can't upgrade because it's a new socket and I'm too poor to replace everything. also fuck windows 10.

>> No.64140752

>>64140659

okay well what about the intel microcode driver? should i enable that or disable?

>> No.64140767

Where did this bug come from? Was it here all along? If so why didn't anyone know about it since apparently it effects every CPU since 1995.

>> No.64140771

>>64140736
Find the patch then, Microsoft still rolls out XP patches, but here's the catch: it's for fucking businesses only.
>also fuck windows 10.
You can install windows xp on Ryzen, actually, but it's an absolute pain to get working because of missing drivers. Windows 7 is easier to install because AMD has the chipset support surprisingly enough.

>> No.64140779
File: 193 KB, 336x400, 9txbJpfV7G.jpg [View same] [iqdb] [saucenao] [google] [report]
64140779

>>64135717

>> No.64140941

>>64140779
There are two flaws, anon.

https://googleprojectzero.blogspot.no/2018/01/reading-privileged-memory-with-side.html

>> No.64140964

>>64140767
>Was it here all along?
Yes
>apparently it effects every CPU
Only intel
>why didn't anyone know about it
Nobody expected intel to be this bad

>> No.64140988

What do I do with windows 7?

No, upgrading to cancer Win8-10 is not an option. Where's my security patch then?

>> No.64141002

>>64140988
nothing
have fun

>> No.64141048

>both Firefox and Chrome already have fixes for browser vulnerabilities
>not running them together with noscript

>> No.64141069

>>64140550
bro 1710 sucks ass
1604 works fine
but try both with the live cd first
also use lubuntu and apt-get tlp
>>64138465
we still don't know it will affect us

>>64140305
you can easily use wine for old gayms with dx9

>>64140618
>actually now is absolutely the time for choosing a distro that doesn't have systemdicks
how so?

>> No.64141109

>>64140988
on some tracker or elsewhere ''stolen'' from paid shmuks i mean customers

>> No.64141116

welp
guess it's time to utilize the free w10 upgrade you get for claiming to be handicapped

>> No.64141149

So do you have to download some malware or visit a bad site to become victim to this? Of course I'm going to update, but just wondering if I need to go changing passwords and shit afterwards.

>> No.64141181

>ARM not affected.
I guess the """dumb""" phone posters win again :^)

>> No.64141186

>>64135717
Spectre affects everyone (Intel, AMD and ARM)
Meltdown only affects intel

>> No.64141202

Last time i turned on automatic updates on my win7(pirated) it fucked my pc and kept hanging on shutdown forever, rolling back fixed. So what are the odds i grab this update exclusively from microsoft site and makes my pc release mustard gas?

>> No.64141212

>>64140988
>>64141002
Man you guys are like babys. Disable java and flash plugins run an ad blocker use common sense.

>> No.64141213

>>64141069
>how so?
So that you don't get an "I told you so" a second time when systemdicks blows up. It's the next bomb in the making. Nothing good comes from centralizing your shit like that. It becomes a monster that devours everything.

>> No.64141215

>>64135683
Is encryption affected?

>> No.64141227

>>64141202
>Last time i turned on automatic updates on my win7
Selective updates, you nigger, you can fucking download standalone packages. The windows 7 patch is already available as a standalone.
I bet you didn't turn off updates from services but from the control panel and thought you turned off the service when actually it was ready to run at any time.

>> No.64141237

This drama sure has died down huh. It's like the world is not ending. Even the news fell asleep using worse case scenarios and hyperbolic headlines for clicks.

>> No.64141360

>>64141213
>systemd vulnerability found
>it gets patched

Are you seriously trying to compare a hardware design fault with a potential bug in an open source software?

>> No.64141432

>>64139382
say goodbye to your twitter account

>> No.64141630
File: 22 KB, 699x516, 25552399_1696055083786162_3196588006490543895_n.jpg [View same] [iqdb] [saucenao] [google] [report]
64141630

>>64138021
i have no idea what any of that means but fuck it sounds pretty bad there chief

>> No.64141668

>>64139462
Fuck off nerd

>> No.64141689

>>64135851
Oh shit so Core 2 as well. I didn't realize. Somehow I had got it into my head that it was SB and after

>> No.64141706

So from what I've read this will influence IOPS/ I/O stuff with NVMEs mostly so industrial workloads in datacenters and servers?

>> No.64141709 [DELETED] 

>>64137228
>>64136131
Given that no end-users with desktops are affected, could someone post a benchmark results for a Linux distro of their choice? That is where the supposed 30% performance hit is going to happen after installing the patch.

>> No.64141723

>>64137228
>>64136131
Given that no end-users with desktops are affected, could someone post benchmark results for a Linux distro of their choice? That is where the supposed 30% performance hit is going to happen after installing the patch.

>> No.64141724

i never used the browser's "save password" gimmick nor use a password manager
the only thing i have is a paper with all my shit
in the data theft front i'm not that fucked, right?

>> No.64141750

>>64141724
you're actually pretty secure
even the Russians went the paper route a while back

>> No.64141767

>>64141724
If you type in a password and someone installs a keylogger, it won't matter if you didn't save it.

>> No.64141773

>>64141724
you know, these password CIA niggers are relentless.
If they can't read the passwords, they will just break into your home and steal your piece of paper

>> No.64141794

>>64141116
>deal supposedly ended dec 31 2017
>still works
thanks, microsoft

>> No.64141834

>>64141767
but a keylogger is typically easy to detect by any anti malware program, is it not?

>>64141773
jokes on them, i wrote it all in lemon juice (joking ofc)

>> No.64141966

>>64141706
Yep.

https://www.computerbase.de/2018-01/intel-cpu-pti-sicherheitsluecke/#update2

>> No.64141973

>>64141723
Anyone?

>> No.64141984

>>64141834
the problem is that it doesn't need a keylogger program you download and execute, just a simple javascript drive by

>> No.64142018

>>64138889
Patch on Tuesday probably in the (((rollup))

>> No.64142048

>>64138889
Buy ryzen you dumb nigger

>> No.64142054

So my brainlet analogy understanding of meltdown is that it's like asking for the code to the safe while the CPU is distracted and then running away before it realizes it wasn't supposed to tell you that, correct? So what's spectere doing?

>> No.64142086

>>64142054
Meltdown is like you're at a restaurant and you order a hamburger and eat it. Then you give the hamburger back, but you still remember the taste of the hamburger and you walk out without paying.
Using the memories of the taste you can then figure out where the meat for the burger came from

>> No.64142087

>>64142054
>So what's spectere doing?
enabling it

>> No.64142090
File: 48 KB, 800x729, 1502457493616.png [View same] [iqdb] [saucenao] [google] [report]
64142090

>>64142054

>> No.64142138

>>64142086
Can we rename meltdown to "memories of beef"

>> No.64142152

How long should it take for intel to make cpus without this security breach?

>> No.64142156

>>64142138
>memories of beef
man, this is a cool name for an exploit

>> No.64142176

>>64142138
cornbeef

>> No.64142193

>>64142152
fucking years, 5 years minimum
they have to go back to basics on this, right back to the drawing board
whatever new architecture they have will be fucked if it's still based on the ghost of pentium pro

>> No.64142210

Will everything be fucked? Will we go on anarchy because the Wall St. computers will be hacked? I'm currently drunk and am fantasizing about a total world meltdown

>> No.64142225

>>64142210
>Will we go on anarchy because the Wall St. computers will be hacked
Nope, they run on gnu/linux. They'll have the patch. http://www.computerworld.com/article/2510334/financial-it/how-linux-mastered-wall-street.html

>> No.64142256

>>64135683
>the quick rundown on the Intel shit
--> >>64127406.

>> No.64142264

>>64141984
mind my nagging, but how would that actually work?
i'm not exactly tech literate, but is javascript THAT cucked? i get the kernel stuff, but a driveby keylogger?

>> No.64142276

>>64142264
yes, it's that cucked

>> No.64142290

AMD fanboys sure are desperate.

>> No.64142292
File: 24 KB, 112x112, 1513715393407.png [View same] [iqdb] [saucenao] [google] [report]
64142292

I'm also a retard and understand nothing.
So what can I do to be safe? Am I safe? Do I swap out my intel CPU for an AMD?
I use LastPass and lots of cloud programs to store miscellaneous stuff for convenience. You could say my entire life is online somewhere.

Am I fucked? Should I off myself right now?
I just want to play video games.

>> No.64142305

>>64138910
>""""""upgrade""""""
lmao

>> No.64142317

How concerned should I be if I only use my pc for basic internet, videogames and occasional porn

>> No.64142336

>>64142292
Make sure you are running latest security updates no matter the OS you are running.

If you have too old OS for security updates, you need to update or else you will be danger to yourself and others.

>> No.64142344

If this affects basically every Intel CPU made in the last 10 or 15 years and nobody noticed until right now doesn't it mean this could be the cause of basically every malware happening in all that time

>> No.64142350

>>64142317
if your PC is connected to TCP/IP you are vulnerable, this applies to every breach, but this is a very very nasty breach since it is at kernel level.

Enjoy bitcoin mining if you don't get security updates.

Oh and one of the sec-risks also influences phones.

>> No.64142354
File: 515 KB, 551x713, 1484726831236.png [View same] [iqdb] [saucenao] [google] [report]
64142354

>muh Coffee Lake
Enjoyed the wait, Intelfags?

>> No.64142368

>>64142344
>10-15 years.
EVERY INTEL CPU MADE SINCE 1995. and Spectre affects INTEL+AMD+ARM

>> No.64142372

>>64142354
yea

>> No.64142392

>Intel stock only down by 3%
lmao. there is no hope.

>> No.64142402 [DELETED] 
File: 44 KB, 1214x306, 3t.jpg [View same] [iqdb] [saucenao] [google] [report]
64142402

what do

>> No.64142416
File: 46 KB, 714x270, 3r2q3.jpg [View same] [iqdb] [saucenao] [google] [report]
64142416

what do

>> No.64142417

>>64142354
Love playing games at a high frame rate. AMD fanboys will never experience this.

>> No.64142432

>>64142416
>ME issue.
Now now anon, that is a THIRD (second Intel) dangerous vulnerability for Intel CPUs, which is a different thing, but you should totally fucking patch it.

>> No.64142451

>>64142432
0. INTEL ME issue (Intel only)
1. Meltdown (Intel "only")
2. Spectre (intel+amd+arm)

and Shintel stock is only down 3% after this crap lomfao

>> No.64142483

>>64142451
I told you idiots like you don't understand the stock market.

>> No.64142510

>>64142432
Well I went to this page
https://www.intel.com/content/www/us/en/support/articles/000025619/software.html
Then here, since my mobo is MSI
https://www.msi.com/news/detail/tbzkKfKPAi1ALASqaWkS99rxLH-FNw7O9AC8b2jsPHSoz1kSuAag52YLmCGiuuD9LhFJ7_wgczjFmbrnR5UGCA~~
And it would appear whatever fix I'm supposed to get isn't compatible with my low end board

>> No.64142531

>>64142510
You might not have ME in your CPU my dude. Like it's disabled.

>> No.64142574

patch for windows 7 when?

>> No.64142616
File: 19 KB, 296x107, 1111.jpg [View same] [iqdb] [saucenao] [google] [report]
64142616

>>64142531
Yeah looks like I don't have it

>> No.64142653

>>64142616
Not having ME is a fucking good thing. Rejoice, faggot, not all is broken in your life.

>> No.64142655

>>64136232
There must be an nsa bill being pushed through the senate

>> No.64142693

>>64142653
I'm getting mixed messages here, do I or do I not install this ME driver thing

I'm not sure I can even install it, the only thing I find for it in Intel's website says it's for Intel NUC

>> No.64142718

>>64142693
You don't need it. You're getting a false equivalent message from Intel's program, like that Equifax bullshit program that asked to get your shit fixed even when nothing was wrong and you're not on Equifax.

>> No.64142740

>>64142718
Well then I guess I'll just get the newest windows updates and see how this ends

God damn I was happier not knowing about this

>> No.64142772
File: 22 KB, 260x260, 1514015235769.jpg [View same] [iqdb] [saucenao] [google] [report]
64142772

>>64138688
>tfw furiously masturbating to 8008 on my abacus when I shake it too hard and it goes to 7965

>> No.64142776

>>64142740
My dude. There's three things going on if you have Intel CPU. ME has a terrible exploit (what you worried), Kernel has terrible exploit (Spectre & Meltdown). ME is fixed by Intel drivers if you have ME, second one (M&S) will be fixed by OS updates granted you get OS updates.

>> No.64142819
File: 38 KB, 400x232, greysq_lat.gif [View same] [iqdb] [saucenao] [google] [report]
64142819

>>64135683

https://googleprojectzero.blogspot.de/2018/01/reading-privileged-memory-with-side.html?m=1

https://spectreattack.com

https://www.sans.org/webcasts/106815?utm_medium=Social&utm_source=Twitter&utm_content=SPECTREWEBCAST+VMR+&utm_campaign=DFIR+Webcast

>> No.64142828

>>64140542
It affects on AMD 2, bro

>> No.64142834
File: 46 KB, 789x295, 2123123.jpg [View same] [iqdb] [saucenao] [google] [report]
64142834

>>64142776
Actually I just found this

Does this mean I'm safe from the ME issue since my CPU is 4th gen?

>> No.64142848

>>64142834
Well if you don't have ME you really can't be exploited through it can you?

>> No.64142870

>>64142848
Yeah I guess

sorry anon I'm tech retarded

>> No.64142989

>>64140024
Yes, totally made up. Microsoft is desperate trying to push the patch so it's probably nothing serious, right?

>> No.64142992

>>64142138
ok, so what do we call spectre?
I don't actually understand how that one works.

>> No.64143007

>>64140077
>was confirmed by an intel employee
Totally trustful source then.

>> No.64143030

>>64138193
>vendors don't care and nerf everything anyway

Do we have a source on this? Last I heard, the W10 fix only applies to Intel CPUs

>> No.64143046

>>64139059
>mangatraders still exist
That's a lie and you know it. The new MT is completely different and has barely anything on it.

>> No.64143057

>>64143046
It exists
As a giant archive in the torrents that no amerifat can touch because of filesize

>> No.64143088

Everyone's wrong

>> No.64143167

>>64137479
Probably

Reminder that these people are not your allies, thanks Bobama

>> No.64143198

You're safe as long as you don't run avengers2.mp4.exe or visit shady russian porn sites loaded with malicious ads and scripts

>> No.64143276

>>64143198
And sites run by a certain nip that randomly injects steange code into them

>> No.64143279

>>64138097
why am I so aroused when seeing this image?

>> No.64143322

>>64143198
>visit shady russian porn sites loaded with malicious ads and scripts
this chinese board already has shady code appended by hirohito

>> No.64143383

>>64142048
>Buy ryzen you dumb nigger
Cute. Especially when you attempt doing that in a third world country.

>> No.64143450

>>64143322
But a solid defense against that was created in a matter of hours the very day it was discovered

>> No.64143497

>>64139926
intel shills, i so fucking hate you right now, pls kys and gtfo my boards reeeeeeeeeeeeeeeeeeeeeeeee

>> No.64143533

>>64135717
*reply*

>> No.64143534

Where is the patch for windows 8?

>> No.64143565

>>64143497
So are you like okay with AMD shills or?

>> No.64143751

>>64143534
You don't need the patch, pls buy ryzen

>> No.64143765

Its literally fucking nothing, /g/ are just sperging out because they're amd fans

See

>>64143642

>> No.64143842

>>64143534
Maybe Microsoft is thinking it's close enough to regular monthly patch day that they'll just roll out the fix with the monthly security rollup for win 8 and win 7 next week.

>> No.64143890

>>64140077
>the 5% was confirmed by an intel employee
sounds trustworthy

>> No.64143901

i don't understand how this is a problem for clients
JS is still sandboxed inside the browser so worst case scenario it might get a password or two until the sandbox is emptied?

>> No.64143914

>>64142392
GBP WILL NEVER RECOVER

I mean intel

>> No.64143946

>>64141973
too early

>>64142290
your-tears-are-delicious.jpg

>>64142417
you mean console fags?

>>64142828
>It
is os related and patched
nice try

>> No.64143987

>>64143901
Meltdown let you access any memory in system. Sandboxing do nothing against it. It completely bypasses any software defence before OS patch.

>> No.64143996

>>64143901
>>it might get a password or two
>thinking this is remotely acceptable
HAHAHAHAHAHAHAHA

>> No.64144037

>>64143765
>your gaymes are mostly unaffected
>please ignore the absolute clusterfuck this is creating by the need to get an updated kernel running on every Intel based system of the last decade
back to /v/

>> No.64144038

>>64143987
it lets you READ kernel memory, right?
>>64143996
obviously it's not but the chances of encountering JS that knows exactly where to look for the password that you might or might not enter is low isn't it? i guess you could make a JS keylogger that works as long as the script is allowed to run?

just not understanding how this is being made out to be worse for clients than the NSA backdoors leaked awhile ago. obviously on servers this is terrible.

>> No.64144057

>>64143901
When code is run it is passed to the cpu, due to the nature of meltdown cpu is compromised so when the code is run it can instruct cpu to read code anywhere in memory (outside sandbox)

>> No.64144059

>>64135683
Intel is the new AMD now

>> No.64144075

You got CIA niggered and so did the rest of the world for over 20 years

>> No.64144079

>>64144038
>read kernel memory
>you now have root rights and can change it
Sure, not an issue at all

>> No.64144104

>>64144079
so this does allow you to write to kernel memory? i thought it only allowed you to read it...?

>> No.64144113

>>64144038
>it lets you READ kernel memory, right?
It also lets you read memory from other processes, for example programs such as keypass and lastpass.

>obviously it's not but the chances of encountering JS that knows exactly where to look for the password that you might or might not enter is low isn't it?
Many people use keypass/lastpass or some sort of system password manager (for example keychain on macOS). It's pretty trivial to make code that targets these specific systems, and there are plenty of people who use them.

>> No.64144122

>>64144104
If you can read kernel memory you can get root access. After that you can do whatever you want

>> No.64144184

>>64144122
how? everything i'm reading about this says it lets you read kernel memory; not get root access and do whatever the fuck you want with the machine.

>> No.64144197

>>64135717
ipad pro unaffected. What's a computer?

>> No.64144206

>>64144184
Stop replying to him, he's an idiot. See >>64144113 instead

>> No.64144218

>>64144113
>>64144206
so ironically password manager users are more affected by this than retards that use 2-3 passwords everywhere. thanks for clearing that up.

>> No.64144231

Rundown is intel fucked up big time and are trying to take AMD down with them.

>> No.64144254

>>64144218
Well, in this particular case, yeah. Kernel patch fixes that though.

It can also be used to hijack active sessions though, so it's not merely about passwords.

>> No.64144256

>>64144184
Passwords don't work to well if you can just read them. Their position in memory is randomized, not in the pagetable. And that is what meltdown gives you access to.

>> No.64144281

It's a feature it's real mode for modern CPU intel designed it on purpose and AMD stole it. Use only authentic intel inside (TM).

>> No.64144335

>>64144254
regardless, it's not going to let JS get root access, right? so it's bad, but not nearly as bad as EternalBlue or DoublePulsar were.

>> No.64144345

>>64144335
Not with KPTI enabled

>> No.64144359

>>64144254
How could that in theory happen? Wouldn't you first have to visit an untrusted, malicious website and disable your script blocker for JS to be able to execute anything?

>> No.64144516

>>64144359
Its not just JS, it could be any malicious code. But yes, it obviously needs to run to exploit meltdown.

>> No.64144581

>>64140077
>kernel and run as an administrator.
Like the administrator in user list?

>> No.64144638

>>64142416
the 86 is old the 88 is the latest

>> No.64144665

>>64136371
Sure you do.

>> No.64144667

>>64144345
without the patch JS can cryptolock/get ACE outside the browser by using this?

>> No.64144668
File: 60 KB, 693x663, 1502108236479.jpg [View same] [iqdb] [saucenao] [google] [report]
64144668

>>64136131
nice meme source you got here

>> No.64144689
File: 63 KB, 313x230, 1511276272727.png [View same] [iqdb] [saucenao] [google] [report]
64144689

So basically this only matters for data centers. For consumers it hardly changes anything and doesn't make any CPU surpass or fall behind another one.


So why do we care again?

>> No.64144692

>>64142417
Yeah, my Ryzen manages to get only 150fps compared to 155 on the 7700K.
It makes me wake up and cry at night.

>> No.64144725

>>64144667
Not just JS but any code that is executed

>> No.64144744

>>64135851
so spectre is just a minor concern?

>> No.64144746

>>64137683

Chance that windows themselves developed it to kill off windows 7 holdouts?

>> No.64144748

>>64144689
Because this is /g/ and not /v/ and fucking up x86 server infrastructure is a topic of interest here

>> No.64144774

>>64144748
Because your average /g/entooman owns datacenters amirite?

>> No.64144775

>>64144725
so >>64144122 was right and meltdown does let you get root access on the machine?

>> No.64144778

So why, from 1995 until today, this flaw was not used and there hasn't been a massive hacking attack happening all over the world were evil hackers steal all the money and waifus?

>> No.64144787

>>64144744
nigga all of these are a concern if the whole web is having a fiasco about this

>> No.64144812

>>64144774
He at the very least relies on their services and maybe even knows how important they are. If he's one of the 3 people on /g/ with a job he may even have to put in extra hours to get thisbshit patched.

>> No.64144859

>>64144775
If you can find the location of the password in question in the kernel side pagetabe, sure. Which shouldn't be to hard since all software security features to prevent that from happenig are useless.

>> No.64144881

>>64144859
JS can just open up a shell whenever it wants?

>> No.64144884
File: 141 KB, 405x490, 1491972205619.png [View same] [iqdb] [saucenao] [google] [report]
64144884

>>64136371
>autism, the post

>> No.64144902

>>64144881
Nope, but it can use timed cache attacks to fuck you.

>> No.64144931
File: 187 KB, 568x612, 1515005231360.png [View same] [iqdb] [saucenao] [google] [report]
64144931

>>64140077
>5% was confirmed by an intel employee
>will affect everything, including AMD

>> No.64144968

>>64144902
>timed cache attacks
aren't those used to get keys? why would you need to do that if you can just lookup the root password?

>> No.64144983

Before today I wasn't even aware that a fucking CPU chip could have any impact on security at all. Is there anything inside a PC that hackers can't use to fuck your shit up? Is there by any chance a brand of RAM sticks that allows them to remote access your bank account? Or a graphic card that allows them to detonate your PC? It feels like real life is turning into some shitty over the top Hollywood hacker movie.

>> No.64144993

>people still trying to pin it on Intel when it is a concept common to modern processors that gave them such speed-ups we take for granted today
lmao
Put all your money on graphene boyos, it's gonna moon soon. Silicon has been shit on yet again.

>>64144968
That's JS. It'd need to do that initial step to get to the level of finding passwords.
It needs to jump out the browser sandbox first.

>> No.64145011

>>64143765
hey looki. i have a self affirming and validating benchie too.
>>64143417

>> No.64145039

>>64144993
o-ha-yo~
>>64144993

>> No.64145057

>>64144993
>>64145039


>>64144938

>> No.64145096

>>64145057
Fuck are you on about?
I despise Intel.
It still affects everyone, cunt.

>> No.64145104
File: 127 KB, 657x527, apustaja.gif [View same] [iqdb] [saucenao] [google] [report]
64145104

>>64144993
>It needs to jump out the browser sandbox first.
So I guess what I'm not understanding is what the step(s) is/are in between finding the root password and getting outside the browser sandbox to do whatever you want.

Sorry for stupid.

>> No.64145147

>>64145096
>>64144635

>> No.64145158

>>64145104
Use meltdown to get access to the kernel space side of the page table. Find password in page table. Now you're free.

>> No.64145201

>>64145147
So, let me get this straight, what you are saying is AMD processors are inferior because they don't have these massive increases gained by such pipelining?
Gotcha.

>> No.64145216

everything has been said in clear terms all over this board, I'll stop replying and simply start to quote relevant posts all around in the hopes it'll trigger intel shills and quicken their nervous ulcer creation process.

>> No.64145250

>>64145201
oh my a circular reference. nice. and so quick
>>64145057

>> No.64145264

>>64145250
lole stay slow, nerd

>> No.64145292

>>64145201
No. They do speculative execution too. They just give you a page fault if a ring 3 application is trying to stick its nose into the kernel space side of the page table.

>> No.64145322

>>64145292
proofs

>> No.64145341
File: 23 KB, 600x484, hep heller.jpg [View same] [iqdb] [saucenao] [google] [report]
64145341

>>64145158
>Now you're free.
i still don't get it desu
somebody said earlier javascript can't just open up a shell and i don't know enough about it to know how getting the root password allows it break out
>use meltdown to get root password
>???
>now you're free

>> No.64145369

>>64145264
get fucked intel

>>64144862

>calls me a nerd. on /g/
s-should I be be feeling this warm sensation in my chest... i-is it happiness? waaah~ i'm so proud of myself. Thank you for the confidence boost senpai.

>> No.64145419

>>64145369
That's some amazing proof you have there.
I'm awed and amazed at the proofs.

Also why do you keep calling me an Intel shill?
I'm laughing at how much shit they are getting because they are a scummy as fuck company.

>> No.64145474

>>64136544
There is exactly no indication of this. To exploit meltdown, you have to be able to issue loads and stores to specific addresses, and JavaScript can't do that.

>> No.64145522

>>64145322
Literally in their statement. Besides tjay without prefetching and speculative execution performance would drop by at least an order of magnitude.

>> No.64145531

>>64145419
oh, I recongnize this one.
you're nvidia.
those that post speccy with "your own" radeon 290x to bitch about the inferior drivers. I love these guises the most.

you people on a joint task force with intel this week?

>> No.64145548

>>64145341
It can. Every code can. With the root password you're in

>> No.64145570

>>64145531
I don't have a graphics card. (integrated)
Where's that proof tho?

>> No.64145572

>>64145474
How did they use JS for their proof of concept in the first whitepaper on this then?

>> No.64145766

>>64141630
>Facebook filename
Kill yourself, zuckercuck.

>> No.64145939

>>64145570
i figured out why you're here.
you must be tired.

>>64127406

>> No.64145955

>>64139450
THe issue is baked into the silicon

>> No.64145961

>>64145939
So where is your proof you kept going on about?
I showed you mines.
Now show me yours ;)
Oh wait, you have none.

>> No.64146000

>>64145961
https://en.wikipedia.org/wiki/Tautology_(logic)

>> No.64146022

>>64146000
Those are nice trips, but that isn't proof.

>> No.64146166

SHOULD I INSTALL WIN7 FIX OR NOT?

>> No.64146209
File: 52 KB, 365x444, 2df32df900.jpg [View same] [iqdb] [saucenao] [google] [report]
64146209

>>64141149

+1 this - someone ansr pls

>> No.64146253

>>64141212

you moron ... win 7 is still getting support for 2 years meaning if there was a fix, w7 would get it too

>> No.64146270
File: 1.50 MB, 300x154, make it stick.gif [View same] [iqdb] [saucenao] [google] [report]
64146270

>>64146022
keep on trying, ganbatte! faito!

>> No.64146303

>>64146270
I'm not trying anything.
I am waiting for you to post your supposed proof of AMD immunity to Spectre.
You haven't.

>> No.64146323
File: 65 KB, 726x781, holy_sheeeez.png [View same] [iqdb] [saucenao] [google] [report]
64146323

>>64146022
>>64145961
>>64145570

you got curious though, proof of what you on about? linus' post? well, he did btfo with that and it was awesome.
here, have another sip of that.

>> No.64146386

>>64146323
That is not proof.
That is just Linus being an ass and pointing it how awful Intel handled the news. (and rightfully so!)
Also, that says ARM, not AMD.
Are you dyslexic as well as dumb?

>> No.64146699
File: 212 KB, 793x307, 1515020469795.png [View same] [iqdb] [saucenao] [google] [report]
64146699

>>64146303
you're indeed relentless

>>64145952
>>64128422
>>64143154
>>64145555
>>64144635
>>64145001

https://www.reddit.com/r/Amd/comments/7nzts4/linux_accepts_excluding_amd_from_pti_if_amd_is_so/

https://www.techpowerup.com/240250/dear-intel-if-a-glaring-exploit-affects-intel-cpus-and-not-amd-its-a-flaw

https://www.techpowerup.com/240255/amd-updates-on-amd-processor-security-status

https://www.amd.com/en/corporate/speculative-execution

https://techreport.com/news/33026/researchers-reveal-meltdown-and-spectre-cpu-exploits

https://www.pcper.com/news/Processors/Meltdown-and-Spectre-Security-Vulnerability-Impacts-Intel-most-AMD-Arm-well

what part of the "near zero risk" you don't get?

>> No.64146790

this one has a better technical analysis
https://www.reddit.com/r/Amd/comments/7o2i91/technical_analysis_of_spectre_meltdown/

>> No.64146869
File: 188 KB, 552x530, b46fa6ee3f.png [View same] [iqdb] [saucenao] [google] [report]
64146869

http://www.theregister.co.uk/2018/01/04/intel_meltdown_spectre_bugs_the_registers_annotations/

>> No.64146899

>>64146699
Thank you, that's all I fucking wanted man.
I actually want to read this. I ain't no shill.

lmao Intel is hyper-fucked.

>> No.64146961
File: 412 KB, 600x764, chuuni_lewd.png [View same] [iqdb] [saucenao] [google] [report]
64146961

>>64146869
brutal

>> No.64147030
File: 47 KB, 1024x1024, truth matrix.png [View same] [iqdb] [saucenao] [google] [report]
64147030

>> No.64147036

>>64145572
I sure haven't seen any whitepaper that hasn't used C code.

>> No.64147056

>>64147030
we should just stop using CPUs entirely

>> No.64147166

>use qx9660 for years
>people laugh at me for using old architecture
Who's laughing now?

>>
Name (leave empty)
Comment (leave empty)
Name
E-mail
Subject
Comment
Password [?]Password used for file deletion.
Captcha
Action