[ 3 / biz / cgl / ck / diy / fa / g / ic / jp / lit / sci / tg / vr / vt ] [ index / top / reports / report a bug ] [ 4plebs / archived.moe / rbt ]

Due to resource constraints, /g/ and /tg/ will no longer be archived or available. Other archivers continue to archive these boards.Become a Patron!

/g/ - Technology

View post   

[ Toggle deleted replies ]
File: 267 KB, 1176x1128, good_luck_recovering.png [View same] [iqdb] [saucenao] [google] [report]
64144134 No.64144134 [Reply] [Original] [archived.moe] [rbt]

Just making this thread to remind you that I warned you that it's impossible to prove a negative, and now that it's been shown that AMD is actually affected by Spectre as well as Intel, I've been proven right and you have egg on face.

Next time, before you start spouting bullshit, make sure you've brushed up on your logic. Truth rules are valid everywhere, and it's a definite rule of logic that negatives absolutely cannot ever be proven. The More You Know.


>> No.64144165
File: 29 KB, 455x376, nfrre34.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64144173

AMD isn't affected by Meltdown in its current form, so you know, there's that.

I still need to read the whitepaper on Spectre though, so nothing to add to that.

>> No.64144174

This is pathetic.

>> No.64144175

AMD is not affected by the problem that needs to be remedied with a patch that can in some cases significantly reduce performance.
That patch is what started this whole shitstorm. That is the problem we are talking about.

Go shitpost somewhere else intlel brainlet.

>> No.64144195

>using wikipedia as a source
>not using the citations listed on wikipedia as a source
I take it you haven't finished highschool yet.

>> No.64144212

Just like how pajeets write their thesis papers.

>> No.64144220

*pulls out Ethernet plug*

Oh look you are powerless again

Fuck off you stupid ghost

>> No.64144235

AMD affected by Spectre only on GNU/Linux not default kernel settings. On intel PTI patch only fix Meltdown, to fix Spectre youll need to buy AMD CPU, there is no other fix. So its good time to buy ryzen while the price is low if you dont want to regret later.

>> No.64144245

He say while he damage controls

>> No.64144247

>In particular, we have verified Spectre on Intel, AMD, and ARM processors.
That's what it says on the citation. I take it you haven't finished middle school yet.

>> No.64144269

You are spreading misinfo in a pathetic attempt to satisfy your employer.

>> No.64144273
File: 18 KB, 636x466, 1514423918237.jpg [View same] [iqdb] [saucenao] [google] [report]

Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors.

>> No.64144286

>but teacher, the citation that Wikipedia lists has the correct information
0/10 see me after class

>> No.64144326

Yes, and AMD is only affected with a non-default kernel setting and IT WAS ALREADY PATCHED.

I got a update literally hours ago from SuSe

>> No.64144330

Fake news spreading in sake to save intel. Yes, AMD affected, but not on Windows and even not on default linux.

>> No.64144338


>> No.64144381

>AMD is not affected by the problem
So far.

That is, until they find another way to exploit them.

That's what you guys are missing. Just because we haven't found a way yet, doesn't mean there isn't one.

>> No.64144400

From what I gathered the test was done on FX and AMD Pro (APU, not sure what architecture),

I'm curios if anybody tested it on Ryzen.

>> No.64144407

There is no such thing as 100% secure networkable hardware, we can only squash bugs as they come out.

>> No.64144408

So far Intel isn't affected by an additional exploit that will require a patch that unconditionally reduces the performance of all workloads by 50%.
Just because we haven't found a way yet, doesn't mean there isn't one.

>> No.64144482

AMD shills literally having to make stuff up at this point.

>> No.64144505
File: 580 KB, 1852x1166, 1515049340135.png [View same] [iqdb] [saucenao] [google] [report]

He responded in kind you demented favela monkey, enjoy your 300%

>> No.64144528

The bounds checking bypass via invalid cache read works on Ryzen.

PoC: https://pastebin.com/Txidik7V

>> No.64144530

>T-there might be exploits for and out there!

There is almost certainly loads of vurns for every cpu and operating system that are yet not affected. Intel has a confirmed massive hole and the patch affects performance negatively. Stop trying to damage control.

>> No.64144534
File: 154 KB, 650x558, UMA.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64144580

I hope umadeliciaposting never dies.

>> No.64144614
File: 68 KB, 500x500, 1498791841461.png [View same] [iqdb] [saucenao] [google] [report]

I wonder who was behind that one

>> No.64144629

as long as /g/ is infested with intel favela niggers that refuses to fuck off and breed like rats, it never will.

>> No.64144635

Actual facts:

The problem comes in three flavors, V1, V2, V3. V2 is the scary one, V1 is far less serious and V3 is basically a non-issue.

Intel processors are, with default settings, vulnerable to all three but each one can be fixed with a combination of microcode updates and OS patches. It is the OS patch that fixes V2 which is expected to cause some performance loss.

AMD, ARM, VIA etc processors are by default not vulnerable to any of the three attacks but can be made vulnerable to V1 and V3 quite easily with a simple toggle.They are not vulnerable to V2 because it requires specific architecture to work which these chips do not utilise. This is still a problem but means that these CPUs do not need the OS patch which is expected to reduce performance, they need only the V1 and V3 fixes.

tl;dr, AMD cpus CAN be harmed by this they aren't completely immune but the risk is far lesser and the implications are less for performance.
Will you all just grow the fuck up and actually pay attention instead of shilling for your respective fucking processor companies?

>Sent from my Phenom II X6 1055t

>> No.64144711

>Phenom II X6 my brother!

>> No.64144742

H-have we started the fire?

>> No.64144745

V3 AKA Meltdown AKA "Rogue Data Cache Load" is the scary performance heavy one

Also, didnt windows roll out the performance hit patch to everyone regardless of their cpu? if so AMD might get hit as colateral

>> No.64144760

Microsoft pushed the patch but it's not enabled(only on WinServer by default IIRC) you need to go into regedit to update it.

>> No.64144761
File: 41 KB, 1033x679, muh_nig.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64144792

I apologise if I got V2 and V3 mixed up, I am suffering from quite an awful flu bug at the moment.

>> No.64144796

oh, good to know.

Although the process to turn it on makes it sound like they are more worried about average user not knowing shit happened than they security.

Though I guess this is more on microsoft than intel

>> No.64144798
File: 234 KB, 882x758, 1490730560540.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64144823
File: 3 KB, 278x181, REEEE.jpg [View same] [iqdb] [saucenao] [google] [report]

> Incredible risky bug/exploit is found
> Mircosoft: "Better fix this fast!"
> NSA: "Wait a second! Leave it open for the private customers."


>> No.64144830

sounds like microsoft is avoiding liability from performance drop on update

>> No.64144896
File: 65 KB, 679x711, 1515046956968.jpg [View same] [iqdb] [saucenao] [google] [report]

>> No.64144907
File: 58 KB, 645x773, 1415448167396.png [View same] [iqdb] [saucenao] [google] [report]

now i truly believe there are literal intel shills here
you literally cant be buttmad about AMD not affected by this exploit

>> No.64144969


>> No.64145017

um no sweety

>> No.64145019

how to turn on

I want to run benchmarks and see if anything is affected

>> No.64145020

>doesn't mean there isn't one.
Occam's razor, burden of proof, Russel's teapot. Take your pick at how you want your argument to be shown irrelevant, Intel shill.

>> No.64145045

Be honest thou, you where freaking out at first. Infact that's what this op feels like, a freak out in desperation

>> No.64145061
File: 228 KB, 718x1113, knowledge_by_nayzak-d53bwwe.jpg [View same] [iqdb] [saucenao] [google] [report]

AMD said that Meltdown doesn't affect them, not Spectre.

>> No.64145115

It's enabled by default on consumer machines.

>> No.64145117

why, just why, don't even need to elaborate, anon already said it better

>> No.64145121

What is your point? Something tells me you didn't read your own link.

>> No.64145123

This "bug" is too much spoken about. It is not really serious, and it affects every ARM and AMD CPU on the world too but everyone focuses on Intel because it is the best and the most used CPU. While others claim they are not affected when they are, Intel is open and acknowledges the problem and will provide a fix as soon as possible. The fix will not slow Intel processors down, it only happens in specific exact lab conditions and workloads. Intel is always there for us and offers the best computing experience. I, one for sure will still keep buying Intel instead of cheap chinese clones like AMD.

>> No.64145145

so do I need to enable it in 2016 LTSB win 10?

>> No.64145169
File: 944 KB, 1228x1502, 1497021648674.png [View same] [iqdb] [saucenao] [google] [report]

Just like intel, except AMD is not ass raped by meltdown.

>> No.64145193

Let me get this straight. I have a FX-8350. This CPU is not affected by meltdown, so the Windows patch is irrelevant and would hinder performance irrelevantly. The patch is on by default for all consumer (non-server) machines, regardless of CPU. Am I suffering a performance hit right now then? What about Linux, does it differentiate between CPUs when applying the patch?

>> No.64145202

>best and most used CPU
we're focused on intel because they're vulnerable to spectre AND meltdown, an absolute shitshow of an exploit
it's like AMD and the ARMboys have egg on their faces and intel has a mixture of egg and shit. all eyes are on intel because of the shit, since everyone else is also covered in egg.

>> No.64145214

all I know is ctrl+alt+del is taking a lot longer to open know

>> No.64145245

This is untrue. AMD is vulnerable, and on top of this AMD is a inferior cheap product trying to mimic the premium Intel experience. Intel will always be the best choice for the optimal premium computing experience.

>> No.64145269

>Spectre 1
>AMD, only linux with non-default kernel setting

what are the settings?

>> No.64145295

Apparently running this PowerShell script will tell you what's up

Problem is, every time I run it it just pops up a "which app would you like to use" window and no matter what app I select it just keeps happening


>> No.64145297



>> No.64145301

Linux checks which CPU you are using and only applies it to Intel.
I don't know about Windows. You can check if it's enabled by running
Install-Module SpeculationControl

in powershell running as administrator.
I tested the registry keys and they disable the patch on non-server version as well.

>> No.64145317

>AMD is vulnerable
To Spectre, which is very hard to exploit and fixable with no performance hit.
Meanwhile Intel's fix reduces performance by 30%.

>AMD is a inferior cheap product trying to mimic the premium Intel experience
Yet apparently it's safer.

>> No.64145333

it fx pro cpu and apu, zen is fine

>> No.64145345

Meant to reply to >>64145193

>> No.64145348

Deplorable trolling attempt, not even 1/10.

>> No.64145353

>AMD said
Hmmm... really makes you think!

>> No.64145355

you can if you have extreme buyer's remorse. so bad that it's literally stockholm's syndrome.

>> No.64145358

>What about Linux
In the patch code there is literally if(INTEL_CPU) { //cpu is vulnerable; apply patch } code

>> No.64145359

The post you quoted is a shill post by AMD employee. The news and all topics are a massive campaign from AMD, this is a desperate try to stain Intels name, as AMD knows their inferior products are not able to match the premium Intel products. AMD is affected with many security problems while Intel rarely has issues and fixes them quick if any come up and Intel is military grade secure.

>> No.64145370

Than you!

Does this flag really exist?

>> No.64145373

you're wrong
the patch is
if CPU is x86 and CPU isn't AMD apply patch

>> No.64145382

Linus and microsoft say amd zen is fine, what now shill

>> No.64145388



>> No.64145396

It's actually the opposite. The code says if x86 vendor not AMD apply patch

>> No.64145402

>Intel creates the biggest CPU bug in decades, forces the entire world to update their OS
>somehow this is AMD's fault

>> No.64145403

Report back if it's enabled by default on AMD on Windows. I'd like to know.

>Does this flag really exist?

>> No.64145408

Are you aware why Apple MacBooks use only Intel processors? It is because they are premium computers, so a premium processor is required to get the premium experience. This is why there is no AMD equipped Macs, because they would have too much security issues and can't match Apple's high standards of quality

>> No.64145409

Look at the Intel shills trying to shift the attention

>> No.64145417

https://lkml.org/lkml/2017/12/27/2 you are right, my bad

>> No.64145435

90% it's sarcams, but burgers don't fare with sarcams so i'll play it safe and drag your name down with me, lumping it all together in a single undistinguishable goalshifting package


>> No.64145444

Will do.

>> No.64145451


>> No.64145458

Can someone tl;dr me what the fuck is going on and if i own ryzen should i download some patch or not?

>> No.64145481

AMD has many serious security problems, while Intel has near zero serious security issues, and the performance issue happens only in specific lab conditions and loads. Please do not spread misinformation, Intel is military grade secure and approved by US Government while AMD is not able to pass these high security requirements.

>> No.64145497

If my pc's security is vulnerable to javascript
With ublock origin blocking most stuff, am I safe?

>> No.64145512


>> No.64145541

Is this the new "Is Your Son a Computer Hacker?"

>> No.64145542


>> No.64145555

Alright I installed the script and ran it, here is the output:
PS C:\WINDOWS\system32> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: False

BTIHardwarePresent : False
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : False
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : True
KVAShadowRequired : False
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : False
KVAShadowPcidEnabled : False

Can someone make sense of this? Remember this is for an AMD CPU (FX-8350).

>> No.64145564

In theory yes but every program you interact with can make use of the same bugs or could be leveraged to make use of the bugs so there's no perfect solution on an application level. On the OS level there's a half-solution in making everything work less efficiently

>> No.64145569 [DELETED] 

Reminder that the only AMD chips tested thus far have been the FX-8320 and the A8-9600. There is no confirmation or denial yet about whether Ryzen is or is not affected. It could be.

>> No.64145578

>while Intel has near zero serious security issues
Then why did the entire world just had to update their OS?

>> No.64145591

Reminder that the only AMD chips tested thus far have been the FX-8320 and the A8-9600. There is no confirmation or denial yet about whether Ryzen is or is not affected. It could be.

>> No.64145592

Also it's impossible for you to know what javascript is safe to unblock so unless you're committed to never running javascript again it's not a good solution.

>> No.64145607

>buying Intel Thermal Meltdown™ CPU

>> No.64145608

So basically the entirety of Modern CPU Architecture is fucked and at the mercy of hackers, yes?

>> No.64145625

Intel sells broken U series processors for manufacturers to sell in South América. Two different notebooks, two different price range (300 and 1000 dollars), both with Intel cpus had the same problem at 3 months of use, 16bit like color and white/gray banding on gradients, happens on the integrated LCD panel and on both vga and hdmi output. Intel is as shady as every other company.

>> No.64145635

This is an unfortunate issue for Intel, but the fix has been released by many major operating system providers. Intel fixed the issue quickly before any real damage happened, while AMD does not fix their processors any time soon despite having hundreds of confirmed serious security problems. I for sure will choose Intel on my next computer because Intel cares about it's customers unlike AMD

>> No.64145637
File: 318 KB, 882x758, 1490730560541.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64145663

>Hardware requires kernel VA shadowing: False
It's disabled.

The first part is related to spectre. I don't know enough about how mitigations for that are supposed to work.

>> No.64145666

Zen was tested, just not by Google.
Read the papers on https://meltdownattack.com/

>> No.64145711

>Q: Am I affected by the bug?
>A: Most certainly, yes.
There you go, Satan.

>> No.64145723

>despite having hundreds of confirmed serious security problems.

>I for sure will choose Intel on my next computer because Intel cares about it's customers unlike AMD
And I will for sure choose AMD because it never had a bug even close to the same order of magnitude as this one.

Why are you shilling for them, man? You know their stock is plummeting, they're going to lay off lots of people and I can assure you Ranjeet the internet marketeer is going before Bob the semiconductor engineer.

>> No.64145749
File: 551 KB, 232x500, 1503202958027.gif [View same] [iqdb] [saucenao] [google] [report]

you post has served me well, thank you sir.

>> No.64145750

Don't reply to bait.

>> No.64145757

the intel bug is meltdown not spectre

>> No.64145774

Lol no, even jewtel test it for them, just imagine how happy their pr if zen is affected

>> No.64145789

please do not draw this ugly slut on top of my wife

>> No.64145797

You can lookup the problems by yourself, while I cannot under my terms tell them directly I can say AMD has over 300 confirmed security problems. I would personally feel very unsafe buying AMD while Intel is military grade secure and offers the best experience. This issue is only a anti-Intel campaign by AMD employees

>> No.64145842

>You can lookup the problems by yourself
Not my job to provide proof for your lies, Rajesh.

>> No.64145844
File: 205 KB, 1920x1080, Shouwa_Genroku_Rakugo_Shinjuu_Sukeroku_Futatabihen_-_10v2.jpg [View same] [iqdb] [saucenao] [google] [report]

dontcha mean slug?
have a better waifu, you deserved it.
she's a mouthful though.

>> No.64145877



>> No.64145900

Many sorrys but I guarantee this is not lies but truth and facts. I am just a regular customer and I am a happy customer of Intel as they offer the best products and care about users

>> No.64145952
File: 146 KB, 460x432, raycisscpus.png [View same] [iqdb] [saucenao] [google] [report]

from what ive read
STFU you stupid intel misinformation shill
theres 3 different versions of spectre
1 is like a hack, that can be software patched out and doesnt affect performance. amd is affected by that
2 and 3 are big flaws in the processor, READ FLAWS backdoors fucckups and intel is affected by that
not a hack that someone came up with because some security thing is not patched or someone left a hole yet, you faggot

from what ive read

>> No.64145982

He literally copied and pasted the text from meltdownattack.com, you desperate AMD shill.

>> No.64146004
File: 125 KB, 960x878, 1494523232402.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64146013


>> No.64146038

Spectre, from what I can gather, is an inherent flaw in the x86 architecture itself. And there is no software fix for it. Still doesn't change the fact that Jewtel designed their chips in an inherently unsafe way to boost benchmarks.

>> No.64146062

It's a flaw of anything using branch prediction.
Fortunately, the attack vectors for Spectre are easily mitigatable.

>> No.64146142

I hope this whole thing makes Intel CPUs fall in price.
I need to upgrade my 3570k.

>> No.64146148

OK. I'm not a kernel developer or cpu engineer so a lot of the details are above my full understanding. But it appears as if FUCKWIT (I prefer the original name to MELTDOWN) is most definitely an Intel exclusive issue that should have been caught by any competent engineer.

>> No.64146180

>AMD doesn't suffer from problem A
>(news is about AMD suffering from problem B which is completely unrelated to problem A

damage control is a real thing

>> No.64146181
File: 153 KB, 460x432, retarded_nigger_computer.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64146273

ebpf should be enabled. It's actually the reason proof of concept was only made for linux - it's the only kernel with ebpf out there.

>> No.64146381

Kill yourself pathetic shill.

>> No.64146383

FUCKWIT is the name for the Linux patch (now named KPTI), not the vulnerability.

>> No.64146660

This. To deny Intel's superiority is to deny reality. The United States Navy seals, the most elite military force in the world, uses only Intel. That much is enough for me.

>> No.64146741
File: 34 KB, 533x544, Capture1.png [View same] [iqdb] [saucenao] [google] [report]

ehhh, how do I interpret this shit? This is on an old as fuck Nehalem i5 cpu and this is after I added those registry keys from the article. Do I need to do anything to enable mitigations, or is my hardware too old?

>> No.64146785

It's alreany enabled. KVA Shadowing ~== KPTI.

>> No.64146793

Meltdown mitigation is enabled (it should be without you adding any registry keys) but because you are using a pre-haswell cpu (no pcid optimisation) the performance impact is going to be roughly twice as bad.

>> No.64146814
File: 80 KB, 1210x582, file.png [View same] [iqdb] [saucenao] [google] [report]

>> No.64146818

>you need to go to reddit to update it

>> No.64146848

Remember those weird adresses popping up on 4chan a few weeks ago? Hm, what a weird coincidence...

>> No.64146912

>the absolute state of /g/

>> No.64146973

alright thanks
>the performance impact is going to be roughly twice as bad.
that's great haha

>> No.64147001

so this is what you do with your life?
you poor poor soul

>> No.64147045

(you)'re getting there

>> No.64147121
File: 2.91 MB, 309x313, alex_jones_lol.gif [View same] [iqdb] [saucenao] [google] [report]

Please, stop this. I am using Intel in my build, but i can admit that Intel fucked up. Switching to Ryzen in my next build i think.

>> No.64147184
File: 58 KB, 700x700, 1514990703031.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64147406
File: 105 KB, 740x651, 1502856336216.jpg [View same] [iqdb] [saucenao] [google] [report]

Is it every chip? I have a 2500k. Cant find a list anywhere.

>> No.64147454

See >>64145711

EVERYBODY who has a computer is affected.

>> No.64147485

holy fuck i'm crying of laughter

>> No.64147506

>Switching to Ryzen in my next build
enjoy the headache

>> No.64147524

Wow, how do you know I have migraines?

>> No.64147532

they also use redhat which their bosses: the us government fun development of and years back they had vulnerabilities built in

>> No.64147561

I trust Intel, just like most governments and important comporations around the world. Intel microprocesssors are the most secure, and I enjoy superior performance thanks to decades of expertise and optimizations other organizations can't match.

>> No.64147590

Every single CPU except for theoretical shit like Mill CPU, and very basic embedded CPUs are vuln to Spectre.

Basically Spectre exploits the highly complex branch prediction that has been in CPUs since early 2000s, so the only way to stop it is to patch with a pile of hacks that slow the fuck down every single software ever made since 1990s as we can no longer do things like exploit caches. The fix for Spectre, is a decade of a new research into branch prediction which is hilarious, essentially we're all totally fucked and thrown right back to 1998.

>> No.64147618

I'm still a little lost, so does this spectre meltdown thing only effect x86 cpus?

>> No.64147631

What does branch prediction have to do with caches?

>> No.64147636

No, it affects every CPU.

>> No.64147676

in order processors aren't affected - the original atom, arm cortex a53 (raspberry pi etc)

>> No.64147679

Let's get the facts straight.
AMD and ARM are only affected by variant 1 of Spectre which is easily patchable without performance degradation, variant 2 of Spectre hasn't been demonstrated to work on either AMD or ARM.(Note: the variant 1 exploit was successfully executed on the AMD bulldozer and excavator architecture and ARMs Cortex A57 from a Nexus 5, outdated architectures from both companies).
Variant 3 is Meltdown, Intel is the only affected by this exploit and the patch will cause performance degradation.
Intel is the only affected by all 3 variants (Spectre variants 1 and 2, Meltdown variant 3).

>> No.64147684

Spectre and meltdown are two different vulnerabilities.
Meltdown is the super-nasty you're completely fucked one, while spectre is merely bad.
Meltdown is the intel specific one, while spectre affects everything, AMD, ARM, VIA, anything with branch prediction. But it's patchable without a performance hit.

>> No.64147720

1080t here, 5 years running most likely wont upgrade for another 3

>> No.64147721

Spectre affects every CPU except for the most basic embedded one's, so ARM/AMD/Intel/RISC-V/Solaris ect basically every CPU that does branch prediction, which is all of them since the 1970s with exception as noted, to basic embedded CPUs kicking around, some Chineez Citrix CPUs, very, very old Intel Atom CPUs (pre 2003 or something), and that's it.

Meltdown is different and primarily affects Intel, but it doesn't matter we're all pretty much fucked, and we now live in a world where cache friendly code can no longer exist, this means 1998 speed in running programs until they fix their architecture, which could take 3 to 10 years.

What will takeoff is whole optimizing compilers like Mlton w/functional parallel algorithms, GPUs, and Mill CPU which is still in the drawing board stage https://millcomputing.com/

>> No.64147797

Everything, read the Spectre paper.
You write cache friendly code in the past in order to prevent branch prediction misses, this is called principal of locality in CS.

But today, you can now write cache unfriendly code, meaning you are purposely causing a miss in order to load your gadgets into execution so you can hack the planet aka: Spectre.

All the mitigations the OSs are doing are ugly hacks that now make a lot of the principle of locality impossible to write, to protect against branch misprediction hacks.

We're so fucked that theoretically if you run a browser with javascript enabled, somebody using this attack via the Google PoC javascript exploit can grab your encryption keys out of ram remotely.

>> No.64147803

I would say Meltdown is an emergency and very bad for Intel, but long term Spectre is worse.

Spectre is not a single concrete vulnerability: it's more like a new class of attacks against CPU hardware which was not known in the time when those CPUs were designed.

>> No.64147807

Thx /g/ents, this shit sounds nasty, never again will I buy 1000 euro gaming laptop

>> No.64147820

>your encryption keys out of ram remotely.
Only if they're stored in user space. Which encryption keys aren't.
Browser-managed passwords are though.

>> No.64147844

It's just had the misfortune of coming out and having to be compared with meltdown.
I'm sure someone more creative is going to chain spectre with something to make it devastating.

>> No.64147864
File: 136 KB, 682x787, 1515002395255.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64147869
File: 183 KB, 436x328, kinomonk.png [View same] [iqdb] [saucenao] [google] [report]

Is installing TempleOS the only solution?

>> No.64147878

Is specter the 0 day that intel had in their pocket in case they fucked up so they could fuck AMD just in case?

>> No.64147886

Spectre affect kernel memory, this is why it's a big deal, not just user memory.

>> No.64147906

i dont believe in such coincidences

>> No.64147920

Intel since '93: Spectre 1 and 2 and Meltdown

>> No.64147933

with templeos you will have the security of god. the devilworshipping nsa can't break that no matter how many backdoors they install

>> No.64147939

You're right. they're the same class of attack, hence why they're together. Meltdown is a specific case that's extremely bad for intel, and spectre is the more general case.

>> No.64147945

I can't run this fucking stupidity, it just opens a "How do you want to open this file" window.

>> No.64147986

Anybody who bought an Intel since early 2000s is now vuln to Meltdown, and the patch makes it slow as fuck.

AMD pretty much won the CPU wars though only if they abandon Von Neumann architecture and don't celebrate too hard as they are still vuln to Spectre.

>> No.64148064

>since early 2000s
More like since 1995. Vulnerable Intel CPUs are Pentium Pro and everything that came afterwards.

>> No.64148164
File: 69 KB, 1645x654, (((kiketel))).png [View same] [iqdb] [saucenao] [google] [report]


Fucking hell, take a look at Kiketel's damage control in their security advisory:


Literally conflating the more academically intricate chad Spectre attack with the virgin scriptkiddie Meltdown, screeching "b-but AMD & ARM too, baka~" and refusing to admit the severity of a vulnerability IN THEIR OWN FUCKING TECHNOLOGY to their paying customers.

Oh and of course their CEO literally committed security fraud by using the insider information granted to him in June to make bank on all of his non-mandatory stocks before all this info was published.


Never buying anything from these pieces of shit again.

>> No.64148200
File: 1.13 MB, 940x672, (((intel))).png [View same] [iqdb] [saucenao] [google] [report]


>> No.64148243
File: 46 KB, 396x119, hetrustedajew.png [View same] [iqdb] [saucenao] [google] [report]


Name (leave empty)
Comment (leave empty)
Password [?]Password used for file deletion.