Jonkman Microblog
  • Login
Show Navigation

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Notices tagged with spectre

  1. Dr. Roy Schestowitz (罗伊) (schestowitz@pleroma.site)'s status on Friday, 18-Oct-2019 11:51:15 EDT Dr. Roy Schestowitz (罗伊) Dr. Roy Schestowitz (罗伊)
    • Dr. Roy Schestowitz (罗伊)
    The #Spectre Mitigation Impact For Intel Ice Lake With Core i7-1065G7 http://www.tuxmachines.org/node/129454 #security
    In conversation Friday, 18-Oct-2019 11:51:15 EDT from pleroma.site permalink
  2. clacke: inhibited exhausted pixie dream boy 🇸🇪🇭🇰💙💛 (clacke@libranet.de)'s status on Saturday, 16-Mar-2019 00:48:16 EDT clacke: inhibited exhausted pixie dream boy 🇸🇪🇭🇰💙💛 clacke: inhibited exhausted pixie dream boy 🇸🇪🇭🇰💙💛
    mastodon.xyz/@claudiom/1016990…


    ♲ @claudiom@mastodon.xyz: So you thought that your shiny new #Intel #CPU was secure now that it's hardware-mitigated for #Spectre and #Meltdown?

    Let me "spoil" that for you....

    So far, AMD and ARM look unaffected.

    #spoiler #security #vulnerability

    www.zdnet.com/article/all-inte…

    In conversation Saturday, 16-Mar-2019 00:48:16 EDT from libranet.de permalink
  3. lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Saturday, 23-Feb-2019 16:37:47 EST lnxw48a1 lnxw48a1
    https://nu.federati.net/url/207597 #Spectre related attacks to continue despite software fixes.
    .
    Seen via Matrix
    In conversation Saturday, 23-Feb-2019 16:37:47 EST from nu.federati.net permalink

    Attachments

    1. Google: Software is never going to be able to fix Spectre-type bugs
      from Ars Technica
      Researchers also devise a Spectre-like attack with no known mitigation.
  4. Hex (hexmasteen@chaos.social)'s status on Tuesday, 11-Dec-2018 06:30:56 EST Hex Hex

    Find out how vulnerable your GNU/Linux system is to those fancy modern CPU bugs: /sys/devices/system/cpu/vulnerabilities/ #spectre #meltdown #l1tf

    In conversation Tuesday, 11-Dec-2018 06:30:56 EST from chaos.social permalink
  5. Karl Voit ✅ (publicvoit@mastodon.social)'s status on Wednesday, 14-Nov-2018 01:29:56 EST Karl Voit ✅ Karl Voit ✅

    RT @lavados@twitter.com: We systematically analyzed #Meltdown, #Spectre and #Foreshadow and came across interesting new transient execution attacks: https://arxiv.org/abs/1811.05441
    Great collaboration with @cc0x1f@twitter.com @jovanbulck@twitter.com @misc0110@twitter.com @mlqxyz@twitter.com @dimonoid@twitter.com, Frank Piessens :)

    In conversation Wednesday, 14-Nov-2018 01:29:56 EST from mastodon.social permalink
  6. Atari-Frosch (atarifrosch@social.stopwatchingus-heidelberg.de)'s status on Thursday, 23-Aug-2018 08:20:19 EDT Atari-Frosch Atari-Frosch
    23.08.2018 Golem: Side-Channel-Angriffe: Intel untersagt Benchmarks und härtet nächste Generation – https://www.golem.de/news/side-channel-angriffe-intel-untersagt-benchmarks-und-haertet-naechste-generation-1808-136151.html – hat da etwa jemand Angst vor Transparenz? #spectre (& Co.)
    In conversation Thursday, 23-Aug-2018 08:20:19 EDT from social.stopwatchingus-heidelberg.de permalink

    Attachments

    1. Side-Channel-Angriffe: Intel untersagt Benchmarks und härtet nächste Generation - Golem.de
      Im Kleingedruckten der aktualisierten Lizenz des von Intel verteilten Microcodes gegen Attacken wie L1TF untersagt der Hersteller seinen Partnern, öffentlich zu machen,
  7. Tobias Dausend (throgh@gnusocial.federated-networks.org)'s status on Wednesday, 09-May-2018 12:22:43 EDT Tobias Dausend Tobias Dausend
    Die #Arroganz ist schon überwältigend, die Einem manchmal im Technikumfeld entgegen schlägt. Pro-Linux.de hält einen aktuellen Artikel bereit, der über den Entschluss weiterer Derivate von #Ubuntu berichtet die 32bit-Unterstützung zu kippen.

    Angeblich hätten die meisten Entwickler gar nicht mehr entsprechende Hardware verfügbar und überhaupt sei die Architektur hoffnungslos veraltet. Das sicherlich in Teilen korrekt sein. Dennoch enthält diese Argumentation einen gehörigen Anteil von Arroganz. Was ist beispielsweise mit #Meltdown, #Spectre sowie in Teilen auch #Spectre-NG? Diese Fehler sind immer noch nicht vollständig behoben und daher gültige Sicherheitslücken. Und was ist mit der rein menschlichen Komponente? Man sollte meines Erachtens niemals vergessen woher man kommt und wie die Wegstrecke dazu ausgesehen hat. Oder ist es inzwischen auch probat nahezu überall schnellstmöglich zu "vergessen"? Gibt ja genug "Ressourcen" und daher können wir auch ganz verschwenderisch damit umgehen. Was ist dann mit der umwelttechnischen Komponente? Also jedwede als "alt" markierte Hardware-Komponente auf den Müll werfen? Prima, trägt ja ordentlich dazu bei wieder Andere zu belasten und beispielsweise Elektroschrott an die Küsten Afrikas zu spülen.

    In Summe kann man nur den Kopf dazu schütteln und daher schlicht wie einfach ein #Fuck-Off-Ubuntu sowie ein #Fuck-Off-Canonical. Für die hohe Portion an Ignoranz! #Meinung #Gedanken

    https://gnusocial.federated-networks.org/url/10362
    In conversation Wednesday, 09-May-2018 12:22:43 EDT from gnusocial.federated-networks.org permalink

    Attachments

    1. Ubuntu Mate 18.10 schränkt 32-Bit-Unterstützung ein - Pro-Linux
      from Pro-Linux
      Ubuntu Mate wird bereits ab der kommenden Version keine Abbilder mehr für die i386-Plattform anbieten. Auch Ubuntu Studio und Ubuntu Budgie beenden die Produktion der 32-bittigen Abbilder und wollen...
  8. Tux Machines (tuxmachines@mastodon.technology)'s status on Sunday, 06-May-2018 15:13:55 EDT Tux Machines Tux Machines

    Security: #Spectre Variant One, Spectre-NG, #NTLM and China
    http://www.tuxmachines.org/node/111453

    In conversation Sunday, 06-May-2018 15:13:55 EDT from mastodon.technology permalink
  9. Tux Machines (tuxmachines@mastodon.technology)'s status on Wednesday, 02-May-2018 21:13:00 EDT Tux Machines Tux Machines

    Latest #KaliLinux Ethical Hacking OS Release Adds #Spectre & #Meltdown Mitigations http://www.tuxmachines.org/node/111349

    In conversation Wednesday, 02-May-2018 21:13:00 EDT from mastodon.technology permalink
  10. Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Tuesday, 10-Apr-2018 21:16:18 EDT Mike Gerwitz Mike Gerwitz
    Some #Spectre/#Meltdown Intel microcode update observations:

    At work we have the same hardware for each of the developers (corporate-mandated Windows laptops). We develop in GNU/Linux VMs. We received them when we were purchased back in April by a larger company.

    There's a full compiler stack I wrote for the development of certain systems. It uses Saxon and is therefore really heavy on resources (and syscalls). Lots of inefficiencies. (Don't write your next compiler stack in XSLT. I wouldn't have if I knew it was going to become what it is today.)

    I noticed that newer devs' systems, with identical configurations, were taking more than twice the amount of time to compile the same software using this stack. A coworker and myself spent a bit of time debugging and it was eventually found to be the microcode. Once my coworker updated his Intel microcode and BIOS to include the Spectre and Meltdown mitigations, the virtualization performance was terrible---over 100% performance degredation in this case (~5m for a normal build without mitigations, ~12m after mitigations). That's far worse than any benchmarks I've read. Disabling the microcode mitigations restored performance to previous levels.

    What a mess.
    In conversation Tuesday, 10-Apr-2018 21:16:18 EDT from social.mikegerwitz.com permalink
  11. Tux Machines (tuxmachines@mastodon.technology)'s status on Sunday, 01-Apr-2018 02:05:25 EDT Tux Machines Tux Machines

    Intel's Microcode Update for #Spectre Makes a Comeback in #Ubuntu 's Repositories
    http://www.tuxmachines.org/node/110387

    In conversation Sunday, 01-Apr-2018 02:05:25 EDT from mastodon.technology permalink
  12. Dr. Roy Schestowitz (罗伊) (schestowitz@gnusocial.de)'s status on Saturday, 24-Mar-2018 06:05:28 EDT Dr. Roy Schestowitz (罗伊) Dr. Roy Schestowitz (罗伊)
    A Look At The Relative #Spectre / #Meltdown Mitigation Costs On #Windows vs. #Linux https://www.phoronix.com/scan.php?page=article&item=spectre-melt-os&num=1
    In conversation Saturday, 24-Mar-2018 06:05:28 EDT from gnusocial.de permalink
  13. Dr. Roy Schestowitz (罗伊) (schestowitz@gnusocial.de)'s status on Sunday, 18-Mar-2018 09:48:58 EDT Dr. Roy Schestowitz (罗伊) Dr. Roy Schestowitz (罗伊)
    More #Spectre + #Meltdown Updates Heading Into #Linux 4.16 https://www.phoronix.com/scan.php?page=news_item&px=Linux-4.16-More-Spectre-Stuff
    In conversation Sunday, 18-Mar-2018 09:48:58 EDT from gnusocial.de permalink
  14. deutrino (deutrino@mstdn.io)'s status on Monday, 26-Feb-2018 17:01:46 EST deutrino deutrino

    So evidently disabling a big chunk of the #spectre and/or #meltdown patch in Linux can be accomplished by passing 'pti=off' or 'nopti' to the kernel as a boot parameter.

    Eventually I'm gonna find out if this makes my machine usable again once it hits swap. Because right now it's become absolutely insufferable.

    In conversation Monday, 26-Feb-2018 17:01:46 EST from mstdn.io permalink
  15. Tux Machines (tuxmachines@mastodon.technology)'s status on Saturday, 24-Feb-2018 10:06:29 EST Tux Machines Tux Machines

    #Spectre and #Meltdown Mitigations Now Available for #FreeBSD and #OpenBSD Systems
    http://www.tuxmachines.org/node/109334 #bsd #unix

    In conversation Saturday, 24-Feb-2018 10:06:29 EST from mastodon.technology permalink
  16. Tux Machines (tuxmachines@mastodon.technology)'s status on Saturday, 17-Feb-2018 21:00:16 EST Tux Machines Tux Machines

    #FreeBSD Finally Gets Mitigated For #Spectre & #Meltdown (and Hugs)
    http://www.tuxmachines.org/node/109154 #bsd #unix

    In conversation Saturday, 17-Feb-2018 21:00:16 EST from mastodon.technology permalink
  17. Carol Chen 🐰💜🤘🖖 (cybette@mastoton.fi)'s status on Friday, 16-Feb-2018 09:36:51 EST Carol Chen 🐰💜🤘🖖 Carol Chen 🐰💜🤘🖖

    Audience waiting for the closing keynote at #FOSDEM about #Meltdown, #Spectre, and other hardware attacks.

    Info, slides, and recording: https://fosdem.org/2018/schedule/event/closing_keynote/

    #FOSDEM18 #FOSDEM2018

    https://mastoton.fi/media/5NG8QfhpdKLHf73ZNS4

    In conversation Friday, 16-Feb-2018 09:36:51 EST from mastoton.fi permalink
  18. ToniQ.es (coloco@quitter.es)'s status on Monday, 05-Feb-2018 08:17:57 EST ToniQ.es ToniQ.es
    #Meltdown y #Spectre ya están siendo estudiados para atacar nuestros sistemas http://omicrono.elespanol.com/2018/02/malware-basado-en-meltdown-y-spectre/amp/
    In conversation Monday, 05-Feb-2018 08:17:57 EST from quitter.es permalink
  19. ☠️ Grumpy Oldman (grmpyoldman@quitter.se)'s status on Sunday, 04-Feb-2018 10:57:48 EST ☠️ Grumpy Oldman ☠️ Grumpy Oldman
    #Spectre & #Meltdown: Exploiting modern microarchitectures https://fosdem.org/2018/schedule/event/closing_keynote/ #FOSDEM
    In conversation Sunday, 04-Feb-2018 10:57:48 EST from quitter.se permalink

    Attachments

    1. FOSDEM 2018 - Exploiting modern microarchitectures
  20. Alexander Bochmann (galaxis@mastodon.infra.de)'s status on Saturday, 03-Feb-2018 06:55:51 EST Alexander Bochmann Alexander Bochmann

    Can't find an english language news source for this, but it seems that #Microsoft Defender is flagging files that contain short strings (like "Squeamish Ossifrage" or "malicious_x = %p") from the #Spectre PoC as malware: https://m.heise.de/security/meldung/Microsoft-stuft-das-PoC-Programm-zu-Spectre-als-boesartig-ein-3959995.html

    This is obviously useless for actual threat detection, so are they trying to find people who are playing with the PoC code?

    #infosec

    In conversation Saturday, 03-Feb-2018 06:55:51 EST from mastodon.infra.de permalink
  • Before
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.