[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / r / s / t / u / v / vg / vr / w / wg] [i / ic] [r9k / s4s / vip / qa] [cm / hm / lgbt / y] [3 / aco / adv / an / asp / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / qst / sci / soc / sp / tg / toy / trv / tv / vp / wsg / wsr / x] [Settings] [Search] [Home]
Board
Settings Home
/g/ - Technology


Thread archived.
You cannot reply anymore.



File: Selection_044.png (75 KB, 925x604)
75 KB
75 KB PNG
How fucked is Intel?
>>
MEGA ULTRA FUCKED!!!!!!!!!!!!!!!!!!!!
>>
File: 1557267652585.gif (376 KB, 500x491)
376 KB
376 KB GIF
i7oddlers BTFO!
>>
https://lists.debian.org/debian-security-announce/2019/msg00090.html

> Multiple researchers have discovered vulnerabilities in the way the
> Intel processor designs have implemented speculative forwarding of data
> filled into temporary microarchitectural structures (buffers). This
> flaw could allow an attacker controlling an unprivileged process to
> read sensitive information, including from the kernel and all other
> processes running on the system or cross guest/host boundaries to read
> host memory.
>>
i would really like to see the face of a couple jerk companies asset managers which bought into the "xeon discounts" for their data centers only to have 50% of the performance taken away from them

HAHAHAHAHAHA, I FUCKING TOLD YOU!
>>
Another year, another 5% performance lost to some fatal design flaw bug.
>>
>>70959152
it's like 50% as hyper-threading must be disabled
>>
How the fuck is the company still alive?
>>
File: 1554336135634.gif (2.65 MB, 320x240)
2.65 MB
2.65 MB GIF
>>70958608
Intel absolutely YEETED ON
>>
>>70958608
>buy zion
>twice the price
>twice the power consumption
>half the performance
>1/4 performance per watt
>slash 30% cause spectre and meltdown
>now shave half of what's left cause lol fuck yo threads

those who bought xeon might as well replace them with raspberry pi clusters at this point
>>
>>70959181
>hyper-threading doubles performance
The absolute state of this board
>>
>>70958665
debian still not update the fucking microcode
>>
>>70958608
are intel putting in those flaws on purpose to allow government agencies to spy on random people?

or is it just incompetence?
>>
>>70960399
>hyper-threading doubles performance
for certain tasks. I would assume docker and similar server software will pay a penalty...
>>
>>70960375
>Buy used xeon
>Same performance post spectre and meltdown patches as a Ryzen 2600 for 1/3rd the price
>Hyperthreading increase performance anywhere from 0% to 100% depending upon application
>Average is 20%
>Now have 0.8 of a ryzen 2600 for 0.33 the price
Still a good deal
>>
>>70958608
At this point I'm using Raspberry Pis for mail, file, and web servers. They're slow but work alright for my uses. Just bought a new AMD ThinkPad A series. It's pretty nice. I also use PowerBooks with Debian. I'm torn between a Ryzen and a POWER9 workstation. I have $2500 allocated to either one.

I ditched my Intel laptop and workstation last year because I'm not retarded and knew it wouldn't be over soon.

>>70960442
Probably both. If you want to be safe you should get a SISD (single instruction, single data) processor. They're slow but not unusably so. A Raspberry Pi 3 is fast enough for basic web browsing and office tasks if you install a lightweight Linux or BSD distro and window manager
>>
>>70959181
>30% performance loss for Spectre mitigation’s pushed out so far
>another 40% performance loss for this vuln on top of that
Intel CPUs are running approximately 28% as fast as they were two years ago, this is assuming you are running all the patches and turned off hyperthreading.

Literally more than two thirds performance penalty. Suddenly my Thinkpad X23 looks competitive again.
>>
>>70960484
and the power consumption over the lifespan of the build?
>>
People mocked me when I bought my fx eight years ago, who’s laughing now.
>>
Ok, so there is no clear explanation yet, is this an actual "you are seriously fucked, they can hack you remotely", or it's another exploit that requires physical and admin access to the machine to be performed, which at that point you have way bigger things to worry about than cpu vulnerabilities?
>>
>>70960442
they just want you to buy new chips, that's all
>>
>>70961005
12-30 watts difference?
>>
Feels good being a Threadripper owner.
>>
>>70961207
Just delid + delap and everything will be fine goy
>>
File: 1553476374773.png (8 KB, 140x135)
8 KB
8 KB PNG
>>70961207
it's another speculative computing exploit. If they can see your kernel space, they can get whatever is in there. The fix wipes the buffer whenever its done with the data, with a penalty of 3-9% based on model, according to techcrunch. Yep, that's on top of your Spectre/Meltdown penalty.

I wish people actually knew how to read here.
>>
>>70961318
That doesn't answer the question you fucking retard
>>
>>70961227
The new chips has the same issues plus all the non-disclosed issues.
>>
>>70958608
>tfw still on kernel 4.19
literally 30 years behind
thx AMD
>>
>>70961318
forgot to include that hyper-threading buffer data is also up for grabs and is recommended to be disabled in coordination with the fix. Enjoy losing your extra threads.
>>70961338
of course, but you need a payload to do that for you and send it back. it's like you can't think for your self, damn.
>>
>>70958608
> i can screencap but can't post links
POST THE LINK, YOU FAT USELESS CUNT.
>>
>>70958630
that's not how it works, iTODDLER.
>>
>>70960562
that's not how percentages work ya fuck
>>
>>70961348
then who'll buy their newer botnet with fresh vulnerabilities?
>>
>>70961433
They are cumulative dumbshit.
>>
>>70960562
cringe and bluepilled
>>
File: cpu_merchant.png (580 KB, 1133x649)
580 KB
580 KB PNG
To ThreadRipper(tm)
>>
>>70961351
Just update your kernel??
https://kernel.ubuntu.com/~kernel-ppa/mainline/v5.1.2/
>>
>>70959181
Up to 40% according to Apple
https://support.apple.com/en-us/HT210108
>>
>>70961491
>>
>>70961516
Wow, “only” 40%, that’s a whole lot better than 50%. I guess Intel in the datacenter still makes a lot of sense, what with “only” a 40% slowdown.
>>
>>70961516
I really don't want to be the devil's advocate, but apple is moving to their own inhouse cpu's, I'd expect them to say that and give their customerbase the impression they must switch.
>>
>>70960484
>used xeon
>same performance as a 2600
>implying
have fun with your dud, lmao
>>
File: 1420357652751.gif (72 KB, 287x344)
72 KB
72 KB GIF
>>70958630
Nice one
>>
>>70961603
Intel Pajeet detected, the performance gains from utilizing hyperthreading are well studied and “about 40%” is accurate.

You should be ashamed of yourself.
>>
>>70961502
oy vey
>>
File: master suicide list.jpg (361 KB, 2000x1700)
361 KB
361 KB JPG
GET

FUCKED

INTEL
>>
>>70961679
>Anyone who disagrees with me is a shill
555-COMEON-NOW
>>
>>70961726
AMDrones anally raped by Intel for decades. 2019: nothing has changed.
>>
>>70961679
see:
>>70961793
>>
>>70961793
SEETHING
>>
Other threads have said this actually affects processors all the way to Cord Duo (2009) but Intel is gonna get away with ignoring the rest.
>>
File: debiru.png (61 KB, 224x314)
61 KB
61 KB PNG
>>70958630
Got a giggle out of me.
>>
>>70961813
> he doesn't know amd have to pay intel royalties
AMDrones: anally raped for decades.
>>
>>70961836
Intel is using AMD64, Intel has to pay AMD royalties.
>>
>>70958608
>tfw the only intel cpu I own is in a thinkpad from 2006
Feels good.
By the way, does anybody know how this patch behaves on unaffected CPUs? I certainly hope I won't get a performance penalty on AMD, just because intel was greedy.
>>
https://www.guru3d.com/news-story/new-ridl-vulnerability-hits-intel-advises-disabling-hyper-threading-below-8th9th-gen-cpus.html

>To be able to exploit the vulnerability, no more is needed than hiding a few lines of malicious code on for example a website. A visitor that opens this site open, it will leak information.
BTFO
T
F
O
>>
>>70961252
Holy fuck, you are delusional.
>>
>>70958630
baste and hyperthreaded
>>
>>70958630
Based
>>
>>70960399
>50 percent is double

The state of your basic fucking math retard.
>>
>>70961726
Based Jim. Fucking Lugenpresse
>>
File: welp.gif (1.58 MB, 320x240)
1.58 MB
1.58 MB GIF
>>70961726

I'd suck Jim's tiny Scottish sausage.
>>
File: 1554825268984.png (218 KB, 576x432)
218 KB
218 KB PNG
>Intel will continue raking in money because of their pseudo-monopoly on chipsets
>>
>>70962029
It is when you decrease by it. It's a third when add it. And you(?) decreased by it, meaning going from the remaining 50% back to 100% (by enabling ht) would be doubling the performance. Mathlet.
>>
File: mdstool.png (18 KB, 632x755)
18 KB
18 KB PNG
Post your processor vulns

https://www.ghacks.net/2019/05/15/mds-tool-find-out-if-you-are-vulnerable-to-microarchitectural-data-sampling-attacks-mds/
>>
>>70958630
Ahem, "i5".
>>
>>70961836
amd doesn't pay intel royalties since at least 2003 retard
>>
File: thanks intel.png (132 KB, 837x956)
132 KB
132 KB PNG
>>70962101
this is pre-kernel update
rebooting now brb
>>
File: thanks again intel.png (132 KB, 846x968)
132 KB
132 KB PNG
>>70962196
feeling much safer already
>>
File: JUST.png (61 KB, 640x1012)
61 KB
61 KB PNG
>>70962101
>>
>>70962029
you can't be this fucking stupid
>>
nooooo bros delete this the goyim at the university were supposed to keep quiet
>>
>non-free DBA
>>
>>70958608
bad news for the 5 people who can afford intel quality processors and a good OS, yet still choses to use linux.
>>
So this is where the tech industry is at.
Years spent building up a false sense of security and performance, with trash firmware on top of trash hardware, along with rising performance cost of running simple programs and websites.
now the quick fixes implemented years ago are catching up to INCEL processors and things will be slower than theyve ever been.
imagine if people actually started caring about optimization again because of this.
I doubt it, though.
>>
File: 1557693500969.png (135 KB, 483x442)
135 KB
135 KB PNG
>>70962029
oh no anon
>>
>>70962873
>bad news for the 5 people who can afford intel quality processors and a good OS
fucking idiot, those vulnerabilities are on every OS.
>>
>>70961884
You should be able to just add a kernel parameter to disable the patch if it behaves negatively on unaffected CPUs.

>>70958630
Heh
>>
>>70963008
if you dont think 99% of this shit is just a bubble predicated on marking trends and funneling capital into 'tech startups' even though those tech startups are almost entirely predatory venture capitalists trying to make a quick buck
>>
>>70958630
BASED
>>
>>70961305
Don't forget the chiller!
>>
>>70961504
Some people are Just retarded
>>
>>70961896
YOU CAN GET HACKED JUST BY VISITING A SITE

FUCKING JAVASCRIPT
>>
>>70962101
>>70962196
>>70962257
>>70962274
It's like a list of STDs
>>
File: 1557886015484.png (85 KB, 1316x1634)
85 KB
85 KB PNG
Why can't Intel stop being pozzed
>>
>>70963459
WHAT IS THIS ? What is effecting storage speeds!?
>>
>>70963480
syscall overhead is my guess
>>
better: How fucked is Linux?
>>
>>70961502
Fucking kikes
>>
>>70960423
Debian doesn't upgrade the microcode all they do is upload Intel's patches to their repos.
>>
File: 1557889101999.png (543 KB, 1414x657)
543 KB
543 KB PNG
>Apparently Intel attempted to play down the issue by trying to award the researchers with the 40,000 dollar tier reward and a separate 80,000 dollar reward as a "gift" (which the researchers kindly denied) instead of the maximum 100,000 reward for finding a critical vulnerability.
>Intel was also planning to wait for at least another 6 months before bringing this to light if it wasn't for the researchers threatening to release the details in May.
https://www.nrc.nl/nieuws/2019/05/14/hackers-mikken-op-het-intel-hart-a3960208
>>
>>70959181
>hyper-threading must be disabled
So my first gen i7 without hyperthreading will now perform like a modern i5 now? Nice.
>>
>>70963719
>NO GOYIM WAIT FOR THE NEXT GENERATION OF CHIPS

AHAHAHHAA
>>
File: swiss_cheese.jpg (178 KB, 757x589)
178 KB
178 KB JPG
>>70963719
>400000 dollaridoos for finding a hole in the architecture equivalent of pic related
Based. I want that job.
>>
>>70963858
40k is nothing, its probably split between an entire team.
>>
>>70963008
Wonder why the processors that Jim Keller has worked on don't suffer from these flaws? Does he know something?
>>
>>70963765
*modern i3
>>
>>70963931
I'll take it.
>>
>>70958608
>WTF I AM PANIC
so just setup a rasp pi or alternate desktop as a network connection pass through/filter and then no one can access your exploited intel.
>>
>>70963912
AMD have a different kind of development philosophy which probably helps, then there's dumb luck.
PS. Please stop the Keller worship, he's good but is/was just a part of a team.
>>
>>70963912
It seems AMD's engineers were more cautious and baked mitigations into the underlying hardware to avoid problems like this to begin with. Adding to that AMD didn't even support a full implementation of SMT until Ryzen. Bulldozer was a partial implementation and I don't think it was affected to the same extent.
>>
File: 1556152019676.jpg (771 KB, 970x545)
771 KB
771 KB JPG
I'm so sick of fucking restarting my computer for fixes because of your latest fuck up Jewtel! Get your shit together!
>>
>>70963890
The team who discovered ZombieLoad has 4 members. That's still 10 grand each, not bad.
>>
>>70964470
Fucking chump change. They can stream on twitch for like a week and get that return easily. Just by virtue of media attention.
>>
>>70964609
If Intel offered much more than that for every vulnerability found, they'd be taken to the cleaners.
>>
>>70964626
>Multi-Billion dollar company can’t afford to give at least a million in hush money per researcher per exploit.

That would be no more than what 500 million at this point? It's jews being jews. Thats it.
>>
WHAT DOES IT MEAN FOR MY OVH KVM VPS I am on kernel 3.16.0-6-amd64
>>
>>70962274
>>70962257
>>70962196
>>70962101
does not work here. MDS Tool
crashing during start. Have x5470
>>
>>70958608
What does this mean for the i7 6950X?
Oh fuck please no
>>
>>70961338
>calls others retards
>can’t even answer the question
Not based.
>>
>>70961726
unless that money directly goes to AMD's bank account it literally doesn't matter
>>
>>70958630
x86-based
>>
>>70964380
Based bulldozer was cmt, which scales pretty damn good desu.
>>
>>70964654
Nothing overall. Keep installing security upgrades for the kernel, and upgrade to stretch before it runs out of support next year.
>>
>>70961726
?
>>
>>70958608
Glad debian stable gets buster now so that it will have an older kernel even in 4 years. Nice. I guess I am gonna stay like this for the next 7 years. Fuck the haters, I enjoy my holes.
>>
why is arch still on 5.0
>>
>>70961836
he doesn't know intel has to pay amd royalties

nu/g/ can't even isa x64
>>
>>70965136
It gets backported you dumb incel
>>
>>70958608
Linux 5's out already? What the hell they just started 4. Give it a few years and they'll be caught up to Chrome's retarded version numbering.
>>
>>70965160
Can't get on my machine without any updates. My win7 install is from 2012 and never got any updates. Comfy shit without telemetry and a browser without javascript, flash or anything else.
>>
Is a core 2 duo old enough not to be affected by this?
>>
>>70964016
That's not how speculative execution works you stupid nigger.
>>
>>70964016
Or just use a browser without scripts.
>>
>>70965202
They jumped to 5.0 because they reached some number of commits on Github if I remember right.
>>
What does this mean to my 4.9.0-9-amd64 ?
>>
how is this even possible anons?
people sperg out screeching, flailing limbs, fiercely defending intel against anything, very concerning and damnable things, latching onto any piece of info that brings them a tiny bit of solace while cryying out that it isn't that bad, just to spite the 4 anons who would be same for the amd's side?

how the fuck can you live that?
what's the maximum amount of shit a fanboy can take from their fav tech company? (there's no maximum apparently, it's fucking infinite)
>>
>>70958630
You cheeky bastard
>>
File: file.png (82 KB, 508x737)
82 KB
82 KB PNG
Lol, my cpu looks like a swiss-cheese.
Thanks Intel!
>>
File: 1316647238711.gif (2 MB, 250x158)
2 MB
2 MB GIF
>mfw currently on a core 2 quad from 2008
>mfw thought of upgrading to 9900k just a month ago but decided to wait for ryzen 3000
>>
So this shit only affects you if you have hyper threading right?
>>
>>70965352
AND no patch.
>>
>>70965149
>>x86_64 Core linux 5.1.2.arch1-1
get better mirrors
>>
>>70965378
Were the fuck do i find the patch then?
>>
>>70965403
install arch
>>
>>70965403
hussle.
i'm not you're bitch and I have a ryzen.
>>
>While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs. These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys.
https://zombieloadattack.com/

I don't understand this reasoning. If a malicious program has already made it into my computer, somehow doesn't it already have access to all this, no matter if there is a security hole? What's preventing any program from reading from the filesystem or the ram?
>>
>>70965423
I am thinking the same way and I always loved the idea to be able to do this. I tried in the past with various hooks to read text from other programs but never got to do it and never understand the security risks. A program like tinytask combined with the functionality to read from clipboard always got me around.
>>
>>70965423
user privileges
if you run your malicious program as root, you're fucked. If you run it as normal user in a reasonably configured system, you're supposed to have a chance to keep your secrets.
>>
>>70964953
kek
>>
>>70965466
My whole GUI runs as root because I hate typing my password in.
>>
>>70965423
The biggest problem are virtual machines actually.
>>
>>70961504
my multihead setup doesn't work with newer kernels.
>>
>>70965386
wtf? i tried many different mirrors but only get 5.0.12
whats your top mirror?
>>
>>70965324
is this a list of STDs?
>>
>>70961073
>fx
Everyone is still laughing
>>
https://marc.info/?l=openbsd-misc&m=118296441702631
Never 4get
>>
openBSD and Theo are ALWAYS right. They disabled hyper threading months ago and everyone said it was autism. I’m going to have to make a separate thread on all the times they were right.
>>
>>70965570
Yeah, my CPU is a fucking slut.
>>
>>70965477
>hate typing my password in
does not require
>GUI runs as root
fix your system
>>
>>70965520
https://ftp.halifax.rwth-aachen.de/archlinux/$repo/os/$arch

afterwards, use reflector to generate better mirrorlists whenever you miss something
>>
>>70962101
why am I so vulnerable even though I patched :c
>>
>>70965666
>fix your system
Yeah I had to fix quite a few lines to be able to login into gnome as root but it works.
>>
>>70965863
I still don't understand why you think you need to run gnome as root to skip specific password checks.
>>
>>70965826
Because Intel is a retarded piece of shit of a company with infected architecture.
>>
File: Capture.png (68 KB, 628x975)
68 KB
68 KB PNG
>>70962101
BASED AMD
>>
>>70966075
I'm fucked aren't I
>>
File: 1550007178633.jpg (346 KB, 794x955)
346 KB
346 KB JPG
so what will VPS providers do?
start offering a separate service for those with "sensitive data in memory" and charge a premium for it, everybody else is lumped onto their old unmitigated hardware?
(I apologize for giving them ideas)
>>
>>70960499
>A Raspberry Pi 3 is fast enough for basic web browsing and office tasks if you install a lightweight Linux or BSD distro and window manager

What about programming?
>>
>>70966075
Clean and beautiful.
>>
>>70958608
>does not affect AMD and ARM chips
kek
>>
>>70966131
So much red...
>>
>>70966211
Feels good to be on Ryzen
>>
File: 1537498548583.gif (992 KB, 250x250)
992 KB
992 KB GIF
>>70958630
>>70964953
>>
>>70966131
what app is that? i want to check myself ;_;
>>
>>70966644
https://mdsattacks.com/
>>
>>70966211
Kikes on suicide watch
>>
File: Capture.jpg (86 KB, 644x1066)
86 KB
86 KB JPG
>>70966662
Oh fuck, im fucked. Gigabyte won't release any new bios for my mobo...
>>
File: 1557878302964.jpg (214 KB, 960x847)
214 KB
214 KB JPG
:(
>>
>>70962101
how the fuck do i downlkoad
>>
>>70966178
Cloud providers already offer premium plans to customers who process sensitive data, and run them on separate hardware. These vulnerabilities enable cross-VM attacks only if the attacker and victim are running on the same physical core.
>>
>>70966688
Microsoft will likely release a patch and intel will release a microcode update, I wouldn't worry too much.

The issue isn't the vulnerability (although that is AN issue), it's the eventual performance hit once the patches are released.
>>
File: Capture.png (33 KB, 486x927)
33 KB
33 KB PNG
>>70966705
Try reading whats in the link.
>>
>>70958608
>more issues
God, fuck intel. Bunch of jew retards. I'm not giving up on my thinkpad though
>>
FX 8350 TRADES BLOWS WITH 3570K AHAHAHAHAHAHAHAHAAHAHAHAHAHAHAHAHAHAAHAHAHAHAHAHAHAHAHAAH

https://www.youtube.com/watch?v=IEwwX7VEhDk
>>
File: nhel.png (108 KB, 994x1020)
108 KB
108 KB PNG
>>70962101
THANK YOU, BASED INTEL!
>>
>>70967194
O O F
>>
>>70961318
are you diagnosed with autism?
>>
File: IMG_20190515_133158.jpg (1.14 MB, 3120x2945)
1.14 MB
1.14 MB JPG
When the fuck are the new ryzens coming out I am fucking done with Intel and Nvidia
>>
File: mdstoolwin7.jpg (67 KB, 428x961)
67 KB
67 KB JPG
huh
>>
>>70964626
They spent $450 million on hiring black people without STEM degrees to stand around just 3-4 years ago, just because Obama told them to.
>>
>>70965916
Being root allows me to edit any file all over the system whenever I want by just using nautilus. Any terminal instantly opens as root without a password. Any program can write anywhere it wants. It's like in windows when having the UA deactivated. I never had problems with this setup in the last 10 years.
>>
>>70967241
It's official: only autists can read
>>
>>70961207
>it's another exploit that requires physical and admin access to the machine to be performed
it is exactly this. There is currently nothing that shows how a simple javascript website can read whats going on in another window. As long as this isn't the case I am not going to do anything.
>>
i'm about to noibrs noibpb nopti nospectre_v2 nospectre_v1 l1tf=off nospec_store_bypass_disable no_stf_barrier mds=off mitigations=off on all these hoes I don't even care
>>
>>70967371
what is a person without deep knowledge of modern kernel architectures supposed to infer from the phrases "speculative computing exploit", "kernel space", "hyper-threading buffer data", the guy asked him a simple question and instead of answering directly he decided to sperg out
>>
>>70967407
You only need mitigations=off mds=off

mitigations=off encompasses everything except mds
>>
File: file.png (69 KB, 629x969)
69 KB
69 KB PNG
>>70962101
>cleanest intelfag ITT
Surely I'm getting false negatives right?
>>
>>70958608
"All users *must* do _____" beats the whole point of using Linux
>>
>>70966178
Realistically they will just switch to EPYC and Threadripper.
>>
>>70967540
and offer those to premium users?
what will they do about their current hardware?
throw it out?
>>
>>70958630
dare I say BASED
>>
>>70967570
Well yeah. If your hoster is worth a damn they regularly upgrade their hardware. This one will just be another gradual update with the old hardware either thrown out or rented at a discounted till they are also gone.
I for one wouldn't take the risk or another 40% performance impact. At that point AMD is literally your only choice if you aren't clinically brain dead.
>>
>>70966179
Programming can be considered a basic office task. Most text editors (not IDEs) do less than the average word processor. All the standard GNU dev tools and compilers you're able to run on Debian normally will run just fine on ARM. If you want an ARM v8 64-bit environment to work in, try Devuan's Raspberry Pi 3 build. It's quite nice.
>>
>>70958630
based
>>
>>70967407
>>70967479
based
>>
>>70961489
Wouldn't it be 42% instead of 28% ?
>>
>>70962144
i7oddler5 BTFO!?
>>
File: vulns.png (116 KB, 725x1007)
116 KB
116 KB PNG
>>70962101
>>
Outside of the security fearmongering:
Was Spectre, meltdown and this vulnerabilities really that bad in the wild?
>>
>>70958630
>>70964953
Nice one
>>
>>70967841
no
>>
>>70967902
So whats the deal anyways?
I heard that you can implement then in javascript, but also, you had to exploit a javascript bug in first place
>>
>>70966705

For the love of god i cant find a download link on that fucking page
>>
>>70967841
>Was Spectre, meltdown and this vulnerabilities really that bad in the wild?
They were patched so that they couldn't be exploited, with a painful performance cost.
>>
>>70958608
wew im fine!

https://en.wikipedia.org/wiki/List_of_Intel_Core_i3_microprocessors
>>
>>70967987
But ironically no one could exploit them because the vulnerability was too specific
>>
They’re doing this shit on purpose. Intel is compromised. Only way forward is power9.
>>
>>70968011
>intel
You were never fine.
>>
>>70968116
I can actually see this as a way for Intel to bail out of CPU sector, or just becoming the Nokia of smartphones
>>
>>70968095
Bullshit, if it was then they would never have patched it given the steep performance penalty.
>>
>>70968162
>step performance penalty
How much it was anyways?
>>
>>70962101
app crashes when i try to open it o well
>>
>>70958630
The fuck, I hated Satania in her series but love her now
>>
>>70961504
>ppa
No thanks
>>
>>70962029
You are one stupid motherfucker.
>>
File: comfy Kat.jpg (127 KB, 1200x1187)
127 KB
127 KB JPG
>>70962101
I gotchuu familia
$ lscpu | grep "Model name"
Model name: AMD Ryzen 7 2700X Eight-Core Processor
>>
Fallout
Zombieland
RIDL, microarchitectural load port data sampling (MLPDS)
RIDL, microarchitectural data sampling uncacheable memory (MDSUM)

CVE-2018-12126
CVE-2018-12130
CVE-2018-12127
CVE-2019-11091
https://blogs.oracle.com/security/intelmds
>>
>>70958608
>check tonkpad
>P8400
>Launch date: Q3, 2008
safe.
>>
>>70968277
bad goy
>>
File: JUST.png (40 KB, 1064x988)
40 KB
40 KB PNG
>>70962101
First and last time buying israeli
>>
>>70968179
https://www.phoronix.com/scan.php?page=article&item=spec-melt-8way&num=2
>>
File: 3.png (24 KB, 112x112)
24 KB
24 KB PNG
>>70958608
>>
>>70968409
I can't blame you, I almost bought a 5820k because it was mad value back then. Consider Threadripper if you need more lanes desu, I'm looking selling a 1700 for cheap and going all in on a 3950x if they don't skip TR this time around.
>>
>>70965403
https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.1.2.tar.xz
>>
Hypothetically if I was a richfag with multiple PCs, I could just build with Intel and open up all these holes for dat speed but just do banking on my 2008 AMD laptop, yeah?
>>
>>70961726
>apozzed tv
yikes
>>
Adding poo to words isn't creative or amusing, you sound more mentally challenged than a literal child.
>>
>>70968162
according to most of the pictures in this thread, nobody patched anything.
The anon you are refering is right though. There hasn't been any case known where this was used and oh boy, there are millions of unpatched windowx XP, 7, and linux boxes online.
>>
File: 1548826231971.png (32 KB, 513x971)
32 KB
32 KB PNG
>>70962101
>tfw vulnerable
>>
>>70968573
If you want to get all your passwords stolen, sure.
>>
>>70969003
Why not wait for Zen3/4 going tall? Having a bunch of DRAM so close is going to be a huge increase in performance.
>>
>>70969042
how will they dissipate all that heat?
>>
>>70958630
Fucking kek. Congrats on the (you)s.
>>
File: oh no no.png (36 KB, 648x981)
36 KB
36 KB PNG
>>70962101
>>
>>70964747
>crashing during start
My Avast kept trashing it so check your virus chest if you're a casual like me and use an AV, probably first time it bloody registered anything since I installed it too.
>>
File: 0e6.jpg (35 KB, 412x441)
35 KB
35 KB JPG
>>70958630
>>70964953
We're filled with comedians today, it seems
>>
>>70969070
Maybe the ram shit isn't affected by heat that much
>>
>>70968613
>there are millions of unpatched windowx XP, 7, and linux boxes online.
LOL! Do you seriously think someone running unpatched windows XP, 7 and Linux boxes online would have the technical know-how to determine that they have been hacked ?

And if they are unpatched there are likely easier exploits than Intel cpu bugs.
>>
>>70969042
So we're going to fully integrate the RAM into the CPU? That's really neat.
>>
OpenBSD doesn't have this problem because they disabled Intel SMT since 6.4

I still remember some of you spergs laughing about that

SECURE BY DEFAULT
>>
File: 011.jpg (11 KB, 270x287)
11 KB
11 KB JPG
>>70958630

Based
>>
>>70969042
>>70969294
So DRAM, NVRAM AND GPU INTO THE CPU?

How? Heat management, hello?
>>
>>70961318
>tripfag has literal autism
woah......
>>
>>70969070
>>70969329
I don't have the slightest idea, but Intel is definitely going the same way before going chiplets. Maybe looking at some patents will give you an idea, I hear most of this stuff is already resolved.
>>
>>70969314
meow?
>>
>>70965423
filesystem, yes. ram, not really.
>>
>>70967483
>6600k
Hope not, that's the most recent Intel product I own and its nice to know its relatively unpozzed
>>
>>70962101
>>
>>70959181
Hyperthreading is already turned off on scientific systems :)
>>
>>70960442
They’re unavoidable. These speculation-related bugs will continue to pop up and there is nothing we can do as so much processor performance depends on speculative execution now.


>>70960499
>>70961227

https://arxiv.org/abs/1902.05178
“Spectre is here to stay: An analysis of side-channels and speculative execution”
>>
>>70965483
>tfw 5 monitors
I'm using Linux-5.1.2 right now and it works just fine.
>>
>>70969834
>“Spectre is here to stay: An analysis of side-channels and speculative execution”
:(
>>
File: Capture.png (74 KB, 655x995)
74 KB
74 KB PNG
Fuck yeah
>>
The Linux people are always fixing I tell problems in the kernel but does Microsoft do anything about it? I guess this affects any OS running on Intel, right?
>>
>>70970299
based phenom
>>
>>70958630
I love this meme and how it's used only in the most appropriate possible of postings and not spammed like /pol/, /v/, or /tv/ memes
>>
>>70960499
>A Raspberry Pi 3 is fast enough for basic web browsing
if you use a text only browser maybe
>>
I think Intel will stay pozzed forever, it's game over.
>>
>>70967205
What
>>
>>70958630
Paste and delided.
>>
>>70958630
INTODDLERS BTFO
>>
>>70964953
>>70958630
These are both terrible.
>>
>>70959152
Still ahead of you pajeet.
>>
aren't companies still buying intel cpus? apparently no one cares.
>>
>>70970974
No, only indians.
>>
File: 2019-05-15_20-46.png (97 KB, 778x978)
97 KB
97 KB PNG
>>70962101
wtf amdbros i thought i was safe???????????
>>
>>70971031
Slightly better than intel
>>
>>70971065
Why am I so vulnerable compared to some other amd people here? Is it my os? bios? unlucky bulldozer cpu? I don't know what most of those vulnerabilities are.
>>
>>70958608
Very, bring Linus back too.

Let's make a new kernel actually cos why the fuck not.
>>
File: mds.jpg (773 KB, 3840x2086)
773 KB
773 KB JPG
>>70962101

Good to know I've been making the right choice for sticking with AMD over the years. There are vulnerable Intel CPUs going all the way back to 2007 apparently
>>
>>70971869
I don't think that's Linux fault tho...
>>
>>70960562
>turned off hyperthreading.
why in gods name would I ever do such a thing?
I specifically paid extra to have hyperthreading.
>>
>>70962101
>ryzen is safe!
lol
>>
This a jewish trick, right? My Xeon station is behind a router and allows only signed ssh connections. Fuck your edge case 'hacker' scenarios.
>>
>>70973213
lol. 9700k ftw
>>
>>70973373
It's a risk if you run untrusted code.
If you don't, then you shouldn't really care. But for VPS providers, cloud services, etc (IE the big boys) their entire business model is running untrusted code.
>>
>>70973360
The tool is designed for Intel processors only.
>>
>>70973559
>their entire business model is running untrusted code
Anyone really gives a fuck?
Are they not insured?
If one cretin decides to somehow hack a fucking VM in a node somewhere, nuke him and move on. Who in their right mind will play with hacking virtual machines running ubuntu somewhere? This is all bullshit. If Jews decide to hack some machine I assure you they will use something better than a "newly discovered" public exploit.
>>
>>70973599
Their customers care about not having their system's data breached, idiot. Insurance doesn't cover customers leaving and going to another provider because you won't install a patch that protects their data from Putin
>>
>tfw bought a Xeon 2 weeks ago
THIS CAN'T BE HAPPENING
I'M IN CHARGE HERE
>>
>must
that's not very free as in freedom of you
>>
File: mdskeks.png (33 KB, 695x1008)
33 KB
33 KB PNG
l e g e n d a r y
>>
So we all go to amd?
>>
>>70973859
never left
>>
>>70969329
go read amds patents. they are pretty interesting.
>>
>>70958630
based and redpilled
>>
>>70973920
Witch cpu
>>70973951
I will look it, thx
>>
>>70958608
RIP my i5 750
Well it's not like I'm ever going to get a mitigation in illumos anyway, considering how long it took to get one for meltdown. The ONE GUY who writes kernel patches is gonna have a mental breakdown soon.
>>
>>70958630
gotem
>>
>>70974376
Your CPU doesn't even have hyperthreading.
>>
>>70974404
I know, that saves me from the worst of the exploit, but disabling hyperthreading alone doesn't fix it entirely. It'll just take longer to get usable data.
>>
>>70963717
you mean kernel firmware? that's what fedora does to patch microcode
>>
>>70960562
you have to be so dumb to think this is true
>>
>>70965296
it means you will get 4.9.0-10-amd64 earlier!
>>
>>70961516
This is a worst case from just disabling hyperthreading. Go look up benchmarks with and without hyperthreading, in the average case the difference is small, it didn't magically become more important because the disabling is a result of security fears. Also, with security fixes its possible to have hyperthreading on, the paranoid advice is to outright disable hyperthreading until kernel fixes/microcode updates address this, which will reduce performance much less
>>
>>70973560
And the tool is so good that it can detect vulnerabilities on other processors too? amazing, good job intel!
>>
>>70958608
Hyperthreadless 2500K has nothing to worry about right?
>>
>>70961489
>>70960562
that's not how it works dumbshit.
reduced by 30% and then by 40% would be multiplying the initial by 0.7 (-30%) and 0.6 (-40%), giving you 0.42 the initial amount, 42%. Still intel is fucking dead
>>
>>70974579
Store/fill buffers, and load ports are still needed to be rewritten when core switches between processes (at least untrusted ones), so yeah. Update is still recommended.
HT is just harder to mitigate due to required changes to OS scheduler (and I got no idea if it's implemented yet or not), but it's much harder to exploit too.
>>
>>70962101
>>70962274
>>70966075
>>70967483
>>70968409
>>70972974
>>70973360
If you are running windows you have bigger troubles to care about than some CPU vulnerability.
>>
>>70967334
You can do all of this by correctly setting up sudo and graphical sudo AND avoid giving root to random new applications. You say you had no problems, but in your setup, if you had some, you wouldn't notice.
>>
>>70958608
>2019
>still using intel

It's like you brainlets were wanting this to happen
>>
>tfw still using old i5 750 from 2009
>>
>>70965826
It's too late anon, hackers are raping your info as we speak.
>>
> bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds
INTEL!!!!
>>
>>70958608
One must wonder if they're "fixing" these backdoors because the Chinese found them.
>>
>>70974898
welcome to the swiss cheese security hole club
>>
>>70974898
Hey, I'm (>>70974376) not the only one.
>>
>>70971241
>I don't know what most of those vulnerabilities are.
Probably why you are on /g/ right now.
>>
File: amd fear mongering.png (172 KB, 1234x1023)
172 KB
172 KB PNG
>vulnerable since dozens months
>never patched anything
>still secure

Can the AMD faggots stop spewing bullshit? Who cares about those cpu bugs, it's literally unexploitable.
>>
Fuck yeah. So my non-hyperthreading i5-6300hq is a goddamn monster now.
>>
>>70975180
>run malware JS on browser on X.org
>exploit can read memory of all other programs running on X.org session
>>
>>70975311
>X.org
I'm running Windows you dumb ass.
>>
>>70973627
IT'S NOT FAIR
>>
File: 1557878082802.jpg (66 KB, 605x328)
66 KB
66 KB JPG
>>70974881
>>
>>70968573

Let's say you do gaming. So you need steam. Your steam acct. is worth potentially thousands, and you HAVE to log in. Thus you need passwords, and security in general.
>>
>>70968613

And those exact unpatched boxes are part of the glorious collective of botnets nowadays (hey anon why is my computer so slow all the time ? me: shudder)
>>
>>70975367

If you somehow think that matters than good luck
>>
>>70964626
If Intel didn't pay much for vulnerabilities, they'd sell the information to someone else instead.



Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.