I was hoping to be retired before this happened...... All of AWS EC2 is rebooting today by 4pm UTC AppArmor everywhere: Can't trust the hardware to do it right. Clowns! Buffo!
On Thu, Jan 4, 2018 at 12:19 PM, Michael Fothergill <michael.fotherg...@gmail.com> wrote: > > > On 4 January 2018 at 17:55, The Wanderer <wande...@fastmail.fm> wrote: >> >> On 2018-01-04 at 12:30, Michael Fothergill wrote: >> >> > On 4 January 2018 at 17:22, Curt <cu...@free.fr> wrote: >> > >> >> >> >> https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern- >> >> processor-has-unfixable-security-fladdws/U >> >> >> >> >> >> TL;DR >> >> >> >> Windows, Linux, and macOS have all received security patches that >> >> significantly alter how the operating systems handle virtual memory in >> >> order to protect against a hitherto undisclosed flaw. >> >> ... >> >> In the immediate term, it looks like most systems will shortly have >> >> patches for Meltdown. At least for Linux and Windows, these patches >> >> allow end-users to opt out if they would prefer. The most vulnerable >> >> users are probably cloud service providers; Meltdown and Spectre can >> >> both in principle be used to further attacks against hypervisors, >> >> making it easier for malicious users to break out of their virtual >> >> machines. >> >> ... >> >> For typical desktop users, the risk is arguably less significant. >> >> While >> >> both Meltdown and Spectre can have value in expanding the scope of an >> >> existing flaw, neither one is sufficient on its own to, for example, >> >> break out of a Web browser. >> >> >> >> Apparent moral of story for CPU: don't speculate (but it's >> >> significantly >> >> *slower*). >> > >> > Isn't this mainly an Intel problem? I use AMD chipsets. I would go for >> > Ryzen nowadays anyway. >> >> Meltdown so far is not known to affect anything other than Intel. >> >> Spectre, however, is confirmed to affect AMD CPUs - and Ryzen CPUs are >> specifically stated to be affected. > > > But if the spectre vulnerability is hard exploit in practice and even in > artificial test situations devised e.g. in the world of Linus Torvalds then > AMD could turn out to be relatively cyber-kosher in the end. > > MF > >> >> >> -- >> The Wanderer >> >> The reasonable man adapts himself to the world; the unreasonable one >> persists in trying to adapt the world to himself. Therefore all >> progress depends on the unreasonable man. -- George Bernard Shaw >> >
