https://techcrunch.com/2018/01/03/kernel-panic-what-are-melt…
From Tech Crunch, entitled: Kernel panic! What are Meltdown and Spectre, the bugs affecting nearly every computer and device?
4 Likes
And more, from Business Insider:
Intel now says it has a fix for the Spectre bug that Google found to be unfixable
http://www.businessinsider.com/intel-says-processors-will-be…
1 Like
Thank you for posting this. I heard about it and helps me to understand this crap. I’m always learning something from you. Thanks
Have a successful 2018.
Wayne
1 Like
They’re probably releasing updates to the microcode in the chips, which should show up as a downloadable update to the BIOS.
Many people don’t ever update the BIOS in their computers, so that could leave a lot of computers susceptible.
If some company could come up with hacking protection and indemnify their customers against an attack, identity theft, etc., that could potentially be a very profitable business.
But the current situation is kind of like driving down the highway with always the chance of armed pirates waylaying you, taking your wallet and forcing you to give them your SSN and other details, and police and FBI not doing much about it.
1 Like
I have seen no indication that this is fixable with a BIOS refresh … and it seems like people would be talking about that if it was a possible solution.
On the other hand, it seems that it is unlikely to be a security issue except on shared machines … and possibly only if they are shared with hostile players. It might be exploited by a virus on a single user system, but the root problem there is inadequate virus protection.
1 Like
Wow, EdGray and tamhas, you guys at least seem to understand some of the vocabulary.
Thanks for your comments,
Saul
XKCD’s explanation (well, sort of…)
https://xkcd.com/1938/
3 Likes
Now we see where Intel got its 30% speed advantage over AMD, ryzen from AMD introduced same bug.
Intel now says it has a fix
Intel has been less than forthcoming… and some would say they’ve been parsing their language quite carefully. Coincidentally, Intel’s CEO sold millions of dollars’ worth of Intel stock… actually, all he could under corporate bylaws after Intel learned of Meltdown and Spectre. I’m sure that was just random.
RGB
1 Like
Intel has been less than forthcoming
Yes. The companies have made it a policy to talk very little about security bugs or vulnerabilities in public. Here is Oracle’s statement on this issue…
The reported Intel CPU vulnerabilities are essentially a hardware issue or a design flaw. The workarounds will be provided as a software fix inside the kernels of various X86_64 based OSes (e.g. Oracle Linux).
They have not issued the timeline for the fixes. What I heard is they are doing some regression testing on the fix and should be out in a week or so.