hate these ads?, log in or register to hide them
Page 14 of 34 FirstFirst ... 41112131415161724 ... LastLast
Results 261 to 280 of 674

Thread: Antivirus is shit, everything is compromised, etc etc (Cybersecurity thread)

  1. #261
    Donor Aea's Avatar
    Join Date
    April 13, 2011
    Location
    Colorado
    Posts
    14,392
    Probably not. But spending on the other hand...


  2. #262
    Donor Sparq's Avatar
    Join Date
    April 11, 2011
    Location
    Strayastan
    Posts
    9,468
    Quote Originally Posted by Daneel Trevize View Post
    2nd being an apparently early ending of the embargo over Meltdown and Spectre. https://meltdownattack.com/
    USCERT says pull your chips, kids.



    also,

    Quote Originally Posted by Daneel Trevize View Post
    And fuck Intel trying to keep painting AMD with all these vulns too. Especially that CEO, on TV, after recently selling down to his minimum required shares.
    "Intel was aware of the chip vulnerability when its CEO sold off $24 million in company stock"

    • Intel CEO Brian Krzanich sold off $US24 million worth of stock and options in the company in late November.
    • The stock sale came after Intel was informed by Google of a significant vulnerability in its chips – a flaw that only became public this week.
    • Intel says the stock sale was unrelated to the vulnerability, but came as part of a planned divestiture program. But Krzanich put that stock sale plan in place in October – several months after Intel was informed of the vulnerability.
    Last edited by Sparq; January 4 2018 at 05:57:45 AM.

  3. #263
    Ashaz's Avatar
    Join Date
    April 29, 2011
    Posts
    3,558

  4. #264
    Movember 2011Movember 2012 Nordstern's Avatar
    Join Date
    April 10, 2011
    Posts
    9,384
    https://lkml.org/lkml/2018/1/3/797

    oh my

    From Linus Torvalds <>
    Date Wed, 3 Jan 2018 15:51:35 -0800
    Subject Re: Avoid speculative indirect calls in kernel


    On Wed, Jan 3, 2018 at 3:09 PM, Andi Kleen <andi@firstfloor.org> wrote:
    > This is a fix for Variant 2 in
    > https://googleprojectzero.blogspot.c...with-side.html
    >
    > Any speculative indirect calls in the kernel can be tricked
    > to execute any kernel code, which may allow side channel
    > attacks that can leak arbitrary kernel data.

    Why is this all done without any configuration options?

    A *competent* CPU engineer would fix this by making sure speculation
    doesn't happen across protection domains. Maybe even a L1 I$ that is
    keyed by CPL.

    I think somebody inside of Intel needs to really take a long hard look
    at their CPU's, and actually admit that they have issues instead of
    writing PR blurbs that say that everything works as designed.

    .. and that really means that all these mitigation patches should be
    written with "not all CPU's are crap" in mind.

    Or is Intel basically saying "we are committed to selling you shit
    forever and ever, and never fixing anything"?

    Because if that's the case, maybe we should start looking towards the
    ARM64 people more.

    Please talk to management. Because I really see exactly two possibibilities:

    - Intel never intends to fix anything

    OR

    - these workarounds should have a way to disable them.

    Which of the two is it?

    Linus
    "Holy shit, I ask you to stop being autistic and you debate what autistic is." - spasm
    Quote Originally Posted by Larkonis Trassler View Post
    WTF I hate white people now...

  5. #265
    Duckslayer's Avatar
    Join Date
    October 23, 2017
    Posts
    979
    Ryzen purchaser here


  6. #266

    Join Date
    April 13, 2011
    Posts
    6,553
    Quote Originally Posted by Frug View Post
    Nobody at my work, not even ops, is talking about this. I'm disappointed. This is a big deal.
    It is a big deal, but we don't know how big a deal and we don't know the impact yet and it'll impact everyone equally*, so there's not much to talk about yet.


    *This is your weekly reminder that Intel's market share is effectively 100%.

  7. #267
    Duckslayer's Avatar
    Join Date
    October 23, 2017
    Posts
    979
    Quote Originally Posted by elmicker View Post
    Quote Originally Posted by Frug View Post
    Nobody at my work, not even ops, is talking about this. I'm disappointed. This is a big deal.
    It is a big deal, but we don't know how big a deal and we don't know the impact yet and it'll impact everyone equally*, so there's not much to talk about yet.


    *This is your weekly reminder that Intel's market share is effectively 100%.
    i am the 0%

  8. #268
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    12,378
    Last year (by a Windows-centric benchmark measure) it was 80% and trending down for an entire quarter after Ryzen launched (looking at stats that ended in June)... Before EPYC arrived, before ME hit Intel, and before this.
    Edit: make that it hit 70% the month later/for Q2, AMD taking a historic 10.4% from Intel, largest gain vs them ever, beating Opteron's work.

    The simple version is: reject tautology. If you think Intel is the only purchase option, that's your problem.
    Last edited by Daneel Trevize; January 4 2018 at 12:22:19 PM.
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  9. #269
    Duckslayer's Avatar
    Join Date
    October 23, 2017
    Posts
    979
    Quote Originally Posted by Daneel Trevize View Post
    Last year it was 80% and trending down for an entire quarter after Ryzen launched (looking at stats that ended in June)... Before ME and before this.
    Chipzilla clawed back their losses within two months going off the steam hardware survey. Or was it that german e retailer stat leak i cant remember. Not really sure why, presumably because of the intel's vendor briberyloyalty program? I know, gamers only and datacentres is where the big bucks are. I mean AMD made some proper bank in 2017 finally and have excellent yeilds with zen so its all gravy for them on the cpu front. Probably pick up a few more orders for epyc now i suspect too.

  10. #270
    Movember 2012 Stoffl's Avatar
    Join Date
    April 10, 2011
    Location
    The original viennese waffle
    Posts
    21,977
    Quote Originally Posted by Aea View Post
    Quote Originally Posted by Stoffl View Post
    LOLintel
    AyyyMD

    Although it’s probably karma if they’re unaffected.


    Sent from my iPhone using Tapatalk
    My 2010 hexacore Opteron purchase is finally paying off!
    (From everything I've read spectry is a trivial issue in comparison)


    Also shoutout to TU Graz for being involved in the discovery of Meltdown.

    Quote Originally Posted by I Legionnaire View Post
    https://twitter.com/i/moments/948681915485351938

    tl/dr: all cpus out there are fucked, intel's is actually the less serious one since there's a software fix for it. On the other hand the second affects ALL cpus, and is impossible to fix without tossing modern cpu design in the bin.
    Nice iNtel spin there bruv
    Last edited by Stoffl; January 4 2018 at 12:49:41 PM.
    2/10/17 Greatposthellpurge never forget
    23/10/17 The Greatreposteninging ?

  11. #271
    Movember 2012 Stoffl's Avatar
    Join Date
    April 10, 2011
    Location
    The original viennese waffle
    Posts
    21,977
    Quote Originally Posted by Duckslayer View Post
    Quote Originally Posted by elmicker View Post
    Quote Originally Posted by Frug View Post
    Nobody at my work, not even ops, is talking about this. I'm disappointed. This is a big deal.
    It is a big deal, but we don't know how big a deal and we don't know the impact yet and it'll impact everyone equally*, so there's not much to talk about yet.


    *This is your weekly reminder that Intel's market share is effectively 100%.
    i am the 0%
    You must spread some Reputation around before giving it to Duckslayer again.
    2/10/17 Greatposthellpurge never forget
    23/10/17 The Greatreposteninging ?

  12. #272
    Movember 2012 Stoffl's Avatar
    Join Date
    April 10, 2011
    Location
    The original viennese waffle
    Posts
    21,977
    lel

    2/10/17 Greatposthellpurge never forget
    23/10/17 The Greatreposteninging ?

  13. #273

    Join Date
    April 13, 2011
    Posts
    6,553
    Quote Originally Posted by Daneel Trevize View Post
    reject tautology.
    With desktop stats? No ta - they don't even really matter in this context and they're basically a rounding error on the market as a whole anyway.

    The numbers I've got access to tell me our customer base are 98.1% Intel (based on c. 3M CPUs that I can see), which is actually a slightly smaller share than intel enjoys amongst the major cloud vendors (frankly i think the remaining 1.9% are just malformed cpu name strings...). On-premises I don't even think Dell or HPE will sell you an AMD chip at this point in time.

  14. #274
    Liare's Avatar
    Join Date
    April 9, 2011
    Location
    Denmark
    Posts
    12,327
    Dell will sell you On-Prem AMD kit, they've been doing that since mid 2014, it's the XX5 poweredge servers, so a R420 is intel, a R425 is AMD.
    Viking, n.:
    1. Daring Scandinavian seafarers, explorers, adventurers, entrepreneurs world-famous for their aggressive, nautical import business, highly leveraged takeovers and blue eyes.
    2. Bloodthirsty sea pirates who ravaged northern Europe beginning in the 9th century.

    Hagar's note: The first definition is much preferred; the second is used only by malcontents, the envious, and disgruntled owners of waterfront property.

  15. #275
    Donor
    Join Date
    April 9, 2011
    Posts
    1,359
    Quote Originally Posted by Duckslayer View Post
    Probably pick up a few more orders for epyc now i suspect too.
    I suspect that's going to be a spectacular understatement. If you're buying servers and your primary workload is one affected by the Meltdown patch then Intel hardware is going to look very unappealing. And 'fixed' Xeons are almost certainly at least a year away.

  16. #276
    Cosmin's Avatar
    Join Date
    March 14, 2012
    Location
    UK
    Posts
    6,000
    So basically preliminary tests under Linux show a database slowdown of 25ish%, which is p. awful. Gaming, encoding, browsing, Photoshopping/CAD seem to be unaffected.

    This is p. awful :S
    Guns make the news, science doesn't.

  17. #277
    SteeleResolve's Avatar
    Join Date
    April 13, 2011
    Location
    AKA Pubbie McLemming
    Posts
    3,188
    Looks like MS have release a "fix" today, but check your AV is on the list otherwise BSoDs:

    http://www.theregister.co.uk/2018/01...atch_meltdown/

    List of AV vendors updated

  18. #278
    Ashaz's Avatar
    Join Date
    April 29, 2011
    Posts
    3,558
    Quote Originally Posted by Duckslayer View Post
    Quote Originally Posted by elmicker View Post
    Quote Originally Posted by Frug View Post
    Nobody at my work, not even ops, is talking about this. I'm disappointed. This is a big deal.
    It is a big deal, but we don't know how big a deal and we don't know the impact yet and it'll impact everyone equally*, so there's not much to talk about yet.


    *This is your weekly reminder that Intel's market share is effectively 100%.
    i am the 0%
    +1

  19. #279

    Join Date
    May 31, 2011
    Posts
    4,085
    Quote Originally Posted by elmicker View Post
    Quote Originally Posted by Daneel Trevize View Post
    reject tautology.
    With desktop stats? No ta - they don't even really matter in this context and they're basically a rounding error on the market as a whole anyway.

    The numbers I've got access to tell me our customer base are 98.1% Intel (based on c. 3M CPUs that I can see) [...]
    Honest question, because I'm curious, but I don't have a clue how that works: Are those actual iron, or does that include virtual machines, where the emulated/reported processor of the VM might or might not be the real one. Not sure if the later is even possible (=emulating a CPU that's different from the host's one).

  20. #280
    Cosmin's Avatar
    Join Date
    March 14, 2012
    Location
    UK
    Posts
    6,000
    Basically that was the main issue raised, apparently you could theoretically read another vm stuff from your vm if both are running on the same hardware.


    Sent from my iPhone using Tapatalk
    Guns make the news, science doesn't.

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •