Language Selection

English French German Italian Portuguese Spanish

Intel is Full of Holes

Filed under
Hardware
Security
  • A Security Issue in Intel’s Active Management Technology (AMT)
  • Backdoor In 30 Seconds: New Major AMT Security Flaw Is Here To Haunt Intel Laptops
  • Meltdown and Spectre FAQ: Crapification at Scale

    Yesterday, Yves posted a “primers on Meltdown and Spectre”, which included several explanations of the two bugs from different viewpoints; if you feel you don’t have a handle on them, please review it. Today, I want to give an overview of the two bugs. I will dig into the details of these two bugs in the form of a FAQ, and then I’ll open a discussion of the larger business and political economy issues raised in the form of a MetaFAQ. First, I should make one point: Meltdown is a bug; Specture is a class of bugs (or, if you prefer, a strategy).

    [...]

    What Are The Costs of the Meltdown and Spectre Bugs?

    A few billions.

  • Fixing Chipmageddon Will Slow Down Older Computers

    Microsoft has come out and said it: cures for the pervasive chip flaws Meltdown and Spectre are likely to dent the performance of your PC if it’s a few years old.

  • Intel needs to come clean about Meltdown and Spectre

    Intel hasn’t had the best of times recently. Meltdown and Spectre security flaws have helped reveal fundamental issues with processor designs over the past 20 years, and the software updates to protect PCs will have performance impacts. Even as I write this, it’s still not clear to anyone exactly how bad these performance impacts will be for older desktop systems, or how significant they’ll be to server-based cloud platforms. It’s all a bit of a mess, and Intel hasn’t helped with its lack of transparency. It’s time for Intel to stop hiding behind cleverly worded statements.

  • Intel details performance hit for Meltdown fix on affected processors
  • Keeping Spectre secret

    When Graz University of Technology researcher Michael Schwarz first reached out to Intel, he thought he was about to ruin the company’s day. He had found a problem with their chips, together with his colleagues Daniel Gruss, Moritz Lipp, and Stefan Mangard. The vulnerability was both profound and immediately exploitable. His team finished the exploit on December 3rd, a Sunday afternoon. Realizing the gravity of what they’d found, they emailed Intel immediately.

  • Intel's telling some customers to avoid its fix for the Spectre and Meltdown attacks — because of a big bug
  • Everything running smoothly at the plant? *Whips out mobile phone* Wait. Nooo...

    The security of mobile apps that tie in with Supervisory Control and Data Acquisition (SCADA) systems has deteriorated over the last two-and-a-half years, according to new research.

    A team of boffins from IOActive and IoT security startup Embedi said they had discovered 147 vulnerabilities in 34 of the most popular Android mobile apps for SCADA systems.

    Mobile applications are increasingly being used in conjunction with SCADA systems. The researchers warned these apps are "riddled with vulnerabilities that could have dire consequences on SCADA systems that operate industrial control systems".

More in Tux Machines

Red Hat Woes and Fedora 29 Plans

  • Shares of open-source giant Red Hat pounded on weaker outlook
  • Fedora 29 Aims To Offer Up Modules For Everyone
    The latest Fedora 29 feature proposal is about offering "modules for everyone" across all Fedora editions. The "modules for everyone" proposal would make it where all Fedora installations have modular repositories enabled by default. Up to now the modular functionality was just enabled by default in Fedora Server 28. The modular functionality allows Fedora users to choose alternate versions of popular software, such as different versions of Node.js and other server software components where you might want to stick to a particular version.

GNU Make, FSFE Newsletter, and FSF's BLAG Removal

  • Linux Fu: The Great Power of Make
    Over the years, Linux (well, the operating system that is commonly known as Linux which is the Linux kernel and the GNU tools) has become much more complicated than its Unix roots. That’s inevitable, of course. However, it means old-timers get to slowly grow into new features while new people have to learn all in one gulp. A good example of this is how software is typically built on a Linux system. Fundamentally, most projects use make — a program that tries to be smart about running compiles. This was especially important when your 100 MHz CPU connected to a very slow disk drive would take a day to build a significant piece of software. On the face of it, make is pretty simple. But today, looking at a typical makefile will give you a headache, and many projects use an abstraction over make that further obscures things.
  • FSFE Newsletter June 2018
  • About BLAG's removal from our list of endorsed distributions
    We recently updated our list of free GNU/Linux distributions to add a "Historical" section. BLAG Linux and GNU, based on Fedora, joined the list many years ago. But the maintainers no longer believe they can keep things running at this time. As such, they requested that they be removed from our list. The list helps users to find operating systems that come with only free software and documentation, and that do not promote any nonfree software. Being added to the list means that a distribution has gone through a rigorous screening process, and is dedicated to diligently fixing any freedom issues that may arise.

Servers: Kubernetes, Oracle's Cloudwashing and Embrace of ARM

  • Bloomberg Eschews Vendors For Direct Kubernetes Involvement
    Rather than use a managed Kubernetes service or employ an outsourced provider, Bloomberg has chosen to invest in deep Kubernetes expertise and keep the skills in-house. Like many enterprise organizations, Bloomberg originally went looking for an off-the-shelf approach before settling on the decision to get involved more deeply with the open source project directly. "We started looking at Kubernetes a little over two years ago," said Steven Bower, Data and Infrastructure Lead at Bloomberg. ... "It's a great execution environment for data science," says Bower. "The real Aha! moment for us was when we realized that not only does it have all these great base primitives like pods and replica sets, but you can also define your own primitives and custom controllers that use them."
  • Oracle is changing how it reports cloud revenues, what's it hiding? [iophk: "probably Microsoft doing this too" (cloudwashing)]
     

    In short: Oracle no longer reports specific revenue for cloud PaaS, IaaS and SaaS, instead bundling them all into one reporting line which it calls 'cloud services and licence support'. This line pulled in 60% of total revenue for the quarter at $6.8 billion, up 8% year-on-year, for what it's worth.

  • Announcing the general availability of Oracle Linux 7 for ARM
    Oracle is pleased to announce the general availability of Oracle Linux 7 for the ARM architecture.
  • Oracle Linux 7 Now Ready For ARM Servers
    While Red Hat officially launched RHEL7 for ARM servers last November, on Friday Oracle finally announced the general availability of their RHEL7-derived Oracle Linux 7 for ARM. Oracle Linux 7 Update 5 is available for ARM 64-bit (ARMv8 / AArch64), including with their new Unbreakable Enterprise Kernel Release 5 based on Linux 4.14.

Graphics: XWayland, Ozone-GBM, Freedreno, X.Org, RadeonSI

  • The Latest Batch Of XWayland / EGLStream Improvements Merged
    While the initial EGLStreams-based support for using the NVIDIA proprietary driver with XWayland was merged for the recent X.Org Server 1.20 release, the next xorg-server release will feature more improvements.
  • Making Use Of Chrome's Ozone-GBM Intel Graphics Support On The Linux Desktop
    Intel open-source developer Joone Hur has provided a guide about using the Chrome OS graphics stack on Intel-based Linux desktop systems. In particular, using the Chrome OS graphics stack on the Linux desktop is primarily about using the Ozone-GBM back-end to Ozone that allows for direct interaction with Intel DRM/KMS support and evdev for input.
  • Freedreno Reaches OpenGL ES 3.1 Support, Not Far From OpenGL 3.3
    The Freedreno Gallium3D driver now supports all extensions required by OpenGL ES 3.1 and is also quite close to supporting desktop OpenGL 3.3.
  • X.Org Is Looking For A North American Host For XDC2019
    If software development isn't your forte but are looking to help out a leading open-source project while logistics and hospitality are where you excel, the X.Org Foundation is soliciting bids for the XDC2019 conference. The X.Org Foundation is looking for proposals where in North America that the annual X.Org Developers' Conference should be hosted in 2019. This year it's being hosted in Spain and with the usual rotation it means that in 2019 they will jump back over the pond.
  • RadeonSI Compatibility Profile Is Close To OpenGL 4.4 Support
    It was just a few days ago that the OpenGL compatibility profile support in Mesa reached OpenGL 3.3 compliance for RadeonSI while now thanks to the latest batch of patches from one of the Valve Linux developers, it's soon going to hit OpenGL 4.4. Legendary open-source graphics driver contributor Timothy Arceri at Valve has posted 11 more patches for advancing RadeonSI's OpenGL compatibility profile support, the alternative context to the OpenGL core profile that allows mixing in deprecated OpenGL functionality. The GL compatibility profile mode is generally used by long-standing workstation software and also a small subset of Linux games.