Language Selection

English French German Italian Portuguese Spanish

Intel is Full of Holes

Filed under
Hardware
Security
  • A Security Issue in Intel’s Active Management Technology (AMT)
  • Backdoor In 30 Seconds: New Major AMT Security Flaw Is Here To Haunt Intel Laptops
  • Meltdown and Spectre FAQ: Crapification at Scale

    Yesterday, Yves posted a “primers on Meltdown and Spectre”, which included several explanations of the two bugs from different viewpoints; if you feel you don’t have a handle on them, please review it. Today, I want to give an overview of the two bugs. I will dig into the details of these two bugs in the form of a FAQ, and then I’ll open a discussion of the larger business and political economy issues raised in the form of a MetaFAQ. First, I should make one point: Meltdown is a bug; Specture is a class of bugs (or, if you prefer, a strategy).

    [...]

    What Are The Costs of the Meltdown and Spectre Bugs?

    A few billions.

  • Fixing Chipmageddon Will Slow Down Older Computers

    Microsoft has come out and said it: cures for the pervasive chip flaws Meltdown and Spectre are likely to dent the performance of your PC if it’s a few years old.

  • Intel needs to come clean about Meltdown and Spectre

    Intel hasn’t had the best of times recently. Meltdown and Spectre security flaws have helped reveal fundamental issues with processor designs over the past 20 years, and the software updates to protect PCs will have performance impacts. Even as I write this, it’s still not clear to anyone exactly how bad these performance impacts will be for older desktop systems, or how significant they’ll be to server-based cloud platforms. It’s all a bit of a mess, and Intel hasn’t helped with its lack of transparency. It’s time for Intel to stop hiding behind cleverly worded statements.

  • Intel details performance hit for Meltdown fix on affected processors
  • Keeping Spectre secret

    When Graz University of Technology researcher Michael Schwarz first reached out to Intel, he thought he was about to ruin the company’s day. He had found a problem with their chips, together with his colleagues Daniel Gruss, Moritz Lipp, and Stefan Mangard. The vulnerability was both profound and immediately exploitable. His team finished the exploit on December 3rd, a Sunday afternoon. Realizing the gravity of what they’d found, they emailed Intel immediately.

  • Intel's telling some customers to avoid its fix for the Spectre and Meltdown attacks — because of a big bug
  • Everything running smoothly at the plant? *Whips out mobile phone* Wait. Nooo...

    The security of mobile apps that tie in with Supervisory Control and Data Acquisition (SCADA) systems has deteriorated over the last two-and-a-half years, according to new research.

    A team of boffins from IOActive and IoT security startup Embedi said they had discovered 147 vulnerabilities in 34 of the most popular Android mobile apps for SCADA systems.

    Mobile applications are increasingly being used in conjunction with SCADA systems. The researchers warned these apps are "riddled with vulnerabilities that could have dire consequences on SCADA systems that operate industrial control systems".

More in Tux Machines

KDE Applications 18.12 Are Waiting for You

It's that time of the year again. Everyone is in a festive mood and excited about all the new things they're going to get. It's only natural, since it's the season of the last KDE Applications release for this year! With more than 140 issues resolved and dozens of feature improvements, KDE Applications 18.12 are now on its way to your operating system of choice. We've highlighted some changes you can look forward to. Read more Also: KDE Applications 18.12 Released With File Manager Improvements, Konsole Emoji

Nvidia unveils cheaper 4GB version of its Jetson TX2 and begins shipping its next-gen Xavier module

Nvidia announced a lower-cost 4GB version of its Linux-driven Jetson TX2 module with half the RAM and eMMC and has begun shipping its next-gen Jetson AGX Xavier. Nvidia will soon have three variants of its hexa-core Arm Jetson TX2 module: the original Jetson TX2, the more embedded, industrial temperature Jetson TX2i , and now a new Jetson TX2 4GB model. The chip designer also announced availability of its next-gen, robotics focused Jetson AGX Xavier module (see farther below). Read more

Stable kernels 4.19.9, 4.14.88, 4.9.145, 4.4.167, and 3.18.129

Software: Vivaldi, QEMU and Manpages

  • Vivaldi 2.2 adds tweakable toolbars and Netflix for Linux
    UPSTART WEB BROWSER Vivaldi has released version 2.2, with a number of new features which continue its aim to differentiate itself from other Chromium browsers. The privacy passionate progeny of Opera co-founder Jon Von Tetzchner boasts improved tab management, support for pop-out video windows, configurable toolbars and updates to acccessibility. [...] "Customizing a browser as per your needs is not only a thing for pros and geeks. The key is to create something that works for you," says Vivaldi CEO Jon von Tetzchner. "Features are what draw people to Vivaldi and details are what keep them there. That's why we are always striving to fit every use case and giving our users different ways to browse."
  • QEMU 3.1 Released For Advancing The Linux Open-Source Virtualization Stack
    The QEMU emulator that is widely used by the open-source Linux virtualization stack is out with its version 3.1 feature release. This is the QEMU update that is adding multi-threaded Tiny Code Generator support, display improvements, adds the Cortex-A72 model and other ARM improvements, and various other enhancements.
  • What are Linux man pages?
    Have you ever sought help on a technical issue, only to be told RTFM? What is that acronym? In a safe-for-work translation, it means Read The Freaking Manual. That's all fine and good when you working with something that has a downloadable PDF file containing all the necessary information you need. But what about a Linux command? There are no manuals to be had. Or are there?