Language Selection

English French German Italian Portuguese Spanish

Intel is Full of Holes

Filed under
  • A Security Issue in Intel’s Active Management Technology (AMT)
  • Backdoor In 30 Seconds: New Major AMT Security Flaw Is Here To Haunt Intel Laptops
  • Meltdown and Spectre FAQ: Crapification at Scale

    Yesterday, Yves posted a “primers on Meltdown and Spectre”, which included several explanations of the two bugs from different viewpoints; if you feel you don’t have a handle on them, please review it. Today, I want to give an overview of the two bugs. I will dig into the details of these two bugs in the form of a FAQ, and then I’ll open a discussion of the larger business and political economy issues raised in the form of a MetaFAQ. First, I should make one point: Meltdown is a bug; Specture is a class of bugs (or, if you prefer, a strategy).


    What Are The Costs of the Meltdown and Spectre Bugs?

    A few billions.

  • Fixing Chipmageddon Will Slow Down Older Computers

    Microsoft has come out and said it: cures for the pervasive chip flaws Meltdown and Spectre are likely to dent the performance of your PC if it’s a few years old.

  • Intel needs to come clean about Meltdown and Spectre

    Intel hasn’t had the best of times recently. Meltdown and Spectre security flaws have helped reveal fundamental issues with processor designs over the past 20 years, and the software updates to protect PCs will have performance impacts. Even as I write this, it’s still not clear to anyone exactly how bad these performance impacts will be for older desktop systems, or how significant they’ll be to server-based cloud platforms. It’s all a bit of a mess, and Intel hasn’t helped with its lack of transparency. It’s time for Intel to stop hiding behind cleverly worded statements.

  • Intel details performance hit for Meltdown fix on affected processors
  • Keeping Spectre secret

    When Graz University of Technology researcher Michael Schwarz first reached out to Intel, he thought he was about to ruin the company’s day. He had found a problem with their chips, together with his colleagues Daniel Gruss, Moritz Lipp, and Stefan Mangard. The vulnerability was both profound and immediately exploitable. His team finished the exploit on December 3rd, a Sunday afternoon. Realizing the gravity of what they’d found, they emailed Intel immediately.

  • Intel's telling some customers to avoid its fix for the Spectre and Meltdown attacks — because of a big bug
  • Everything running smoothly at the plant? *Whips out mobile phone* Wait. Nooo...

    The security of mobile apps that tie in with Supervisory Control and Data Acquisition (SCADA) systems has deteriorated over the last two-and-a-half years, according to new research.

    A team of boffins from IOActive and IoT security startup Embedi said they had discovered 147 vulnerabilities in 34 of the most popular Android mobile apps for SCADA systems.

    Mobile applications are increasingly being used in conjunction with SCADA systems. The researchers warned these apps are "riddled with vulnerabilities that could have dire consequences on SCADA systems that operate industrial control systems".

More in Tux Machines

Blockchain: DigitalBits, Aventus, Cryptocurrency

  • DigitalBits launches open-source blockchain-based marketplace for loyalty points
    Their value — or at least their versatility — could get a boost if The DigitalBits Project is successful. This community endeavor, soon to become a nonprofit foundation based out of the tiny European country of Lichtenstein, is today launching an open-source blockchain-based infrastructure that supports trading loyalty points or rewards or transferring them to other individuals.
  • Aventus Announces Development of Open-Source Protocol Foundation
    Aventus, the blockchain ticketing startup that raised 60,000 Ether via a crowdsale in 2017, has announced the next stage of development for its non-profit foundation. The Aventus Protocol Foundation will serve as an entity tasked with supporting open-source projects built using the Aventus protocol. This encourages the growth of the Aventus ticketing ecosystem while protecting the rights of holders of AVT, the native Aventus token.
  • An Overview of Cryptocurrency Consensus Algorithms
    One of the most important aspects of a decentralized cryptocurrency project is the consensus algorithm it employs. A consensus algorithm is crucial to the implementation of a digital currency because it prevents the double spending problem, a challenge that has historically limited the development of digital currencies until the recent development and adoption of the blockchain ledger method. Because cryptocurrencies are implemented as public, decentralized ledgers that are append-only, they must employ a consensus algorithm to verify that there “is one version of the truth” and that the network cannot be overwhelmed by bad actors.

today's howtos

Fedora: Release Party, Fedora Diversity, Critical Firefox Fix

Microsoft Openwashing and Revisionism

  • Microsoft joins effort to cure open source license noncompliance [Ed: Pushing Microsoft lies under the false pretenses that Microsoft plays along with the GPL (it violates, smears and undermines it)]
  • Microsoft joins group working to 'cure' open-source licensing issues [Ed: Mary Jo Foley uses this initiative to whitewash Microsoft after it repeatedly violated the GPL and attacked it publicly, behind the scenes etc. And watch the image she uses: a lie.]
    It's kind of amazing that just over a decade ago, Microsoft was threatening Linux vendors by claiming free and open-source software infringed on 235 of Microsoft's patents. In 2007, Microsoft was very openly and publicly anti-GPLv3, claiming it was an attempt "to tear down the bridge between proprietary and open source technology that Microsoft has worked to build with the industry and customers."
  • Today's channel rundown - 19 March 2018
    The six have committed to extending additional rights "to cure open source license noncompliance". The announcement was made by Red Hat, which says the move will lead to greater cooperation with distributors of open source software to correct errors. In a statement, Red Hat referenced widely used open source software licenses, GNU General Public License (GPL) and GNU Lesser General Public License, which cover software projects including the Linux kernel. GPL version 3 offers distributors of the code an opportunity to correct errors and mistakes in license compliance.
  • Tails Security Update, Companies Team Up to Cure Open Source License Noncompliance, LG Expanding webOS and More
    According to a Red Hat press release this morning: "six additional companies have joined efforts to promote greater predictability in open source licensing. These marquee technology companies—CA Technologies, Cisco, HPE, Microsoft, SAP, and SUSE—have committed to extending additional rights to cure open source license noncompliance. This will lead to greater cooperation with distributors of open source software to correct errors and increased participation in open source software development."