Language Selection

English French German Italian Portuguese Spanish

Security

Security: Meltdown and Spectre, Kaspersky, PowerPC

Filed under
Security

Meltdown and Spectre Linux Perspective

Filed under
Linux
Security
  • Linus Torvalds Is Not Happy About Intel's Meltdown and Spectre Mess

    Famed Linux developer Linus Torvalds has some pretty harsh words for Intel on the fiasco over Meltdown and Spectre, the massive security flaws in modern processors that predominantly affect Intel products.

    Meltdown and Spectre exploit an architectural flaw with the way processors handle speculative execution, a technique that most modern CPUs use to increase speed. Both classes of vulnerability could expose protected kernel memory, potentially allowing hackers to gain access to the inner workings of any unpatched system or penetrate security measures. The flaw can’t be fixed with a microcode update, meaning that developers for major OSes and platforms have had to devise workarounds that could seriously hurt performance.

  • Weekly Roundup 2018 – Week 1

    Mageia kernel updates to mitigate these two flaws are already being worked on. Mageia 6 kernel updates released in the last 24 hours don’t as yet solve all the problems, but kernel-4.14.12-2.mga6 is in updates/testing (as is the .mga7 kernel for Cauldron). Expect updates very shortly. Our thanks to our tireless kernel devs and our ever busy QA team!

  • DragonFlyBSD's Meltdown Fix Causing More Slowdowns Than Linux

    Following the move by Linux to introduced Kernel Page Table Isolation (KPTI) to address the Meltdown vulnerability affecting Intel CPUs, DragonFlyBSD has implemented better user/kernel separation to address this issue. While the Linux performance hit overall was minor, in our tests carried out so far the DragonFlyBSD kernel changes are causing more widespread slowdowns.

  • Episode 76 - Meltdown aftermath
  • Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years
  • Meltdown and Spectre Fixes Arrive—But Don't Solve Everything
  • Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts

    Intel, Amazon, Microsoft and others are playing down concerns over the impact of the massive Spectre and Meltdown vulnerabilities affecting computers, servers and mobile devices worldwide.

    The two flaws, Spectre and Meltdown, are far reaching and impact a wide range of microprocessors used in the past decade in computers and mobile devices including those running Android, Chrome, iOS, Linux, macOS and Windows. While Meltdown only affects Intel processors, Spectre affects chips from Intel, AMD, ARM and others.

Security: CPU Bugs, Western Digital Back Doors

Filed under
Security
  • There will always be hardware bugs

    By now everyone has seen the latest exploit, meltdown and spectre, complete with logos and full academic paper. The gist of this is that side channel attacks on CPUs are now actually plausible instead of mostly theoretical. LWN (subscribe!) has a good collection of posts about actual technical details and mitigations. Because this involves hardware and not just software, fixes get more complicated.

  • What are Meltdown and Spectre? Here’s what you need to know.
  • Intel faces class action lawsuits regarding Meltdown and Spectre

    The three lawsuits—filed in California, Indiana, and Oregon (PDF)—cite not just the security vulnerabilities and their potential impact, but also Intel's response time to them. Researchers notified Intel about the flaws in June. Now, Intel faces a big headache. The vast majority of its CPUs in use today are impacted, and more class action complaints may be filed beyond these three.

  • Western Digital My Cloud drives have a built-in backdoor

    Western Digital's network attached storage solutions have a newfound vulnerability allowing for unrestricted root access.
    James Bercegay disclosed the vulnerability to Western Digital in mid-2017. After allowing six months to pass, the full details and proof-of-concept exploit have been published. No fix has been issued to date.
    More troubling is the existence of a hard coded backdoor with credentials that cannot be changed. Logging in to Western Digital My Cloud services can be done by anybody using "mydlinkBRionyg" as the administrator username and "abc12345cba" as the password. Once logged in, shell access is readily available followed with plenty of opportunity for injection of commands.

Security: Meltdown & Spectre, Critical CSRF Security Vulnerability, OpenVPN and More

Filed under
Security
  • Meltdown & Spectre
  • Meltdown and Spectre Linux Kernel Status

    By now, everyone knows that something “big” just got announced regarding computer security. Heck, when the Daily Mail does a report on it , you know something is bad…

    Anyway, I’m not going to go into the details about the problems being reported, other than to point you at the wonderfully written Project Zero paper on the issues involved here. They should just give out the 2018 Pwnie award right now, it’s that amazingly good.

    If you do want technical details for how we are resolving those issues in the kernel, see the always awesome lwn.net writeup for the details.

    Also, here’s a good summary of lots of other postings that includes announcements from various vendors.

  • Spectre and Meltdown: What you need to know going forward

    As you've likely heard by now, there are some problems with Intel, AMD, and ARM processors. Called Meltdown and Spectre, the discovered attack possibilities are rather severe, as they impact pretty much every technical device on the network or in your house (PCs, laptops, tablets, phones, etc.).

    Here's a breakdown of all the things you need to know. As things change, or new information becomes available, this article will be updated.

    The key thing to remember is not to panic, as the sky isn't about to come crashing down. The situation is one that centers on information disclosure, not code execution (a far more damning issue to deal with).

  • Open Source Leaders: Take Intel to Task

    I do not know Linus Torvalds or Theo de Raadt. I have never met either of them and have read very little about them. What I do know, gleaned from email archives, is when it comes to bum hardware: they both have pretty strong opinions. Both Linus and Theo can be a bit rough around the edges when it comes to giving their thoughts about hardware design flaws: but at least they have a voice. Also, Linus and Theo have often been at odds whether it be about how to approach OS design, licensing etc but I suspect, or I at least have to believe, the latest incident from intel (the Spectre and Meltdown flaws) is one area they agree on.

    Linus and Theo cannot possibly be the only Open Source leaders out there who are frustrated and tired of being jerked around by intel. What I hope comes out of this is not many different voices saying the same thing here and there but instead, perhaps, our various leaders could get together and take intel to task on this issue. Intel not only created a horrible design flaw they lied by omission about it for several months. During those months the Intel CEO quietly dumped his stock. What a hero.

  • Docker Performance With KPTI Page Table Isolation Patches

    Overall most of our benchmarks this week of the new Linux Kernel Page Table Isolation (KPTI) patches coming as a result of the Meltdown vulnerability have showed minimal impact overall on system performance. The exceptions have obviously been with workloads having high kernel interactions like demanding I/O cases and in terms of real-world impact, databases. But when testing VMs there's been some minor impact more broadly than bare metal testing and also Wine performance has been impacted. The latest having been benchmarked is seeing if the Docker performance has been impacted by the KPTI patches to see if it's any significant impact since overall the patched system overhead certainly isn't anything close to how it was initially hyped by some other media outlets.

  • Can We Replace Intel x86 With an Open Source Chip?
  • Critical CSRF Security Vulnerability in phpMyAdmin Database Tool Patched

    A "cross site request forgery" vulnerability in a popular tool for administrating MySQL and MariaDB databases that could lead to data loss has been patched.

  • 8 reasons to replace your VPN client with OpenVPN

    OpenVPN could be the answer. It's an ultra-configurable open source VPN client which works with just about any VPN provider that supports the OpenVPN protocol. It gives you new ways to automate, optimize, control and troubleshoot your connections, and you can use it alongside your existing client, or maybe replace it entirely – it's your call.

  • I’m harvesting credit card numbers and passwords from your site. Here’s how.

Security: Currencies, Marcus Hutchins, and Hardware Bugs

Filed under
Security
  • Hot New Cryptocurrency Trend: Mining Malware That Could Fry Your Phone
  • PyCryptoMiner Attacks Linux Machines And Turns Them Into Monero-mining Bots
  • Marcus Hutchins' lawyers seek information around arrest

    Lawyers acting for British security researcher Marcus Hutchins have filed a motion seeking additional information on a number of aspects surrounding his arrest in order to prepare for a trial that is expected to take place this year.

  • AMD Did NOT Disable Branch Prediction With A Zen Microcode Update

    With the plethora of software security updates coming out over the past few days in the wake of the Meltdown and Spectre disclosure, released by SUSE was a Family 17h "Zen" CPU microcode update that we have yet to see elsewhere... It claims to disables branch prediction, but I've confirmed with AMD that is not actually the case.

    AMD did post a processor security notice where they noted their hardware was not vulnerable to variant threee / rogue data cache load, for the "branch target injection" variant that there was "near zero risk" for exploiting, and with the bounds check bypass it would be resolved by software/OS updates.

  • Spectre and Meltdown Attacks Against Microprocessors

    "Throw it away and buy a new one" is ridiculous security advice, but it's what US-CERT recommends. It is also unworkable. The problem is that there isn't anything to buy that isn't vulnerable. Pretty much every major processor made in the past 20 years is vulnerable to some flavor of these vulnerabilities. Patching against Meltdown can degrade performance by almost a third. And there's no patch for Spectre; the microprocessors have to be redesigned to prevent the attack, and that will take years. (Here's a running list of who's patched what.)

  • OpenBSD & FreeBSD Are Still Formulating Kernel Plans To Address Meltdown+Spectre

    On Friday DragonFlyBSD's Matthew Dillon already landed his DragonFly kernel fixes for the Meltdown vulnerability affecting Intel CPUs. But what about the other BSDs?

    As outlined in that article yesterday, DragonFlyBSD founder Matthew Dillon quickly worked through better kernel/user separation with their code to address the Intel CPU bug. Similar to Linux, the DragonFlyBSD fix should cause minimal to small CPU performance impact for most workloads while system call heavy / interrupt-heavy workloads (like I/O and databases) could see more significant drops.

  • Retpoline v5 Published For Fending Off Spectre Branch Target Injection

    David Woodhouse of Amazon has sent out the latest quickly-revising patches for introducing the "Retpoline" functionality to the Linux kernel for mitigating the Spectre "variant 2" attack.

    Retpoline v5 is the latest as of Saturday morning as the ongoing effort for avoiding speculative indirect calls within the Linux kernel for preventing a branch target injection style attack. These 200+ lines of kernel code paired with the GCC Retpoline patches are able to address vulnerable indirect branches in the Linux kernel.

    The Retpoline approach is said to only have up to a ~1.5% performance hit when patched... I hope this weekend to get around to trying these kernel and GCC patches on some of my systems for looking at the performance impact in our commonly benchmarked workloads. The Retpoline work is separate from the KPTI page table isolation work for addressing the Intel CPU Meltdown issue.

  • Intel hit with three class-action lawsuits over chip flaws
  • Meltdown, aka "Dear Intel, you suck"

    We have received *no* non-public information. I've seen posts elsewhere by other *BSD people implying that they receive little or no prior warning, so I have no reason to believe this was specific to OpenBSD and/or our philosophy. Personally, I do find it....amusing? that public announcements were moved up after the issue was deduced from development discussions and commits to a different open source OS project. Aren't we all glad that this was under embargo and strongly believe in the future value of embargoes?

  • Hack-proof Quantum Data Encryption

'Chipocalypse'

Filed under
Security

Security leftovers

Filed under
Security
  • Python-Based Botnet Targets Linux Systems with Exposed SSH Ports

    Experts believe that an experienced cybercrime group has created a botnet from compromised Linux-based systems and is using these servers and devices to mine Monero, a digital currency.

    Crooks are apparently using brute-force attacks against Linux systems that feature exposed SSH ports. If they guess the password, they use Python scripts to install a Monero miner.

  • AMD PSP Affected By Remote Code Execution Vulnerability

    While all eyes have been on Intel this week with the Spectre and Meltdown vulnerabilities, a disclosure was publicly made this week surrounding AMD's PSP Secure Processor in an unrelated security bulletin.

    AMD's Secure Processor / Platform Security Processor (PSP) that is akin to Intel's Management Engine (ME) is reportedly vulnerable to remote code execution.

  • DragonFlyBSD Lands Fixes For Meltdown Vulnerability

    Linux, macOS, and Windows has taken most of the operating system attention when it comes down to the recently-disclosed Meltdown vulnerability but the BSDs too are prone to this CPU issue. DragonFlyBSD lead developer Matthew Dillon has landed his fixes for Meltdown.

  • Spectre question

    Could ASLR be used to prevent the Spectre attack?

    The way Spectre mitigations are shaping up, it's going to require modification of every program that deals with sensitive data, inserting serialization instructions in the right places. Or programs can be compiled with all branch prediction disabled, with more of a speed hit.

    Either way, that's going to be piecemeal and error-prone. We'll be stuck with a new class of vulnerabilities for a long time. Perhaps good news for the security industry, but it's going to become as tediously bad as buffer overflows for the rest of us.

    Also, so far the mitigations being developed for Spectre only cover branching, but the Spectre paper also suggests the attack can be used in the absence of branches to eg determine the contents of registers, as long as the attacker knows the address of suitable instructions to leverage.

  • Intel Deploying Updates for Spectre and Meltdown Exploits

    Intel reports that company has developed and is rapidly issuing updates for all types of Intel-based computer systems — including personal computers and servers — that render those systems immune from “Spectre” and “Meltdown” exploits reported by Google Project Zero. I

  • Capsule8 Launches Open Source Sensor for Real-time Attack Detection Capable of Detecting Meltdown
  • You know what’s not affected by Meltdown or Spectre? The Raspberry Pi

    One or more of the security vulnerabilities disclosed this week affect nearly every modern smartphone, PC, and server processor. Intel processor are vulnerable to both Meltdown and Spectre attacks. AMD chips are vulnerable to Spectre attacks. And the ARM-based processors that are used in most modern smartphones can fall prey to a Spectre attack as well.

Security: Updates, PyCryptoMiner, and Hardware Crisis

Filed under
Security

RISC-V and Raspberry Pi Secure

Filed under
Linux
Hardware
Security
  • RISC-V Foundation Trumpets Open-Source ISAs In Wake Of Meltdown, Spectre

    The RISC-V Foundation says that no currently announced RISC-V CPU is vulnerable to Meltdown and Spectre and, in the wake of those bugs, stressed the importance of open-source development and a modern ISA in preventing vulnerabilities.

    In consumer computing, we usually only hear about two instruction set architectures (ISA): x86 and ARM. Classified as a complex instruction set, x86 dominates the desktop and server space. Since the rise of smartphones, however, reduced-instruction-set (RISC) ARM processors have dominated the mobile computing market. Beyond x86, there aren’t many complex instruction sets still in use, but there are still many relevant RISC designs despite ARM’s seeming ubiquity.

    The lesser known RISC-V ISA is among those being developed to take on ARM. It was created in the University of California, Berkeley and is unique because it’s open-source. The ISA is actively being worked on and is now overseen by the RISC-V Foundation, which includes companies such as AMD, Nvidia, Micron, Qualcomm, and Microsoft. An ISA alone doesn’t define a CPU design, though. RISC-V being open-source means that anyone is free to build their own CPU to implement the ISA, or their own compiler to build software that can run on RISC-V CPUs.

  • WHY RASPBERRY PI ISN’T VULNERABLE TO SPECTRE OR MELTDOWN

    Over the last couple of days, there has been a lot of discussion about a pair of security vulnerabilities nicknamed Spectre and Meltdown. These affect all modern Intel processors, and (in the case of Spectre) many AMD processors and ARM cores. Spectre allows an attacker to bypass software checks to read data from arbitrary locations in the current address space; Meltdown allows an attacker to read data from arbitrary locations in the operating system kernel’s address space (which should normally be inaccessible to user programs).

    Both vulnerabilities exploit performance features (caching and speculative execution) common to many modern processors to leak data via a so-called side-channel attack. Happily, the Raspberry Pi isn’t susceptible to these vulnerabilities, because of the particular ARM cores that we use.

    To help us understand why, here’s a little primer on so

Security: KPTI, Meltdown and Spectre

Filed under
Security
  • Intel facing class-action lawsuits over Meltdown and Spectre bugs

    Intel has been hit with at least three class-action lawsuits over the major processor vulnerabilities revealed this week.

    The flaws, called Meltdown and Spectre, exist within virtually all modern processors and could allow hackers to steal sensitive data although no data breaches have been reported yet. While Spectre affects processors made by a variety of firms, Meltdown appears to primarily affect Intel processors made since 1995.

    Three separate class-action lawsuits have been filed by plaintiffs in California, Oregon and Indiana seeking compensation, with more expected. All three cite the security vulnerability and Intel’s delay in public disclosure from when it was first notified by researchers of the flaws in June. They also cite the alleged computer slowdown that will be caused by the fixes needed to address the security concerns, which Intel disputes is a major factor.

  • More about Spectre and the PowerPC (or why you may want to dust that G3 off)

    Most of the reports on the Spectre speculative execution exploit have concentrated on the two dominant architectures, x86 (in both its AMD and Meltdown-afflicted Intel forms) and ARM. In our last blog entry I said that PowerPC is vulnerable to the Spectre attack, and in broad strokes it is. However, I also still think that the attack is generally impractical on Power Macs due to the time needed to meaningfully exfiltrate information on machines that are now over a decade old, especially with JavaScript-based attacks even with the TenFourFox PowerPC JIT (to say nothing of various complicating microarchitectural details). But let's say that those practical issues are irrelevant or handwaved away. Is PowerPC unusually vulnerable, or on the flip side unusually resistant, to Spectre-based attacks compared to x86 or ARM?

  • Measuring the Intel Management Engine to Create a More Secure Computer

    A modern computer has many different avenues for attack—ranging from local user-level exploits to root and kernel exploits, all the way down to exploits that compromise the boot loader or even the BIOS—but for over ten years the Intel Management Engine—with its full persistent access to all computer hardware combined with its secretive code base—has offered the theoretical worst-case scenario for a persistent invisible attack. The recent exploit from the talented group of researchers at Positive Technologies moves that worst-case scenario from “theoretical” to reality. While the proof-of-concept exploit is currently limited to local access, it is only a matter of time before that same style of stack smash attack turns remote by taking advantage of systems with AMT (Advanced Management Technology) enabled.

  • Linus Torvalds Latest Meltdown: “Is Intel Selling Sh*t And Never Willing To Fix Anything?”

    It’s not surprising to hear that the creator of the open-source Linux kernel couldn’t hold his temper after learning that Intel processors are affected by vulnerabilities that date back more than a decade ago. And why not? He has enough power to criticize Intel as the active development of the 26-year-old Linux kernel can’t go forward without him.

  • Linux Kernel 4.14.12 Released to Disable x86 PTI for AMD Radeon Processors

    It was bound to happen sooner or later, so Greg Kroah-Hartman just announced today the release of the Linux 4.14.12 kernel, which disables the x86 KPTI patches for AMD Radeon processors.

    Submitted over the Christmas holidays by AMD engineer Tom Lendacky, the "x86/cpu, x86/pti: Do not enable PTI on AMD processors" patch has landed today in the Linux 4.14.12 kernel, disabling the kernel page table isolation (KPTI) for all AMD Radeon processors, which were treated as "insecure" until now.

  • More Linux Kernel & GCC Patches Come Out In The Wake Of Spectre+Meltdown

    Besides the already-merged Kernel Page Table Isolation (KPTI) patches, other Linux kernel patches are coming out now in light of the recent Spectre and Meltdown vulnerabilities.

    Paul Turner of Google has posted some "request for comments" patches on a "Retpoline" implementation for the Linux kernel. The Retpoline patches are intended for fending off Spectre, the attack that breaks isolation between different applications. Unfortunately the Retpoline patching does add an additional cost to the kernel performance with the overall overhead being reported up to a 1.5% range.

  • KPTI Intel Chip Flaw Exposes Security Risks

    Operating system vendors are rushing to put out a fix for an alleged Intel chip flaw that could be used to exploit systems.

    Intel has not officially disclosed details on the flaw yet, though a patch already exists in the Linux kernel, with patches for Microsoft Windows and Apple macOS expected by Jan. 9. The Intel flaw doesn't have a branded name at this point, though security researchers have referred to it as both KPTI (Kernel Page Table Isolation) and KAISER (Kernel Address Isolation to have Side-channels Efficiently Removed).

  • Reading privileged memory with a side-channel

    We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.

Syndicate content

More in Tux Machines

Graphics: Wayland, RadeonSI, NVIDIA and More

  • Session suspension and restoration protocol
  • A Session Suspension & Restoration Protocol Proposed For Wayland
    KDE Wayland developer Roman Gilg who started contributing to Wayland via last year's Google Summer of Code is proposing a new Wayland protocol for dealing with desktop session suspension and restoration. This protocol extension would allow for more efficient support for client session suspension and restoration such as when you are logging out of your desktop session and want the windows restored at next log-in or if you are suspending your system. While Roman Gilg is working on this protocol with his KDE hat on, he has been talking with Sway and GNOME developers too for ensuring this protocol could work out for their needs.
  • RadeonSI Lands OpenGL 3.3 Compatibility Profile Support
    Thanks to work done over the past few months by AMD's Marek Olšák on improving Mesa's OpenGL compatibility profile support and then today carried over the final mile by Valve's Timothy Arceri, Mesa 18.2 now exposes OpenGL 3.3 under the compatibility context. Hitting Git tonight is the enabling of the OpenGL 3.3 compatibility profile for RadeonSI.
  • NVIDIA Releases DALI Library & nvJPEG GPU-Accelerated Library For JPEG Decode
    For coinciding with the start of the Computer Vision and Patern Recognition conference starting this week in Utah, NVIDIA has a slew of new software announcements. First up NVIDIA has announced the open-source DALI library for GPU-accelerated data augmentation and image loading that is optimized for data pipelines of deep learning frameworks like ResNET-50, TensorFlow, and PyTorch.
  • NVIDIA & Valve Line Up Among The Sponsors For X.Org's XDC 2018
    - The initial list of sponsors have been announced for the annual X.Org Developers' Conference (XDC2018) where Wayland, Mesa, and the X.Org Server tend to dominate the discussions for improving the open-source/Linux desktop. This year's XDC conference is being hosted in A Coruña, Spain and taking place in September. The call for presentations is currently open for X.Org/mesa developers wishing to participate.
  • Intel Broxton To Support GVT-g With Linux 4.19
    Intel developers working on the GVT-g graphics virtualization technology have published their latest batch of Linux kernel driver changes.

Fedora and Red Hat: Fedora Atomic, Fedora 29, *GPL and Openwashing ('Open Organization')

  • Fedora Atomic Workstation To Be Renamed Fedora Silverblue
    - Back in early May was the announcement of the Silverblue project as an evolution of Fedora Atomic Workstation and trying to get this atomic OS into shape by Fedora 30. Beginning with Fedora 29, the plan is to officially rename Fedora Atomic Workstation to Fedora Silverblue. Silverblue isn't just a placeholder name, but they are moving ahead with the re-branding initiative around it. The latest Fedora 29 change proposal is to officially change the name of "Fedora Atomic Workstation" to "Fedora Silverblue".
  • Fedora 29 Will Cater i686 Package Builds For x86_64, Hide GRUB On Boot
    The Fedora Engineering and Steering Committee (FESCo) approved on Friday more of the proposed features for this fall's release of Fedora 29, including two of the more controversial proposals.
  • Total War: WARHAMMER II Coming to Linux, Red Hat Announces GPL Cooperation Commitment, Linspire 8.0 Alpha 1 Released and More
    Starting today, Red Hat announced that "all new Red Hat-initiated open source projects that opt to use GPLv2 or LGPLv2.1 will be expected to supplement the license with the cure commitment language of GPLv3". The announcement notes that this development is the latest in "an ongoing initiative within the open source community to promote predictability and stability in enforcement of GPL-family licenses".
  • Red Hat Launches Process Automation Manager 7, Brackets Editor Releases Version 1.13, Qt Announces New Patch Release and More
    Red Hat today launched Red Hat Process Automation Manager 7, which is "a comprehensive, cloud-native platform for developing business automation services and process-centric applications across hybrid cloud environments". This new release expands some key capabilities including cloud native application development, dynamic case management and low-code user experience. You can learn more and get started here.
  • A summer reading list for open organization enthusiasts
    The books on this year's open organization reading list crystallize so much of what makes "open" work: Honesty, authenticity, trust, and the courage to question those status quo arrangements that prevent us from achieving our potential by working powerfully together.

Server Domination by GNU/Linux

  • Security and Performance Help Mainframes Stand the Test of Time
    As of last year, the Linux operating system was running 90 percent of public cloud workloads; has 62 percent of the embedded market share and runs all of the supercomputers in the TOP500 list, according to The Linux Foundation Open Mainframe Project’s 2018 State of the Open Mainframe Survey report. Despite a perceived bias that mainframes are behemoths that are costly to run and unreliable, the findings also revealed that more than nine in 10 respondents have an overall positive attitude about mainframe computing. The project conducted the survey to better understand use of mainframes in general. “If you have this amazing technology, with literally the fastest commercial CPUs on the planet, what are some of the barriers?” said John Mertic, director of program management for the foundation and Open Mainframe Project. “The driver was, there wasn’t any hard data around trends on the mainframe.”
  • HPE announces world's largest ARM-based supercomputer
    The race to exascale speed is getting a little more interesting with the introduction of HPE's Astra -- what will be the world's largest ARM-based supercomputer. HPE is building Astra for Sandia National Laboratories and the US Department of Energy's National Nuclear Security Administration (NNSA). The NNSA will use the supercomputer to run advanced modeling and simulation workloads for things like national security, energy, science and health care.

HHVM 3.27 Released