February 22, 20188 yr 42 minutes ago, zoggy said: here is the latest from intel on what you should upgrade/when your upgrade is coming: https://newsroom.intel.com/wp-content/uploads/sites/11/2018/02/microcode-update-guidance.pdf Nice find. Would be nice of them to provide downloadable firmware updates as they are marked "production". Probably they see that working with motherboard vendors to deploy new microcode via bios updates as the fastest way to mitigate Spectre for the big cloud boys.
March 14, 20188 yr Linux* Processor Microcode Data File Version: 20180312 (Latest) Date: 3/12/2018 https://downloadcenter.intel.com/download/27591/Linux-Processor-Microcode-Data-File?v=t
March 14, 20188 yr Author 1 hour ago, Dazog said: Linux* Processor Microcode Data File Version: 20180312 (Latest) Date: 3/12/2018 https://downloadcenter.intel.com/download/27591/Linux-Processor-Microcode-Data-File?v=t I'm guessing this for Linux VMs and not for the bootup unRAID distro?
March 29, 20188 yr FYI Supermicro just released bios with updated CPU microcode to address ‘Spectre’ variant 2 for most X11 boards.
April 6, 20188 yr Intel have now announced that they will not (or can not) fix Spectre and Meltdown for a lot of older chips that they had earlier indicated they would release fixes for. Lots of good unRAID chips will not get fixes - Core, Core 2, Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown, Jasper Forest, ... http://newsroom.intel.com/wp-content/uploads/sites/11/2018/04/microcode-update-guidance.pdf http://arstechnica.com/gadgets/2018/04/intel-drops-plans-to-develop-spectre-microcode-for-ancient-chips/ http://www.theregister.co.uk/2018/04/04/intel_spectre_microcode_updates/
April 30, 20188 yr https://opensource.com/article/18/4/cpu-utilization-wrong watch the video all the way through for its relevance.
May 1, 20188 yr 16 minutes ago, zoggy said: watch the video all the way through for its relevance. Yup.
May 5, 20188 yr The Bad News doesn't end: https://www.heise.de/ct/artikel/Exclusive-Spectre-NG-Multiple-new-Intel-CPU-flaws-revealed-several-serious-4040648.html Of course we will stay on top of this and integrate patches as they become available. It's mainly the big cloud providers with the biggest headaches.
May 5, 20188 yr As I noted in January when the first Meltdown/Spectre reports were published, I don't think this can be stopped. There have existed side-band attacks just listening to the sound of the power supply - how can a general-purpose processor manage to not leak side-band information unless all speculation is removed? There will always be new statistical methods that can analyze branch prediction/cache misses/... and make deductions about what the CPU is doing or on what data. This is a genie that just can't be put back in the bottle. I think we will need new processors where more sensitive operations are either offloaded to custom hardware or where the processor can turn off the performance mode for critical computations. But that means that in "safe" mode, we'll get glorified 386 chips running way slower than normal mode. Turning off branch-prediction and hiding cache misses means a "safe" processor will have to spend most time stalled.
July 9, 20187 yr New microcode out: https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-Data-File?v=t 20180703
August 10, 20187 yr New microcode out: https://downloadcenter.intel.com/download/28039/Linux-Processor-Microcode-Data-File?product=873
August 14, 20187 yr Three more vulnerabilities are being disclosed today, https://www.theregister.co.uk/2018/08/14/intel_l1_terminal_fault_bugs/ for the popular-article going over it.
September 4, 20187 yr On 8/14/2018 at 4:10 PM, Jcloud said: Three more vulnerabilities are being disclosed today, https://www.theregister.co.uk/2018/08/14/intel_l1_terminal_fault_bugs/ for the popular-article going over it. This is one is pretty bad as the only way to fix it for now is to disable hyper-threading.
September 4, 20187 yr On 8/14/2018 at 1:10 PM, Jcloud said: Three more vulnerabilities are being disclosed today, https://www.theregister.co.uk/2018/08/14/intel_l1_terminal_fault_bugs/ for the popular-article going over it. That's a pretty good (and honest) article. FTA: Quote It must be said that no malware, to the best of our knowledge, is exploiting the related Meltdown and Spectre flaws, nor the aforementioned speculative-execution vulnerabilities – partly because mitigations are rolling out across the industry, and partly because there are easier ways to hack people.
June 18, 20197 yr Having second thoughts about purchasing Intel. Besides AMD have been catching up and made good processors specially for gaming.
Archived
This topic is now archived and is closed to further replies.