Language Selection

English French German Italian Portuguese Spanish

​Major Linux redesign in the works to deal with Intel security flaw

Filed under
Linux
Hardware
Security

Long ago, Intel made a design mistake in its 64-bit chips -- and now, all Intel-based operating systems and their users must pay the price.

Linux's developers saw this coming early on and patched Linux to deal with it. That's the good news. The bad news is it will cause at least a 5-percent performance drop. Applications may see far more serious performance hits. The popular PostgreSQL database is estimated to see at least a 17-percent slowdown.

How bad will it really be? I asked Linux's creator Linus Torvalds, who said: "There's no one number. It will depend on your hardware and on your load. I think 5 percent for a load with a noticeable kernel component (e.g. a database) is roughly in the right ballpark. But if you do micro-benchmarks that really try to stress it, you might see double-digit performance degradation."

Read more

Google and Red Hat

  • Red Hat Says Security Updates for Meltdown & Spectre Bugs May Affect Performance

    Red Hat's John Terrill informs Softpedia today that Red Hat is aware of the two hardware bugs (Meltdown and Spectre) affecting most modern microprocessors and they're working on security updates to mitigate them on their supported operating systems.

    The Meltdown and Spectre vulnerabilities (CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754) were publicly disclosed earlier today as critical hardware flaws affecting modern microprocessors made in the last two decades. These can be exploited by an unprivileged attacker to bypass hardware restrictions through three unique attack paths and gain read access to privileged memory.

    Red Hat Product Security provided us with several resources to better understand the impact of these hardware bugs on any of their supported Linux-based operating systems from an open source technology perspective. They said that Intel, AMD, POWER 8, POWER 9, IBM System z, and ARM chips are affected by the newly discovered vulnerabilities.

  • Google Makes Disclosure About The CPU Vulnerability Affecting Intel / AMD / ARM

    We're finally getting actual technical details on the CPU vulnerability leading to the recent race around (K)PTI that when corrected may lead to slower performance in certain situations. Google has revealed they uncovered the issue last year and have now provided some technical bits.

    Google says their Project Zero team last year discovered serious flaws in speculative execution that could lead to reading system memory where it shouldn't be authorized. Google was also able to demonstrate an attack where one VM could access the physical memory of the host machine and in turn read memory of other VMs on the same host.

Patched

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Screenshots/Screencasts: Robolinux 10.4 LXDE, deepin 15.9, and Parrot OS 4.5 KDE

Livepatching With Linux 5.1 To Support Atomic Replace & Cumulative Patches

With the Linux 5.1 kernel cycle that should get underway in just over one month's time, there will now be the long in development work (it's been through 15+ rounds of public code review!) for supporting atomic replace and cumulative patches. Read more

GNOME/Xfce/GTK: Exo 0.12.4 and Libhandy 0.0.7 Released

  • Exo 0.12.4 Released
    Exo 0.12.4 is now available with an improved icon view, better icon rendering, and reduced disk usage.
  • My Name is Handy, Lib Handy
    Libhandy 0.0.7 just got released! [...] A common pattern in GNOME applications is lists, which are typically implemented via GtkListBox. More specific patterns arose, where rows have a title at the start, an optional subtitle below it, actions at the end and an icon or some other widget like a radio button as a prefix. These rows can also be expanded to reveal nested rows or anything else that fits the need. So far every application using these patterns implemented the rows by hand for each and every row. It made using these a bit cumbersome and it led to inconsistencies in sizing, even inside a single application. To make these patterns easier to use, we implemented HdyActionRow, HdyComboRow and HdyExpanderRow.

How did you get started with Linux?

The Linux mascot is a penguin named Tux, so we thought it appropriate to celebrate Penguin Awareness Day for the conservation of penguin habitats and talk a little bit (more) about Linux. A few fun penguin facts: These furry creatures are flightless yet part of the bird family. Some are large, like the Emperor penguin, and some are small, like those found in New Zealand. And, the Gentoo penguin is known to swim up to a speed of 21 miles per hour! Now, for the Linux bit. I asked our writer community to describe the moment they learned about Linux or the moment they got it up on running on their machine. Here's what they shared. Read more