Language Selection

English French German Italian Portuguese Spanish

The inventor of Linux is furious at Intel

Filed under
Security

Linux inventor and founder Linus Torvalds is not known for holding back strong opinions he has about computers, which is why he's become one of the loudest voices critical of Intel's handling of the so-called Meltdown bug, which was revealed on Wednesday and could enable an attacker to steal confidential information, including passwords.

"I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed," Torvalds wrote in a sharply-worded email sent on to a Linux list on Wednesday.

Read more

Also: SUSE Responds to Meltdown and Spectre CPU Vulnerabilities in SLE and openSUSE

Debian, SUSE, Canonical

Red Hat

  • Red Hat responds to the Intel processor flaw

    These problems seem to have come about as a result of "speculative execution" -- an optimization technique that involves doing work before it is known whether that work will be needed. Correcting the vulnerabilities, therefore, comes at a performance price. More information on this tradeoff is available from this Red Hat post. Patches could slow down systems by as much as 30% -- a hit that most users are likely to feel. However, the specific performance impact will be workload dependent. To address Spectre in the short term, Red Hat has modified the kernel by default to not use the performance features that enable the vulnerability. Their customers do have the option to disable the patch and use the performance features. While Red Hat is working with chip manufacturers and OEMs on a longer-term solution, this option gives customers a way to make their own security and performance decisions

  • Red Hat, tech giants move to counter major security flaws Meltdown, Spectre

    Computer security experts have discovered two major security flaws in the microprocessors inside nearly all of the world’s computers.

    The two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers, servers running in so-called cloud computer networks.

  • Speculative Execution Exploit Performance Impacts - Describing the performance impacts to security patches for CVE-2017-5754 CVE-2017-5753 and CVE-2017-5715

    The recent speculative execution CVEs address three potential attacks across a wide variety of architectures and hardware platforms, each requiring slightly different fixes. In many cases, these fixes also require microcode updates from the hardware vendors. Red Hat has delivered updated Red Hat Enterprise Linux kernels that focus on securing customer deployments. The nature of these vulnerabilities and their fixes introduces the possibility of reduced performance on patched systems. The performance impact depends on the hardware and the applications in place.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Debian Development and News

  • Freexian’s report about Debian Long Term Support, June 2018
    Like each month, here comes a report about the work of paid contributors to Debian LTS.
  • PKCS#11 v2.20
    By way of experiment, I've just enabled the PKCS#11 v2.20 implementation in the eID packages for Linux, but for now only in the packages in the "continuous" repository. In the past, enabling this has caused issues; there have been a few cases where Firefox would deadlock when PKCS#11 v2.20 was enabled, rather than the (very old and outdated) v2.11 version that we support by default. We believe we have identified and fixed all outstanding issues that caused such deadlocks, but it's difficult to be sure.
  • Plans for DebCamp and DebConf 18
    I recently became an active contributor to the Debian project, which has been consolidated throughout my GSoC project. In addition to the great learning with my mentors, Lucas Kanashiro and Raphäel Hertzog, the feedback from other community members has been very valuable to the progress we are making in the Distro Tracker. Tomorrow, thanks to Debian project sponsorship, I will take off for Hsinchu, Taiwan to attend DebCamp and DebConf18. It is my first DebConf and I’m looking forward to meeting new people from the Debian community, learn a lot and make useful contributions during the time I am there.
  • Building Debian packages in CI (ick)
    I develop a number of (fairly small) programs, as a hobby. Some of them I also maintain as packages in Debian. All of them I publish as Debian packages in my own APT repository. I want to make the process for making a release of any of my programs as easy and automated as possible, and that includes building Debian packages and uploading them to my personal APT repository, and to Debian itself.
  • My DebCamp/DebConf 18 plans
    Tomorrow I am going to another DebCamp and DebConf; this time at Hsinchu, Taiwan.
  • Things you can do with Debian: multimedia editing
    The Debian operating system serves many purposes and you can do amazing things with it. Apart of powering the servers behind big internet sites like Wikipedia and others, you can use Debian in your PC or laptop. I’ve been doing that for many years. One of the great things you can do is some multimedia editing. It turns out I love nature, outdoor sports and adventures, and I usually take videos and photos with my friends while doing such activities. And when I arrive home I love editing them for my other blog, or putting them together in a video.

32-Bit Vs. 64-Bit Operating System

This has really been confusing to some people choosing between 32-bit and 64-bit systems. Head over to any operating system’s website, you will be given a choice to download either versions of the same operating system. So what is the difference? Why do we have two different versions of the same OS? Let us solve this mystery here, once and for all. Read more

Convert video using Handbrake

Recently, when my son asked me to digitally convert some old DVDs of his high school basketball games, I immediately knew I would use Handbrake. It is an open source package that has all the tools necessary to easily convert video into formats that can be played on MacOS, Windows, Linux, iOS, Android, and other platforms. Handbrake is open source and distributable under the GPLv2 license. It's easy to install on MacOS, Windows, and Linux, including both Fedora and Ubuntu. In Linux, once it's installed, it can be launched from the command line with $ handbrake or selected from the graphical user interface. (In my case, that is GNOME 3.) Read more

today's howtos