Language Selection

English French German Italian Portuguese Spanish

The inventor of Linux is furious at Intel

Filed under
Security

Linux inventor and founder Linus Torvalds is not known for holding back strong opinions he has about computers, which is why he's become one of the loudest voices critical of Intel's handling of the so-called Meltdown bug, which was revealed on Wednesday and could enable an attacker to steal confidential information, including passwords.

"I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed," Torvalds wrote in a sharply-worded email sent on to a Linux list on Wednesday.

Read more

Also: SUSE Responds to Meltdown and Spectre CPU Vulnerabilities in SLE and openSUSE

Debian, SUSE, Canonical

Red Hat

  • Red Hat responds to the Intel processor flaw

    These problems seem to have come about as a result of "speculative execution" -- an optimization technique that involves doing work before it is known whether that work will be needed. Correcting the vulnerabilities, therefore, comes at a performance price. More information on this tradeoff is available from this Red Hat post. Patches could slow down systems by as much as 30% -- a hit that most users are likely to feel. However, the specific performance impact will be workload dependent. To address Spectre in the short term, Red Hat has modified the kernel by default to not use the performance features that enable the vulnerability. Their customers do have the option to disable the patch and use the performance features. While Red Hat is working with chip manufacturers and OEMs on a longer-term solution, this option gives customers a way to make their own security and performance decisions

  • Red Hat, tech giants move to counter major security flaws Meltdown, Spectre

    Computer security experts have discovered two major security flaws in the microprocessors inside nearly all of the world’s computers.

    The two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers, servers running in so-called cloud computer networks.

  • Speculative Execution Exploit Performance Impacts - Describing the performance impacts to security patches for CVE-2017-5754 CVE-2017-5753 and CVE-2017-5715

    The recent speculative execution CVEs address three potential attacks across a wide variety of architectures and hardware platforms, each requiring slightly different fixes. In many cases, these fixes also require microcode updates from the hardware vendors. Red Hat has delivered updated Red Hat Enterprise Linux kernels that focus on securing customer deployments. The nature of these vulnerabilities and their fixes introduces the possibility of reduced performance on patched systems. The performance impact depends on the hardware and the applications in place.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

What Stratis learned from ZFS, Btrfs, and Linux Volume Manager

The reasons vary. First, let's consider ZFS. Originally developed by Sun Microsystems for Solaris (now owned by Oracle), ZFS has been ported to Linux. However, its CDDL-licensed code cannot be merged into the GPL-licensed Linux source tree. Whether CDDL and GPLv2 are truly incompatible is a subject for debate, but the uncertainty is enough to make enterprise Linux vendors unwilling to adopt and support it. Btrfs is also well-established and has no licensing issues. For years it was the "Chosen One" for many users, but it just hasn't yet gotten to where it needs to be in terms of stability and features. So, fuelled by a desire to improve the status quo and frustration with existing options, Stratis was conceived. Read more

3 questions about Kata Containers answered

Kata Containers is a new open source project licensed under Apache 2.0 and governed by the OpenStack Foundation that combines the speed of containers with the security of virtual machines. Kata Containers will be featured in a number of upcoming sessions at OpenStack Summit and KubeCon EU. Can't make it to either of those events? We've brought you answers to three of the top questions we hear from users. Read more

How to Upgrade from Ubuntu 17.10 or Ubuntu 16.04 LTS to Ubuntu 18.04 LTS

Before we go through the upgrade process in more detail, there are a few things you should know. First and foremost, make sure you have a recent backup of your most important files on an external drive, do it now! Second of all, if you're upgrading from Ubuntu 16.04 LTS, you'll have to deal with some major desktop changes if you use Unity. Ubuntu 16.04 LTS (Xenial Xerus) uses the Unity desktop environment by default, but Ubuntu 18.04 LTS uses the GNOME desktop environment with a highly customized interface to make it look like Unity, which Canonical said it won't be removed during the upgrade process and will remain available as an alternative if you still want to use it. Read more

Best Linux apps of 2018

While everyone knows that most Linux distributions (distros) are free to download, not everybody is aware that you also have access to thousands of cost-free applications through your operating system’s package manager. Many of the more user-friendly distros will come with a selection of software preinstalled to help you get started, but there are many more apps out in the wild, under continuous development. Read more