Language Selection

English French German Italian Portuguese Spanish

The inventor of Linux is furious at Intel

Filed under
Security

Linux inventor and founder Linus Torvalds is not known for holding back strong opinions he has about computers, which is why he's become one of the loudest voices critical of Intel's handling of the so-called Meltdown bug, which was revealed on Wednesday and could enable an attacker to steal confidential information, including passwords.

"I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed," Torvalds wrote in a sharply-worded email sent on to a Linux list on Wednesday.

Read more

Also: SUSE Responds to Meltdown and Spectre CPU Vulnerabilities in SLE and openSUSE

Debian, SUSE, Canonical

Red Hat

  • Red Hat responds to the Intel processor flaw

    These problems seem to have come about as a result of "speculative execution" -- an optimization technique that involves doing work before it is known whether that work will be needed. Correcting the vulnerabilities, therefore, comes at a performance price. More information on this tradeoff is available from this Red Hat post. Patches could slow down systems by as much as 30% -- a hit that most users are likely to feel. However, the specific performance impact will be workload dependent. To address Spectre in the short term, Red Hat has modified the kernel by default to not use the performance features that enable the vulnerability. Their customers do have the option to disable the patch and use the performance features. While Red Hat is working with chip manufacturers and OEMs on a longer-term solution, this option gives customers a way to make their own security and performance decisions

  • Red Hat, tech giants move to counter major security flaws Meltdown, Spectre

    Computer security experts have discovered two major security flaws in the microprocessors inside nearly all of the world’s computers.

    The two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers, servers running in so-called cloud computer networks.

  • Speculative Execution Exploit Performance Impacts - Describing the performance impacts to security patches for CVE-2017-5754 CVE-2017-5753 and CVE-2017-5715

    The recent speculative execution CVEs address three potential attacks across a wide variety of architectures and hardware platforms, each requiring slightly different fixes. In many cases, these fixes also require microcode updates from the hardware vendors. Red Hat has delivered updated Red Hat Enterprise Linux kernels that focus on securing customer deployments. The nature of these vulnerabilities and their fixes introduces the possibility of reduced performance on patched systems. The performance impact depends on the hardware and the applications in place.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Latest Lime SDR board builds on Raspberry Pi CM3

The open spec, 125 x 65mm LimeNET Micro is Lime’s first fully embedded SDR board, featuring the Raspberry Pi Compute Module 3, MAX 10 FPGA, u-blox GNSS, RF transceiver, Ethernet with PoE, and optional enclosures. UK-based Lime Microsystems has returned to Crowd Supply to launch its first fully autonomous, embedded software defined radio (SDR) platform, and the first to include integrated PoE and GNSS. The successfully funded LimeNET Micro is available through Dec. 6, starting at $269, including the integrated Raspberry Pi Compute Module 3, with shipments due Feb. 25, 2019. Other packages add enclosures and omni-directional antennas. Read more

Kernel: Hwmon and OOMD

  • Hwmon Updates Sent To The Kernel Finally Complete AMD Excavator Temperature Readings
    Following this morning's Linux 4.19 release announcement, one of the first pull requests sent in of feature updates for the next 4.20~5.0 feature cycle is the hardware monitoring "hwmon" updates. The hwmon subsystem updates as usual include the various monitoring driver improvements. Most notable though is including the patch we talked about back in September for finally reporting CPU temperatures for all AMD Excavator CPU cores. That patch didn't end up getting sent in as a "fix" during Linux 4.19 development but is now sent in for this next kernel cycle.
  • Facebook Developing "OOMD" For Out-of-Memory User-Space Linux Daemon
    While the Linux kernel has its own out-of-memory (OOM) killer when system memory becomes over-committed, Facebook developers have been developing their own user-space based solution for handling this situation. [...] Facebook's Daniel Xu will be talking about OOMD at the Open-Source Summit Europe tomorrow in Edinburgh. But if you can't make it there are the slides (PDF) already available. The OOMD project is hosted on GitHub under the GPLv2 license.

GNOME: libxmlb, Glade Support for Builder and Vala

  • libxmlb now a dependency of fwupd and gnome-software
    I’ve just released libxmlb 0.1.3, and merged the branches for fwupd and gnome-software so that it becomes a hard dependency on both projects. A few people have reviewed the libxmlb code, and Mario, Kalev and Robert reviewed the fwupd and gnome-software changes so I’m pretty confident I’ve not broken anything too important — but more testing very welcome.
  • Christian Hergert: Glade Support for Builder
    One of the things we’ve wanted in Builder for a while is a designer. We’ve had various prototypes in the past to see how things would have worked out, and mostly just punted on the idea because it seemed like Glade served users better than we would be able to directly. Last week, Juan Pablo, Matthias Clasen and I met up in San Francisco to see what we could do in the short term. We discussed a couple of options that we have going forward. Integrate glade 3 into Builder using libgladeui. Integrate glade 3 using the external Glade application and use D-Bus to inter-operate. Like all projects, we have some constraints.
  • Daniel Espinosa: Vala state: October 2018
    While I think maintainability could be improved, adding to history commits from contributions, apart from the ones coming from current Maintainer. Actually, there are some lot of commits not in history coming from authors outside current ones. Hope with new GitLab GNOME’s instance, this will reflect the correct situation. Behind scenes, Vala has to improve its code base to adapt to new requirements like to develop a descent Vala Language Server and more IEDs supporting Vala. At least for me, even GEdit is productive enough to produce software in Vala, because the language itself; write a Class, an Interface and implement interfaces, is 10 times faster in Vala than in C. Vala has received lot of improvements in last development cycles, like a new POSIX profile, ABI stability, C Warnings improvements and many other, to be reported in a different article. Look at Vala’s repository history, you will see more “feature” commits than “bindings” ones, contrary to the situation reported by Emmanuel, while should be a good idea to produce a graphic on this, but resent improvements could tell by them self the situation has been improved in recent release cycles. Lets look at repository’s chart. It reports 2000 commits in the last 3 months, 1.1 average per day, from 101 contributions as for October 19, 2018. Me at 10 commits from the last year, so I’m far to be a core contributor, but push ABI stability to be a reality. My main contributions are to communicate Vala advances and status.

today's howtos