Language Selection

English French German Italian Portuguese Spanish

The inventor of Linux is furious at Intel

Filed under
Security

Linux inventor and founder Linus Torvalds is not known for holding back strong opinions he has about computers, which is why he's become one of the loudest voices critical of Intel's handling of the so-called Meltdown bug, which was revealed on Wednesday and could enable an attacker to steal confidential information, including passwords.

"I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed," Torvalds wrote in a sharply-worded email sent on to a Linux list on Wednesday.

Read more

Also: SUSE Responds to Meltdown and Spectre CPU Vulnerabilities in SLE and openSUSE

Debian, SUSE, Canonical

Red Hat

  • Red Hat responds to the Intel processor flaw

    These problems seem to have come about as a result of "speculative execution" -- an optimization technique that involves doing work before it is known whether that work will be needed. Correcting the vulnerabilities, therefore, comes at a performance price. More information on this tradeoff is available from this Red Hat post. Patches could slow down systems by as much as 30% -- a hit that most users are likely to feel. However, the specific performance impact will be workload dependent. To address Spectre in the short term, Red Hat has modified the kernel by default to not use the performance features that enable the vulnerability. Their customers do have the option to disable the patch and use the performance features. While Red Hat is working with chip manufacturers and OEMs on a longer-term solution, this option gives customers a way to make their own security and performance decisions

  • Red Hat, tech giants move to counter major security flaws Meltdown, Spectre

    Computer security experts have discovered two major security flaws in the microprocessors inside nearly all of the world’s computers.

    The two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers, servers running in so-called cloud computer networks.

  • Speculative Execution Exploit Performance Impacts - Describing the performance impacts to security patches for CVE-2017-5754 CVE-2017-5753 and CVE-2017-5715

    The recent speculative execution CVEs address three potential attacks across a wide variety of architectures and hardware platforms, each requiring slightly different fixes. In many cases, these fixes also require microcode updates from the hardware vendors. Red Hat has delivered updated Red Hat Enterprise Linux kernels that focus on securing customer deployments. The nature of these vulnerabilities and their fixes introduces the possibility of reduced performance on patched systems. The performance impact depends on the hardware and the applications in place.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Arm Launches Mbed Linux and Extends Pelion IoT Service

Politics and international relations may be fraught with acrimony these days, but the tech world seems a bit friendlier of late. Last week Microsoft joined the Open Invention Network and agreed to grant a royalty-free, unrestricted license of its 60,000-patent portfolio to other OIN members, thereby enabling Android and Linux device manufacturers to avoid exorbitant patent payments. This week, Arm and Intel kept up the happy talk by agreeing to a partnership involving IoT device provisioning. Arm’s recently announced Pelion IoT Platform will align with Intel’s Secure Device Onboard (SDO) provisioning technology to make it easier for IoT vendors and customers to onboard both x86 and Arm-based devices using a common Peleon platform. Arm also announced Pelion related partnerships with myDevices and Arduino (see farther below). Read more

Programming: Version Control With Git, 5 Things Your Team Should Do to Make Pull Requests Less Painful and More GitHub Workflow Automation

  • How to Use Git Version Control System in Linux [Comprehensive Guide]
    Version Control (revision control or source control) is a way of recording changes to a file or collection of files over time so that you can recall specific versions later. A version control system (or VCS in short) is a tool that records changes to files on a filesystem. There are many version control systems out there, but Git is currently the most popular and frequently used, especially for source code management. Version control can actually be used for nearly any type of file on a computer, not only source code.
  • 5 Things Your Team Should Do to Make Pull Requests Less Painful
    A user story is a short description of a unit of work that needs doing. It’s normally told from the perspective of the user, hence the name. The journey towards a good pull request starts with a well-written user story. It should be scoped to a single thing that a user can do in the system being built.
  • More GitHub workflow automation
    The more you use computers, the more you see the potentials for automating everything. Who doesn't love that? By building Mergify those last months, we've decided it was time bring more automation to the development workflow.

today's howtos

Games: Cultist Simulator, Planetary Annihilation: TITANS, CrossOver 18, Updated Proton 3.16 Beta, Descenders, Bridge Constructor Portal, Train Valley 2, Sipho