Language Selection

English French German Italian Portuguese Spanish

Hardware Security Fiasco: The Latest

Filed under
Hardware
Security
  • Windows 10 Cumulative Update KB4056892 (Meltdown & Spectre Fix) Fails to Install

    Microsoft rolled out Windows 10 cumulative update KB4056892 yesterday as an emergency patch for systems running the Fall Creators Update in an attempt to fix the Meltdown and Spectre bugs affecting Intel, AMD, and ARM processors manufactured in the last two decades.

    But as it turns out, instead of fixing the two security vulnerabilities on some computers, the cumulative update actually breaks them down, with several users complaining that their systems were rendered useless after attempting to install KB4056892.

    Our readers pointed me to three different Microsoft Community threads (1, 2, 3) where users reported cumulative update KB4056892 issues, and in every case the problem appears to be exactly the same: AMD systems end up with a boot error before trying a rollback and failing with error 0x800f0845.

  • Linus Torvalds says Intel needs to admit it has issues with CPUs

    Linux creator Linus Torvalds has had some harsh words for Intel in the course of a discussion about patches for two [sic] bugs that were found to affect most of the company's processors.

  • We translated Intel's crap attempt to spin its way out of CPU security bug PR nightmare

    In the wake of The Register's report on Tuesday about the vulnerabilities affecting Intel chips, Chipzilla on Wednesday issued a press release to address the problems disclosed by Google's security researchers that afternoon.

    To help put Intel's claims into context, we've annotated the text. Bold is Intel's spin.

  • When F00F bug hit 20 years ago, Intel reacted the same way

    A little more than 20 years ago, Intel faced a problem with its processors, though it was not as big an issue as compared to the speculative execution bugs that were revealed this week.

  • Meltdown, Spectre and the Future of Secure Hardware

    Meltdown and Spectre are two different—but equally nasty—exploits in hardware. They are local, read-only exploits not known to corrupt, delete, nor modify data. For local single user laptops, such as Librem laptops, this is not as large of a threat as on shared servers—where a user on one virtual machine could access another user’s data on a separate virtual machine.

    As we have stated numerous times, security is a game of depth. To exploit any given layer, you go to a lower layer and you have access to everything higher in the stack.

  • KPTI — the new kernel feature to mitigate “meltdown”
  • Astounding coincidence: Intel's CEO liquidated all the stock he was legally permitted to sell after learning of catastrophic processor flaws
  • Intel CEO sold all the stock he could after Intel learned of security bug

     

    While an Intel spokesperson told CBS Marketwatch reporter Jeremy Owens that the trades were "unrelated" to the security revelations, and Intel financial filings showed that the stock sales were previously scheduled, Krzanich scheduled those sales on October 30. That's a full five months after researchers informed Intel of the vulnerabilities. And Intel has offered no further explanation of why Krzanich abruptly sold off all the stock he was permitted to.

CentOS Linux Receives

  • CentOS Linux Receives Security Updates Against Meltdown and Spectre Exploits

    Free Red Hat clone CentOS Linux has received an important kernel security update that patches the Meltdown and Spectre exploits affecting billions of devices powered by modern processors.

  • Ubuntu will fix Meltdown and Spectre by January 9th

    Ubuntu, perhaps the most popular Linux distribution, on the desktop, which has multitudes of other distributions depending on it to send out security updates, has announced that it will update the kernels of all supported releases in order to mitigate the newly publicly disclosed Meltdown and Spectre vulnerabilities, by January 9th.

  • Check This List to See If You’re Still Vulnerable to Meltdown and Spectre [Updated]

    Security researchers revealed disastrous flaws in processors manufactured by Intel and other companies this week. The vulnerabilities, which were discovered by Google’s Project Zero and nicknamed Meltdown and Spectre, can cause data to leak from kernel memory—which is really not ideal since the kernel is central to operating systems and handles a bunch of sensitive processes.

    Intel says that it’s working to update all of the processors it has introduced in the last few years. “By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years,” the company said in a statement today.

  • Meltdown and Spectre CPU Flaws Expose Modern Systems to Risk

    After a rollercoaster day of speculation on Jan. 3 about a severe Intel chip flaw, Google's Project Zero research team revealed later that same day details about the CPU vulnerabilities.

    The CPU flaws have been branded as Meltdown and Spectre and have widespread impact across different silicon, operating system, browser and cloud vendors. The Meltdown flaw, identified as CVE-2017-5754, affects Intel CPUs. Spectre, known as CVE-2017-5753 and CVE-2017-5715, impacts all modern processors, including ones from Intel, Advanced Micro Devices and ARM.

  • Major Intel Kernel flaw may impact performance across Linux, Windows and Mac OS

    New reports have surfaced suggesting that there might be a major security flaw with Intel processors launched in the last decade. The harsh part is that patching the issue might slow down the performance of the CPU by up to 30 percent. Intel hasn't put out an official statement yet, but Linux Kernel patches are being pushed out to all users.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Kate/KTextEditor Picks Up Many Improvements To Enhance KDE Text Editing

Even with KDE's annual Akademy conference happening this past week in Vienna, KDE development has been going strong especially on the usability front. The Kate text editor and the KTextEditor component within KDE Frameworks 5 have been the largest benefactors of recent improvements. This KDE text editing code now has support for disabling syntax highlighting entirely if preferred. When using syntax highlighting, there have been many KTextEditor enhancements to improve the experience as well as improvements to the highlighting for a variety of languages from JavaScript to YAML to AppArmor files. Read more

KStars v2.9.8 released

KStars 2.9.8 is released for Windows, MacOS, and Linux. It is a hotfix release that contains bug fixes and stability improvements over the last release. Read more Also: KDE Itinerary - How did we get here?

today's leftovers and howtos

  • Project curl governance
    Over time, we've slowly been adjusting the curl project and its documentation so that we might at some point actually qualify to the CII open source Best Practices at silver level. We qualified at the base level a while ago as one of the first projects which did that. Recently, one of those issues we fixed was documenting the governance of the curl project. How exactly the curl project is run, what the key roles are and how decisions are made. That document is now in our git repo.
  • How to install OwnCloud 10 on CentOS 7 and RHEL 7
  • How to Get Google Camera Port for Asus ZenFone Max Pro M1
  • How to check your CentOS Version
  • 5 Practical Examples of chgrp command in Linux
  • Trinity Desktop R14.0.5 Brings Modern Compiler Support and Security Fixes
    Trinity Desktop, the Linux desktop environment which is forked from KDE 3, has just released an update bringing Trinity Desktop to version R14.0.5. Because Trinity Desktop is a “traditional desktop” based on KDE 3 and focuses on function rather than a lot of special effects, its benefits are typically things like increased battery life on laptops, and just overall efficiency for the user.
  • This week in Usability & Productivity, part 32
    I’m back from Akademy, and I can’t wait to share some of the cool stuff that happened there over the past week. I’m going to post the video of my talk as soon as it’s up. But first, I know what you’re all really waiting for: this week’s Usability & Productivity update. Though we were all quite busy, somehow everyone managed to accomplish an enormous amount of work, too!
  • Reminder: Shotwell Facebook publishing no longer working
    As announced earlier, since August 1st, 2018 Shotwell cannot publish to Facebook any more. The API that Shotwell used for that was removed and it is currently not clear to me how developers that do not use Android, iOS or Facebook’s web SDKs should provide similar functionality.
  • Gentoo on Integricloud
    Integricloud gave me access to their infrastructure to track some issues on ppc64 and ppc64le. Since some of the issues are related to the compilers, I obviously installed Gentoo on it and in the process I started to fix some issues with catalyst to get a working install media, but that’s for another blogpost. Today I’m just giving a walk-through on how to get a ppc64le (and ppc64 soon) VM up and running.
  • Industrial Mini-ITX board pumps up with Coffee Lake
    Commell’s “LV-67X” Mini-ITX board runs on 8th Gen “Coffee Lake” processors, with up to 32GB DDR4, 3x SATA, triple 4K displays, USB 3.1, and PCIe x16 and mini-PCIe expansion. The LV-67X, which shares some of the layout and feature set of its Intel Apollo Lake based LV-67U board, is the first industrial Mini-ITX board we’ve seen with Intel’s 8th Gen Coffee Lake CPUs. (Going forward, we’ll likely use the caffeinated nickname rather than “8th Gen” because Intel also applies the 8th Gen tag to the transitional and similarly 14nm Kaby Lake-G chips as well as the new, 10nm Cannon Lake processors.)
  • Unofficial OpenGApps for Android Pie 9.0 Released for ARM and ARM64 Platforms

Red Hat and Fedora News