New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Latest from CloudLinux -
[SECURITY] [DSA 4078-1] linux security update
Been praying providers get wise to SEV on AMDs new Eypc processors and provide it... Hope providers don't remain fan boys to Intel for some unknown reason and adopt ryzen pro and Eypc on droves. Also this is exactly what happens when you put all your eggs into one basket. AMD can finally compete with their new ryzen pro and eypc processors. IMO they deserve support for the industry so that the industry doesn't have a potato famine on their hands...
I am happy to test eypc when it actually has vendor support, but from what i have read it really does not perform well at all in virtualization, I will test it through when possible.
True the individual pay out is small but the point of a class action is also to punish the corporations that are too big for individuals to go after as resources and return would be minimal. For example the lawsuit will cost you 100k in lawyer fees and all you get is a refund on a $1k processor. Obviously that makes no sense and large corporations are well aware of that. Don't write off the value of class action suits in protecting consumers. Intel knew about This for almost a year now wtf have they done about it thus far?
Just one single arm processor. It'll be fine
CentOS 6 patches are now out.
That is all nice and dandy and i personally was always a fan of the little guys, from cyrix and centaurhauls to amd, half and half in my laptops I use (not collectibles).
However, what if this would have been an AMD flaw? Everyone would have cried, ha, you saved a few bucks risking customer's data, reboots and performance drops...
As someone said, nobody is fired for hosting with AWS...
That being said, there is a place for AMD in the market, they are in no way close to bankrupcy to do mercy buying from them, or to cover our asses for the case Intel remains the only choice (even so, ARM CAN get out an x86 version and wont have to support the heaviest stones intel has attached to it's throat if they want to), also many other chip makers can make cheap cpus or buyout a fab and technician, it is not that impossible as intel tries to make it look like.
Bottom of line, Intel will pay the price for trying to keep it secret but anyone thought they might have been forced to? What if 3 letters agencies have tools out there for a decade or more to "audit" your encrypted devices? Intel may have lucrative contracts in places and the "terrorist" laws are able to not only force them to do it, but also gag them so they cant say shit. What else is there to provide such a backdoor? If not now, it will be, waiting for cheap chinese CPUs. And a virtualization OS layer which will translate everything, i.e. an x86 emulator on top of an ARM running on a read-only fs :P It can be done now, in the future will be faster.
I am happy to test eypc when it actually has vendor support, but from what i have read it really does not perform well at all in virtualization, I will test it through when possible.
Going with the first version of (almost) anything isn't advised, I'd wait for the next iteration of epyc.
Fixed in Debian 9 now.
Epyc is also affected by two of three variants.
About these issues being "somewhat known" for a longer time... have a look at https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/ and especially the final "Pandoras Box" paragraph if you don't feel like reading the whole thing. And take note of the date, of course.
Some additional information from google:
https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html
https://support.google.com/faqs/answer/7625886
I tried to test this on my poor 1600, but it seems to apply to epyc-only (800f12).
Very curious to know more about the extent to which branch prediction has been disabled and its performance implications.
seems this will enable auto detection of
ptiso AMD user wouldnt enforce to opt-in
https://lkml.org/lkml/2017/12/27/2
Windows 10 patches are now out, KB4056892 is what you want.
Firefox patches are now out, 57.0.4 has the fix.
Start updating if you haven't.
I'm sure Samsung will update my phone whenever they release their Oreo update, about a month before they release the next phone :P
Sounds like Serbian surname
Highly relevant... But, wait, what if has a muslim background from bosnia? Gee, trump was right to kick all immigrants and give back america to americans.
Such a badass. He even tried to fund Trump's campaign.
We need more heros like POTUS!
Interesting update from Linode joining forces with other cloud providers https://blog.linode.com/2018/01/03/cpu-vulnerabilities-meltdown-spectre/
Yep and these US companies will not hire Slavic programmers or staff (Serbian, Russian, Ukrainian, etc). We are nothing but trouble
I find it interesting how the leftish slant have completely vilified the whole area since their scary wicked witch lost.
Aw, man...
cpu0: Intel(R) Celeron(R) M processor 1.50GHz ("GenuineIntel" 686-class) 1.51 GHztldr does KVM affected ?
KVM runs ontop of a generic operating system, so if the main operating system hasn't been updated I'd imagine so.
Incorrect sir. They are affected by one of the 3 and that's only under a very specific setup.
https://www.amd.com/en/corporate/speculative-execution
Intel's attempts to make the pubic believe AMD is also affected have worked well i see.
It is affected, if it was only that and only on amd all intel fanboy would have been up in arms like it is the end of the world and everyone should take heed and only buy quality products from reputable companies.
Your view is highly simplistic and you don't give enough credit to the development of advanced modern processors or Intel's attempts and keeping a monopoly. We're all well aware of their previous anti trust actions and how little they've advanced the processor industry when they have been the only player.
4core i7s and Xeon have been the standard. So has lack of server memory virtualization encryption (AMDs the first now). Or x86-64bit (AMD was the first). Not to mention the 5% performance gains Intel has drop fed the market the past 9 years. So you can say it's not necessary but all i have to do is look at the past actions of Intel to see what happens when providers and individuals don't feel the need to even give the only other player in the industry a shot. 99.4% of data centers are Intel and now 99.4% Of the industry is affected with this issue even after paying a premium for basic processors. If it's soooo easy to enter the industry why have there only been 2 players for over 20 years now?
You don't give enough credit to the massive amount of testing and development that's gone into it. Your just being lazy by not taking on a single system to test then implement across the board. It's responses like this remind me the industry brought upon their own single provider failure.