GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Thank you, hazel, first for your clarifying reply and most of all for this thread since after my initial response I searched around and found out about Spectre and Meltdown. It is my understanding that while Spectre may do less damage it is harder to fix. I still wonder if the MCE and associated garbage has anything to do with why Intel is affected the worst. I also read that those of you who have OEM machines can get firmware updates but those of us who build our own are in something of a "holding pattern". Too bad Intel doesn't just release the fixes as downloadable microcode. I suppose we will see.
BTW it really isn't particularly dangerous to update a bios these days. There are lots of safeguards built in. The main thing it takes is just patience and reasonable preparation. I prefer having the update on a USB stick even though many machines can download it directly but updating has become rather trivial really.
Edit: I just discovered that a bug officially reported in May of 2016 noted that the ME (Management Engine, to which I referred earlier) can be remotely exploited to elevate privilege so it may indeed have an impact of risk level for Intel CPUs.
I suppose the backports will eventually encompass the other branches. LFS 8.1 normally uses 4.12, so I've gone backwards! However Crux uses 4.9. Now that I've got a working patched kernel, I'll copy it and its modules over to Crux too. For Debian, I'll have to rely on the distro devs providing a new kernel. You don't usually have to wait long with Debian, not if its a security matter.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
As I read it the patches are necessary because there is a potential exploit, but the seriousness of that exploit and the ease, or not, of its use have not been determined.
I did read on The Register that Intel chips may run between 10 and 20 percent slower once the patch has been applied but it seems this may not be true for desktop machines.
What a colleague and I were discussing earlier was whether things like Amazon Cloud will lose 10 percent processing power -- that's surely a good number of servers and accounts?
Current experiments suggest that the slowing down is mainly in applications that use a lot of kernel calls, such as database software. PostgreSQL is especially badly affected. Code that executes mainly in userspace is not badly slowed down. That LFS mailing list post that I referenced earlier in this thread includes the results of some timing trials.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
My colleague and I did also speculate that this may account, in some way, for Intel being "faster" than AMD getting more done per clock cycle and the like becuase they didn't consider the risk in some optimisations.
OK, so I am a bit of a fan of the (AMD) underdog but I hope my point about hosted services being devalued still holds.
My colleague and I did also speculate that this may account, in some way, for Intel being "faster" than AMD getting more done per clock cycle and the like becuase they didn't consider the risk in some optimisations.
You're certainly not the only ones thinking that...
However AMD (and ARM) are affected by the 2 of the 3 CVEs. So AMD isn't a complete solution to this.
I wonder if questions will also be asked about Intel's CEO selling something like half his stock (retaining only the minimum requirement) in late December.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by cynwulf
You're certainly not the only ones thinking that...
However AMD (and ARM) are affected by the 2 of the 3 CVEs. So AMD isn't a complete solution to this.
I wonder if questions will also be asked about Intel's CEO selling something like half his stock (retaining only the minimum requirement) in late December.
As it happens I have only just read that it's definitely not just Intel in the last couple of hours but I do still wonder whether AMD missing this "speculative execution" could be part of their lead, since they're still the ones definitely affected.
I'd not read about the Intel CEO but I suspect that it will be found that "...he .. had no idea ..." and it is just coincidence.
It's important to realise that there are three separate CVEs (The Google Project Zero papers linked to in the other threads give more details). Two of the three affect most CPUs from various vendors. One, the more serious, but easier to mitigate, seems to only affect Intel thus far.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.