LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 01-09-2018, 01:31 AM   #691
Thom1b
Member
 
Registered: Mar 2010
Location: France
Distribution: Slackware
Posts: 224

Rep: Reputation: 177Reputation: 177
bind 9.9 & 9.10: End of life


Hi,

Just to inform:
Quote:
BIND users,

It is time to start making plans to migrate from 9.9 or 9.10 to a more recent version. The end of maintenance is approaching for both the 9.9 and 9.10 branches. We will stop maintaining these branches this summer, in June 2018.

With the imminent release of BIND 9.12, and the new plan to release development versions (e.g. 9.13), we will have three supported branches to choose from by the time we EOL 9.9 and 9.10. To read more about the updated release plan for BIND, see the blog post https://www.isc.org/blogs/bind-relea...ategy-updated/.

BIND 9.11 will be a good choice for many of you, because that is an Extended Support Version. We plan to support 9.11 through 2021. For more extensive advice on which version to choose, see the updated KB article, https://kb.isc.org/article/AA-01540.

Thank you,

Vicky
-------
Product Manager
Internet Systems Consortium
vicky@isc.org
 
2 members found this post helpful.
Old 01-09-2018, 01:12 PM   #692
1337_powerslacker
Member
 
Registered: Nov 2009
Distribution: Slackware64-current
Posts: 664
Blog Entries: 1

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by abga View Post
Intel has some patches already available and deploying (I have hoped that there will be only firmware/microcode stuff):
http://nordic.businessinsider.com/in...eltdown-2018-1
https://newsroom.intel.com/news-rele...rity-exploits/

ARM is developing Whitepapers:
https://developer.arm.com/support/se...the-whitepaper

And AMD is still cooking?
I have an AMD processor (FX-8370) running 4.14.12, and have yet to be affected by Meltdown/Spectre. One can only take appropriate precautions, and after that, then what will happen will happen.
 
2 members found this post helpful.
Old 01-09-2018, 10:13 PM   #693
abga
Member
 
Registered: Jul 2017
Location: EU
Distribution: Slackware
Posts: 727

Rep: Reputation: 407Reputation: 407Reputation: 407Reputation: 407Reputation: 407
Intel
- has just released their first batch of CPU microcode updates, covering 90% of the CPUs manufactured in the last 5 years and until the end of the month they will cover the remaining ones - that's according to Intel's CEO
New microcode archive at Intel:
https://downloadcenter.intel.com/dow...-Data-File?v=t
Intel's CEO speech at CES addressing these microcode patches:
https://www.youtube.com/watch?v=RlJ9zB74G_U
(skip to 1:00:13)

Nvidia
- has apparently found out that their products (graphic cards included) are also affected by Spectre related attacks and issued emergency driver updates (Linux) included
https://nvidia.custhelp.com/app/answ...or-speculative

AMD - still cooking?

@1337_powerslacker - sorry about you, my last AMD processor was a K6


EDIT>
Just wanted to add an interesting review of the performance impact resulted form these SW/HW patches - might be totally irrelevant to Linux as it comes from Redmond, but I learned that the performance impact is minimal on the latest Intel CPUs and starts to be a little more significant with the Haswell architecture...
https://cloudblogs.microsoft.com/mic...ndows-systems/
- skip to the Performance paragraph

Last edited by abga; 01-09-2018 at 11:45 PM. Reason: added perfomance impact study - Redmond
 
4 members found this post helpful.
Old 01-10-2018, 11:43 AM   #694
abga
Member
 
Registered: Jul 2017
Location: EU
Distribution: Slackware
Posts: 727

Rep: Reputation: 407Reputation: 407Reputation: 407Reputation: 407Reputation: 407
Some security good practice lessons that should maybe "ease your pain" in waiting for a fix on your systems:
https://player.vimeo.com/video/148946917
(short and funny security audit on Star Wars)
 
Old 01-10-2018, 12:08 PM   #695
ttk
Member
 
Registered: May 2012
Location: Sebastopol, CA
Distribution: Slackware64
Posts: 740
Blog Entries: 26

Rep: Reputation: 893Reputation: 893Reputation: 893Reputation: 893Reputation: 893Reputation: 893Reputation: 893
Regarding rowhammer, an older vulnerability, I've been contemplating building a kernel patched to add the "nohammer" module -- https://lwn.net/Articles/704926/

There's been some disagreement there on whether this is the right way to go, and the patch hasn't yet been included in mainstream linux, but afaik it's the best software mitigation available. (If anyone knows differently, corrections are welcome!)

One of the arguments against nohammer is that some workloads might trigger spurious DRAM refreshes, slowing processing by rather a lot.

To avoid this, I was thinking of adding support for a process id whitelist denoting processes to refrain from protecting, and adding a pid to that list only when I know the process to be both safe and likely to trigger the performance hit.

The obvious downside to that is that an adversary's payload might include logic which updates the whitelist before exploiting the vulnerability. Still, there are significant cases where the adversary would not be able to do that (for instance, when the exploit is run sandboxed in the browser via js or flash), so it might be worthwhile.

I'm still mulling the pros and cons, so would appreciate thoughts on other approaches to mitigation, nohammer or pid whitelisting.
 
1 members found this post helpful.
Old 01-12-2018, 08:50 AM   #696
abga
Member
 
Registered: Jul 2017
Location: EU
Distribution: Slackware
Posts: 727

Rep: Reputation: 407Reputation: 407Reputation: 407Reputation: 407Reputation: 407
Updates from AMD, finally they admit that they are affected. Check for details:
https://www.amd.com/en/corporate/speculative-execution
 
Old 01-12-2018, 09:18 AM   #697
Darth Vader
Senior Member
 
Registered: May 2008
Location: Romania
Distribution: DARKSTAR Linux 2008.1
Posts: 2,727

Rep: Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231
Quote:
Originally Posted by abga View Post
Updates from AMD, finally they admit that they are affected. Check for details:
https://www.amd.com/en/corporate/speculative-execution
Do that with a grain of salt. They already stated that the AMD processors may be slightly affected by Spectre v2.

Of course, there we talk about their glorious expensive Ryzens and EPYCs.

That's those processors which costs (at least in Eastern Europe) like a second hand car, so I consider that just a "poor rich guys issue", like the caviar price, and I assume that for those richies is nothing to spend another thousands to buy another overpriced shitty processor.

I for one I will prefer to buy the car, eventually...
Attached Thumbnails
Click image for larger version

Name:	Rich-Banker-836x576.jpg
Views:	10
Size:	80.3 KB
ID:	26738  

Last edited by Darth Vader; 01-12-2018 at 09:55 AM.
 
1 members found this post helpful.
Old 01-12-2018, 09:37 AM   #698
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 5,508

Rep: Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255
Quote:
Originally Posted by abga View Post
Updates from AMD, finally they admit that they are affected. Check for details:
https://www.amd.com/en/corporate/speculative-execution
AMD only stated they weren't affected by Meltdown, which they still state. As far as I know, they never said they weren't affected by Spectre. In fact, if you scroll down in your link, it shows their initial release on 3 JAN which lists they are affected by Variant One (Bounds Check Bypass) and Variant Two (Branch Target Injection), which are both Spectre, and that they aren't affected by Variant Three (Rogue Data Cache Load), which is Meltdown.

They still believe it will be hard to exploit Branch Target Injection, but they're still working to fix it with microcode updates and OS patches.
 
2 members found this post helpful.
Old 01-12-2018, 01:04 PM   #699
abga
Member
 
Registered: Jul 2017
Location: EU
Distribution: Slackware
Posts: 727

Rep: Reputation: 407Reputation: 407Reputation: 407Reputation: 407Reputation: 407
Quote:
Originally Posted by bassmadrigal View Post
AMD only stated they weren't affected by Meltdown, which they still state. As far as I know, they never said they weren't affected by Spectre. In fact, if you scroll down in your link, it shows their initial release on 3 JAN which lists they are affected by Variant One (Bounds Check Bypass) and Variant Two (Branch Target Injection), which are both Spectre, and that they aren't affected by Variant Three (Rogue Data Cache Load), which is Meltdown.

They still believe it will be hard to exploit Branch Target Injection, but they're still working to fix it with microcode updates and OS patches.
Thanks for the clarifications, any objective technical information is welcomed.
I was closely following the development of these vulnerabilities and considered them grave enough to update the thread here, always looking for mitigation solutions (responses) and not necessarily to debate what the internal strategic and tactical schemes (on the business level) of these HW manufacturing companies was. I must admit, I was a little sarcastic at times. AFAIK, before the very well crafted and vague first update on 3 Jan, that you referenced, they were in "denial".
https://en.wikipedia.org/wiki/Meltdo...ected_hardware
http://www.zdnet.com/article/amd-pro...-have-thought/
https://en.wikipedia.org/wiki/Spectr...bility)#Impact
+ google the other details on the development
 
1 members found this post helpful.
Old 01-12-2018, 01:53 PM   #700
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 5,508

Rep: Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255
Quote:
Originally Posted by abga View Post
AFAIK, before the very well crafted and vague first update on 3 Jan, that you referenced, they were in "denial".
The first big thing was when AMD sent a patch to disable Page Table Isolation (PTI) on AMD processors stating they were not affected, but PTI is only related to Meltdown. This is the only "denial" that I'm aware of, and most in the industry agree that AMD is not affected by Meltdown. As far as I know, they've never stated they weren't vulnerable to Spectre and their first official announcement is at the bottom of that link you provided.

I think the confusion arises from the fact that two different, but similar, exploits were made public around the same time. There was a "leak" prior to the official disclosure of Meltdown and Spectre due to the PTI updates in the kernel, which prompted a bunch of speculation on what PTI was supposed to fix. I'm sure the line between Spectre and Meltdown was only known to a few at the time and wasn't publicly available, so once more details came out, people thought they were one and the same. AMD's patch was only related to Meltdown, but I think some took it to mean that AMD said they weren't affected by both Meltdown and Spectre, which was not the case.

According to the Spectre Wikipedia page, all vendors were made aware of the vulnerabilities on 1 June 2017, so I doubt AMD was in denial over it (but without knowing their internal dialog, it's impossible to know for sure).

Last edited by bassmadrigal; 01-12-2018 at 01:55 PM.
 
3 members found this post helpful.
Old 01-12-2018, 03:22 PM   #701
abga
Member
 
Registered: Jul 2017
Location: EU
Distribution: Slackware
Posts: 727

Rep: Reputation: 407Reputation: 407Reputation: 407Reputation: 407Reputation: 407
Quote:
Originally Posted by bassmadrigal View Post
As far as I know, they've never stated they weren't vulnerable to Spectre and their first official announcement is at the bottom of that link you provided.
But they didn't accept it either. Exactly that's why I put "" for the denial. And if you go word by word in their update on 03/01/2018, You won't find a single word denoting acceptance, but only in the "Response Matrix" table you'll get the "Resolved"

Quote:
Originally Posted by bassmadrigal View Post
I think the confusion arises from the fact ...
I remember we discussed on this subject, where I was generally speaking about the speculative execution engines and you were stating that AMD is not affected (but they were not affected by the Meltdown only):
https://www.linuxquestions.org/quest...ml#post5801665
And some posts later I (tried) cleared out the confusion:
https://www.linuxquestions.org/quest...ml#post5801910

But let's focus on the mitigations on Slackware here, for me they're all the same, at least Intel & ARM (the other 2 major CPU manufacturers) had a more direct, apologetic and committing to resolve the issues approach (public statements).
 
Old 01-12-2018, 03:27 PM   #702
Darth Vader
Senior Member
 
Registered: May 2008
Location: Romania
Distribution: DARKSTAR Linux 2008.1
Posts: 2,727

Rep: Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231
Was discussed that they are not affected by Meltdown, same statement made AMD itself.

In other hand, I understand your own "denial" when you figured out that you payed at least double for some pieces of crap, err... Intel CPUs, so secure that permit "rooting from web browser".

Last edited by Darth Vader; 01-12-2018 at 03:52 PM.
 
Old 01-12-2018, 03:45 PM   #703
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 5,508

Rep: Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255Reputation: 3255
Quote:
Originally Posted by abga View Post
But they didn't accept it either. Exactly that's why I put "" for the denial. And if you go word by word in their update on 03/01/2018, You won't find a single word denoting acceptance, but only in the "Response Matrix" table you'll get the "Resolved"
Do they need to flat out say, verbatim "we're vulnerable" to not be "denying" they're vulnerable? The table lists 3 variants and they stated that they weren't affected by Variant 3. Isn't that enough stating they see Variants 1 and 2 as an issue for their products?

Quote:
Originally Posted by abga View Post
I remember we discussed on this subject, where I was generally speaking about the speculative execution engines and you were stating that AMD is not affected (but they were not affected by the Meltdown only):
https://www.linuxquestions.org/quest...ml#post5801665
And some posts later I (tried) cleared out the confusion:
https://www.linuxquestions.org/quest...ml#post5801910
Yes, as I said above, there was a lot of confusion early on, me included.

Quote:
Originally Posted by abga View Post
But let's focus on the mitigations on Slackware here, for me they're all the same, at least Intel & ARM (the other 2 major CPU manufacturers) had a more direct, apologetic and committing to resolve the issues approach (public statements).
Just because AMD hasn't apologized doesn't mean they're denying their processors are affected. I'm sorry they weren't direct enough to your liking, but when I first read that page, I saw that AMD expected my processor was affected by Variant 1 and to a much lesser degree Variant 2. So, to me, their page did what it was supposed to and notified me that my processor is vulnerable. They further clarified their info on Variant 2 in the 22 JAN update, "While we believe that AMD’s processor architectures make it difficult to exploit Variant 2, we continue to work closely with the industry on this threat." So, they still don't think Variant 2 is something to worry about on their processors, but they're still working to correct the issue.

But yes, maybe we should just get back to talking about Slackware and not how companies handle their press releases...
 
3 members found this post helpful.
Old 01-12-2018, 05:35 PM   #704
abga
Member
 
Registered: Jul 2017
Location: EU
Distribution: Slackware
Posts: 727

Rep: Reputation: 407Reputation: 407Reputation: 407Reputation: 407Reputation: 407
This might be of interest for the ones (very) active on some threads here on the Slackware Forum discussing the update of CPU microcode on Intel processors:
https://newsroom.intel.com/news/inte...reboot-issues/
 
2 members found this post helpful.
Old 01-15-2018, 06:00 AM   #705
abga
Member
 
Registered: Jul 2017
Location: EU
Distribution: Slackware
Posts: 727

Rep: Reputation: 407Reputation: 407Reputation: 407Reputation: 407Reputation: 407
More good news about Intel, this time it's about AMT and I'm wondering if there's a way to flash that firmware from within Slackware, or do I need to boot a Redmond. Maybe I'll take the hard decision on this occasion and disable it for good.

https://press.f-secure.com/2018/01/1...orate-laptops/
 
  


Reply

Tags
exploit, security, slackware


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[Slackware Security]: Some pending vulnerabilities... mancha Slackware 7 08-22-2013 10:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 07:06 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration