[markomalley]

Bottom line: there are vulnerabilities that are hard-wired into the actual hardware of the computers. This impacts everybody -- Apple, Windows, Linux, Android, IOS, everything.

They are working on patches at the OS level to mitigate these vulnerabilities, but they won't be perfect fixes, just mitigations...and those mitigations are going to slow down your computers, phones, etc.

The only real fix will be for the CPU manufacturers to re-do the actual architecture of the chips themselves. And that will take time and will require your hardware to be updated with the new CPU chips.

[jennychase]

At this very moment, I am running fix on servers and VMs. Monitoring Azure, Microsoft had just started fix.

[butlerweave]

It’s only Intel

[smokingfrog]

I guess it’s a good thing I’m still using my TI-99 4/A, then?

[SoCal Pubbie]

I guess my old G5 is safe. No Intel processor.

[Mark]

I thought we could just wipe the computer with a cloth.

[Bryanw92]

>>The only real fix will be for the CPU manufacturers to re-do the actual architecture of the chips themselves. And that will take time and will require your hardware to be updated with the new CPU chips.

PCs have reached the point where they last a long time and you really don’t need to upgrade or replace them until they break unless you are a top-tier gamer. So, all the manufacturers suddenly “discover” something that requires everyone to buy a new PC.

What do you bet that the “new” CPUs will include all kinds of backdoors for the data mining companies to actually do what these two “bugs” claim to do?

So, what’s the end-game? Simple. The 2016 election showed our masters that the internet is a nuclear weapon in the hands of the unwashed masses. They want to drive us away from it and back into the well-controlled streams of information that they count on to control us.

[gibsonguy]

Anyone know if Apple A9’s processor is vulnerable?

[datricker]

This really really really is crappy. Bah so bad. RiscOS anyone - we are two years away from being frightened to use a machine. This has been bumming me out all day.

[bitt]

p

[HonkyTonkMan]

How long before Intel announces a $29 CPU replacement program?

[blu]

For Sale- 100 rolls Charmin, 18 yrs old, still dry and clean.

4 five-gallon buckets of red wheat, never opened but did provide my dearly departed hubby with plenty of laughs -18 yrs old, but label says it will be the last food source for the cockroaches.

Pink port-a-jon-excellent working condition. Age unknown, but it make a good gun safe (c’mon, what self respecting bad guy would even touch a pink shitter?), works better than my boat for gun storage ,darn it all.

Prices are negotiable, maybe we should conduct the sale via snail mail?

[Paladin2]

Will my air gapped AMD’s DX4-100 be OK?

[snarkpup]

AMD's response:

An Update on AMD Processor Security

[mrsmith]

A new kernel seems like a good idea.
As Jefferson might put it: “Every generation needs a new kernal.”

[crusher2013]

Is this actually a dangerous exploit or is it hype?

How would you actually use this flaw to access sensitive data.

Would you need access as admin or root to install something or is just getting someone to click on a hyperlink enough to compromise your system.

The article is completely silent in this area.

[Bobalu]

Back in the day I programmed a piece of code that could change MS system files while the OS was running....on disk and in memory.

I published the code on a usenet group but made it so the demo only could change a program that was running on a floppy.

The point was made though and the method was quickly patched.

I came up with the code while playing at making tiny OS’s in assembler.... and making altered BIOS chip code.

Most of the makings of a tiny OS were already there as routines in the BIOS chip. It was easy to make a tiny OS.
I made several industrial controllers out of motherboards running a tiny OS. One was a cool programmable az-el rotor controller for a large satellite dish...it would rotate the dish and also decode the morse ID that some sats sent out on an audio subcarrier. The rotor could track sats in polar orbit that moved around.

Old code I wrote for creating self-modifying programs and program generators is still in use today, two decades later.

Programming is easy for people that have OCD (like me) as the very idea that a bug might exist makes us pull our hair out...so we are very thorough.

[Swordmaker]

Another thread on the processor vulnerabilities, but this one is a bit more informative. The two vulnerabilities are "Meltdown" which affects the Intel line of processors made in the last decade, and "Spectre" which targets AMD and ARM processors.

For Apple users, the important take away for "Meltdown" is that Apple has already closed that Intel vulnerability door on December 6, 2017. The takeaway for the "Spectre" vulnerability is that it requires not only physical access to an Apple iPhone/IPad, but the user's passcode to be able to install malware onto the device. I quote from the description of the Spectre vulnerability potential to be exploited:

"In order to exploit the flaw the "attacker gains physical access by manually updating the platform with a malicious firmware image through flash programmer physically connected to the platform’s flash memory. "

This means that neither "Meltdown" or "Spectre" is a threat to Apple users at this time. — PING!

Thanks to Chgogal for the ping!

Apple Not Vulnerability to "Meltdown" and "Spectre" Malware
Ping!

The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.

If you want on or off the Mac Ping List, Freepmail me

[GOPJ]

Those of us who were putting off buying a new computer... what’s your best guess on when new computers will have the fixed chip?

[AllAmericanGirl44]

Bkmk

[ShadowAce]