Patching is a somewhat different issue. I don't know how things will be patched but I do know that it won't require patching every EXE and ELF. That's because non-malicious EXEs and ELFs are not a problem. I think the patching will be in the kernel, but I'm not sure how you stop the potentially malicious behavior. One possibility may be to not patch anything but to add another layer of behavior-based defense. That would be a relatively simple monitoring program (probably added to the kernel) that would monitor for particular bad behavior by user mode EXEs or ELFs. The reason why behavior-based defense may be possible is that side channel attacks exhibit very distinct repetitive behavior they must repeat millions of times to execute an attack.
Then the first job of an attacking program would be to try to kill the monitor. But that's an arms race that is familiar to antivirus people. Perhaps antivirus vendors will add the capability, or perhaps the OS vendors or open source Linux kernel people will have to do it. Ultimately the chip vendors will have to fix it.
[[Linux users tend to be more aware of what they are doing.]]
Ha- not me lol- I’m oblivious mostly-
[[or perhaps the OS vendors or open source Linux kernel people will have to do it.]]
That would indicate that we’ll need both an intel patch and os patch? The intel one I believe is what will ‘slow machines down’ some suggest by a possible 50%? (I’ve read anywhere between 5% and 50%)
Ugggh- what a mess-
[[ I think the patching will be in the kernel, but I’m not sure how you stop the potentially malicious behavior]]
I’m Gonna have to watch the linux blogs to see what they are saying about this- I’m wondering that if linux comes up with a patch, if that might be all that is necessary, foregoing the intel patch, if I use only linux for all itnernet activity (although i do dual boot- and use windows 7- but try to not to go online with windows - and only to known good sites only when I do-
[[ think the patching will be in the kernel, but I’m not sure how you stop the potentially malicious behavior.]]
I don’t know much about these things, but it would seem there should be a way to alert whenever an exe or elf is about to execute? But i suppose malicious code attempts to bypass the alerts? Would be nice if there was a fool proof way to prevent all EXE’s and EFL’s from executing without explicit permission from computer owner-
I dropped windows as my online os awhile back because I was always getting redirected when doing searches online and getting sent to malicious sites or compromised sites- and just got sick of always having to secure the os just to be online- now this has happened- and it’s sad hat it’s intel related, not just os related- that changes the game- now even linux may not be as safe as it was-
It’s a shame that people have to ruin other people’s online experiences like with this exploit- We all went for a good many years basically able to enjoy online activities without too much concern, but now we’ve got to deal with it and will be affected by it-