Originally posted by flower
View Post
Announcement
Collapse
No announcement yet.
A Global Switch To Kill Linux's CPU Spectre/Meltdown Workarounds?
Collapse
X
-
- Likes 2
-
Originally posted by F.Ultra View Post
Dualboot into what? And no my kids do not have access to my data either, they logon using their own account which is exactly why mitigations for things like this matters also for the normal end user. I hope you see that having kids running data on a separate account is basically the same as Amazon running other peoples code on their cloud and thus suspect to all the spectre variants.
so your data is not at risk
(i use physicalle seperated machines for work and gaming though)
Comment
-
Originally posted by flower View Post
if you use full disk encryption and the disks are not mounted no spectre vuln is able to get access to them.
so your data is not at risk
(i use physicalle seperated machines for work and gaming though)
Note that the argument so far have not been "I personally should be able to disable these under my specific conditions" and instead where "every single end-user should disable them". And it's from that angle my counterpoints comes from, that you specifically can disable them and suffer nothing is of no question what so ever, it's your general advice that is under scrutiny.
- Likes 1
Comment
-
Originally posted by F.Ultra View Post
So everyone should now buy separate drives for every family member when they can instead just not disable the mitigations?
Note that the argument so far have not been "I personally should be able to disable these under my specific conditions" and instead where "every single end-user should disable them". And it's from that angle my counterpoints comes from, that you specifically can disable them and suffer nothing is of no question what so ever, it's your general advice that is under scrutiny.
in MY opinion it is never a good idea to run untrusted code on a machine with important data - even before spectre. we just dont know what kind of vulns exists and are not public.
full disk encryption and dual boot is just a cheap way to seperate gaming from important stuff.
Comment
-
Originally posted by flower View Post
if you use full disk encryption and the disks are not mounted no spectre vuln is able to get access to them.
so your data is not at risk
(i use physicalle seperated machines for work and gaming though)
Comment
-
Originally posted by cybertraveler View Post
You're going to mount them at some point right? If you're not using a TPM or similar, then those keys are going to be in system memory.
dualboot is important in that case because it might(!) be easy to get root and replace some system-binaries with nasty ones.
it also depends on your security profile. i ONLY care about my important data. i dont want it to leak or be tampered with.
Comment
-
Originally posted by F.Ultra View Post
So everyone should now buy separate drives for every family member when they can instead just not disable the mitigations?
Note that the argument so far have not been "I personally should be able to disable these under my specific conditions" and instead where "every single end-user should disable them". And it's from that angle my counterpoints comes from, that you specifically can disable them and suffer nothing is of no question what so ever, it's your general advice that is under scrutiny.
I support giving users the option to disable these features if they want to, but I advocate that novice users (typical home users and gamers) do not disable these features unless they know what they are doing and are aware of the risks and the benefits. Computer security is a big deal and is becoming even more important as time progresses.
- Likes 1
Comment
-
Originally posted by flower View Postit also depends on your security profile. i ONLY care about my important data. i dont want it to leak or be tampered with.
- Likes 1
Comment
-
Originally posted by flower View Postfull disk encryption and dual boot is just a cheap way to seperate gaming from important stuff.
- Likes 1
Comment
-
Originally posted by caligula View Post
Nowadays 1, 2.5, 5, and 10 gigabit LANs are so cheap that you could easily offload all data accesses to a separate NAS doing encryption and such.
but usually whenever i tell someone "just spend 50$ on that" on this forum, someone yells at me that i can't expect anyone to have that much money
Comment
Comment