Originally posted by ryao
View Post
Announcement
Collapse
No announcement yet.
The Spectre/Meltdown Performance Impact On Linux 4.20, Decimating Benchmarks With New STIBP Overhead
Collapse
X
-
- Likes 1
-
Originally posted by birdie View Post
Have you read the actual article? Because it says, "that try to exploit Meltdown and Spectre, although most appear to be proof-of-concept code". Also this article is from Fabruary 2018, i.e. when Firefox/Chrome hadn't yet had protections in place and it was just three weeks after the revelations were made.
In short try harder.
Also, you still haven't revealed even a theoretical attack vector which involves using Meltdown/Spectre vulnerabilities.
- Likes 1
Leave a comment:
-
Originally posted by birdie View Post
Spectre/Meltdown vulnerabilities have been known for almost a year already. Not a single actual exploit has been found yet.
Still, 100% of users must suffer tremendously because in theory someone could be hacked.
Also, tell me how home users could be theoretically hacked using these vulnerabilities. Chaining and everything - I'm all ears.
There's a load of BS going on in this thread and people mindlessly "like" certain posts without understanding shit about the issue at hand.
Again BS on top of BS. Certain vulnerabilities are baked-in during compilation using GCC flags and you cannot even disable them using `make config`, you there's no way you can disable them using boot arguments.
- Likes 1
Leave a comment:
-
Originally posted by trek View Post
what about virus/malware? the address space separation is the foundation for any type of security measure, if you don't need it, you don't need Linux at all
Damn, 99% of users here don't fucking understand what these vulnerabilities are about and how hellishly difficult is using them for anything.Last edited by birdie; 19 November 2018, 04:33 AM.
- Likes 1
Leave a comment:
-
Originally posted by birdie View PostAnd this is pure BS for over 95% of users out there who only run a web browser, a document processor and a spreadsheet.
Both Firefox and Chrome have long implemented protections against Meltdown/Spectre class exploits, so there's really no way such users could be hacked.
Leave a comment:
-
Originally posted by NotMine999 View PostI find it interesting to note that "impact on kernel performance" was not considered/challenged by the person(s) replying to the original poster (Artem) in the thread.
Are Linux kernel developers not concerned with performance impacts of their coding?
- Likes 1
Leave a comment:
-
Originally posted by birdie View PostMeanwhile a request in LKML to enable to disable (sic!) all these mitigations was and met with an utter indifference and now if you want to reach previously available performance you have to peruse a ton of documentation and you also have to recompile the kernel since some mitigations are compiled-in regardless, without a runtime option to disable them.
Leave a comment:
-
Originally posted by Weasel View PostI'm talking about the nonsense people spread about "Intel cut corners that's why they have higher IPC than AMD". Repeating that, in various forms, is not going to turn it into a fact, sorry.
- Likes 1
Leave a comment:
Leave a comment: