Announcement

Collapse
No announcement yet.

Spectre/Meltdown Mitigations Can Now Be Toggled With Convenient "mitigations=" Option

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by oiaohm View Post

    Please explain what does that line of code have todo with IBM/Redhat. The line you commented out is by David Woodhouse of amazon uk.
    https://lore.kernel.org/patchwork/patch/873383/
    Above is the patch. Not a single person who approved it for Include in the Linux kernel has a single thing todo with IBM/Redhat.

    Redhat and IBM basically have no code in the spectre/meltdown code. Horrible fact is Redhat had to revert all their spectre/meltdown code out their enterprise kernels and switch to third party made because third party made was better constructed and covered more cases.

    No it did not take half a year to implement either was released in stable kernels well before 5.1 kernel release. So this is more formal notice of a forwards ported patch from Linux kernel LTS to Linux kernel mainline. This does not happen that often.

    Told you to read up before posting another comment. Really debianxfce stop giving IBM credit for work they never did because you fail at doing you homework on who did what.
    There's no point attempting to reason with him, he's a troll.

    Comment


    • #12
      Originally posted by debianxfce View Post
      In terms of written lines, you believers are troll. IBM/Amazon/what ever sermon does not end.
      I really want to know what you're on so I know to avoid it.

      Comment


      • #13
        Originally posted by debianxfce View Post
        In terms of written lines, you believers are troll. IBM/Amazon/what ever sermon does not end.
        LOL
        https://en.wikipedia.org/wiki/Internet_troll
        Term troll has nothing to-do with written lines. In fact calling us believers is an action of a troll. In fact a paid troll normally wants to-do the least number of lines possible to get their disruption to work. So if you are going by written lines of a company pay troll attempting to spread a lie your number of posted lines match perfectly debianxfce. Funny how what debianxfce said applies exactly to debianxfce.

        Again before posting again do your background research and understand what you are typing. You have already received a warning and avoided being banned. Spreading dangerous miss information on security could end up with you banned.

        Comment


        • #14
          Originally posted by debianxfce View Post

          The person who configures the kernel already knows that. SE Linux or any other security feature of the Linux kernel do not throw boot errors with a non debug kernel. IBM non pros suggested to include the kernel command line in to the kernel. It should throw the error message when this new value is used, not just;-)
          And if you're a random person using a random CPU somewhere???? Not everyone uses computers with software they compile themselves. You have to assume more than your own workflow and how you do things in regards to security.

          Also, comparing this to SELinux and other security features is very disingenuous. If we're using cars, SELinux would be a wireless entry with a fingerprint scanner on the unlock button and start buttons and no SELinux is just a wireless entry with a regular unlock and start buttons. Not having the mitigations means the fingerprint scanner is potentially useless due to backdoors (pun not intended) being able to be used or that the regular version could be overridden to accept another wireless entry device since the pairing protocol was exploited.

          Compering a kernel-level exploit mitigation to a security implementation and acting like they're one and the same...you should really know better...

          Comment


          • #15
            Originally posted by Britoid View Post

            I really want to know what you're on so I know to avoid it.
            IBM's payroll.

            Comment


            • #16
              Originally posted by debianxfce View Post

              Thinking is not allowed in IBM Vogsphere and IBM poetry tortures you.
              You must have a trauma.

              Comment


              • #17
                Debianxfce, our beloved troll, is at least keeping people away from Debian and XFCE. He's for sure a promoter, but with all that crap he's posting noone will ever consider his ideas and stuff, because noone buys lemonade at a lunatic asylum

                Comment


                • #18
                  I still think calling it yolo=on instead of mitigations=off has a better ring to it! Maybe if Elon Musk was given the option of naming kernel flags.

                  Comment


                  • #19
                    Originally posted by debianxfce View Post

                    When it takes a half year to implement simple value to disable it, you do really must believe that IBM/Amazon/what ever code is safe. Welcome to the reality, no computer system connected to the internet is ever 100% safe. That is why you run Clamtk in the ~/cache folder regularly.
                    No comments on systemd, gnome or wayland this time????

                    Comment


                    • #20
                      Originally posted by UlisesH View Post
                      No comments on systemd, gnome or wayland this time????
                      No, I have only just woken up and finished my coffee...

                      Ugh! this Spectre/Meltdown nonsense could all have been avoided if people stopped playing with toys like systemd, gnome 3 or wayland and got back to real work!

                      (how was that?)

                      Comment

                      Working...
                      X