Announcement

Collapse
No announcement yet.

FreeBSD Finally Gets Mitigated For Spectre & Meltdown

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Originally posted by duby229 View Post

    Facts are facts and he pointed out a very good one. Does it occur to you that in order to defend your own claims you need to resort to the terms of the very CoC you're so against? In effect you've reinforced the CoC and made it stronger.
    nope, i just proved that the CoC is bullshit and will be misused to get rid of people with the wrong opinions. And that the people calling this SJW CoC a good CoC dont even stick to their rules (because they think this rules are only for other people).

    Comment


    • Originally posted by Luke_Wolf View Post


      Stallman being a technocommunist
      I think I'm just going to stop reading right here, stop this conversation, and wish you farewell from the FOSS scene. I can't say I feel any bit of loss here.

      It will be noted that both GNU, and Linux, with all their "technocommunist" shit have actually grown further, faster, and have become far more advanced than FreeBSD which has been left in the dust and relegated to being "The OS thats mostly used as a base for other projects". This is despite a decade head start FreeBSD had in the 1990s as an actual port of professionally developer BSD-4.3 lite. The SJW friendly "technocommunists" won a long time ago, while you losers are bitterly arguing over which one of your non-productive netizens is to blame for your failures. The same corporations you claim to be worshiping actually chose GPL and copyleft to prevent knock offs from stealing their ideas. The tech world revolves around GNU/Linux infrastructure. Even Netflix, the one FreeBSD shop left is going to GNU/Linux. Oh yeah. In the actual real world, this "technocommunist" shit works, and no one, corporation or not wants to put up with your hysterics, or your own virtue signally for a technically inferior system.

      Just like devaun, you too can fork FreeBSD and maintain it with your anti-SJWs. In fact, I openly encourage it. All the Anti-SJWs affraid of technocommunists can for FreeBSD into TrollBSD. Despite the hooting and hollering about how you are the pillars of this community, your TrollBSD is going to fail epicly, because you are going to get very few, if any talent to actually work on it. No one is going to use it either. No one uses FreeBSD to begin with, and no one is going to use TrollBSD. FreeBSD lost long before any SJW shit ever came up. getting rid of it is not bringing the project back.

      I'm sitting here at work, and no one, I mean no one is taking devaun seriously from a professional stand point. Devaun is not a public relations nightmare either. You are good bye
      Last edited by GI_Jack; 14 March 2018, 05:09 PM.

      Comment


      • I was looking about info regarding Spectre/meltdown for FreeBSD and I ended up here, with 16 pages of idiocies about CoC and none a technical post...

        Comment


        • Originally posted by Danielsan View Post
          I was looking about info regarding Spectre/meltdown for FreeBSD and I ended up here, with 16 pages of idiocies about CoC and none a technical post...
          Do you realize you revived 3 years old thread?

          Basically, don't worry about it. If you still do, use HardenedBSD and apply newest boot-time cpu microcodes by sysutils/devcpu-data metapackage.

          Github also had some Spectre/Meltdown testing utility repo built for Linux but compatible with FreeBSD. Cant recall exact url, google should find it.

          Comment


          • Necro-posting is bad, but 16 pages of non-sense is worsen...

            Comment


            • Originally posted by Danielsan View Post
              Necro-posting is bad, but 16 pages of non-sense is worsen...
              That's normal with Moronix users. FOSS is appareantly religious thing and anything not correct flavor of Linux gets load of shit thrown at it by certain fanatics.
              Open any BSD or Solaris related thread with more than 10 posts and you can always see same crowd turn up spreading FUD..

              Comment


              • Originally posted by aht0 View Post

                That's normal with Moronix users. FOSS is appareantly religious thing and anything not correct flavor of Linux gets load of shit thrown at it by certain fanatics.
                Open any BSD or Solaris related thread with more than 10 posts and you can always see same crowd turn up spreading FUD..
                Looks like Moronix users are the majorities here...

                Comment


                • I was looking about info regarding Spectre/meltdown for FreeBSD
                  I'm not much of a FreeBSD user but I guess I still know better than the other bumbling fool since I do use pfSense (FreeBSD-based) and I've seen a couple option in their menus.
                  https://docs.netgate.com/pfsense/en/...-isolation-pti
                  Kernel Page Table Isolation or PTI, is supposed to be the software mitigation for these kinds of vulnerabilities,
                  and there is also Microarchitectural Data Sampling (MDS) Mitigation

                  How well and good they are, I don't know, but I'm trusting pfSense devs enough that if they put them as options in the GUI they do something, and it's at least worth looking into.

                  Originally posted by aht0 View Post
                  Basically, don't worry about it. If you still do, use HardenedBSD and apply newest boot-time cpu microcodes by sysutils/devcpu-data metapackage.
                  Gotta love the security advice you give to people, if you know nothing, just shut up.

                  "naaah don't worry about it, just install newest microcode (which is integrated already for 99.9% of the cases since it's old stuff now)"

                  jeebus on a pogo stick, people these days

                  Comment


                  • Originally posted by starshipeleven View Post
                    I'm not much of a FreeBSD user but I guess I still know better than the other bumbling fool since I do use pfSense (FreeBSD-based) and I've seen a couple option in their menus.
                    https://docs.netgate.com/pfsense/en/...-isolation-pti
                    Kernel Page Table Isolation or PTI, is supposed to be the software mitigation for these kinds of vulnerabilities,
                    and there is also Microarchitectural Data Sampling (MDS) Mitigation

                    How well and good they are, I don't know, but I'm trusting pfSense devs enough that if they put them as options in the GUI they do something, and it's at least worth looking into.


                    Gotta love the security advice you give to people, if you know nothing, just shut up.

                    "naaah don't worry about it, just install newest microcode (which is integrated already for 99.9% of the cases since it's old stuff now)"

                    jeebus on a pogo stick, people these days
                    What are patched in:
                    amd64 PTI (Meltdown)
                    arm64 Spectre variant 2
                    amd64 bhyve partial Spectre variant 2
                    armv7 Spectre variant 2
                    amd64 PTI-PCID integration
                    amd64 PTI default setting
                    amd64 Spectre IBRS
                    x86 Clang retpoline Spectre variant 2
                    i386 4/4G split
                    amd64 Intel SSBD
                    i386 Spectre IBRS
                    amd64 Lazy FP State Restore

                    According to Intel, quite a few of those need for full mitigation, both software patch AND microcode update when dealing with vulnerable Intel CPU's. Some mitigations don't need microcode updates but are switchable by special kernel tunable. PTI is one such (vm.pmap.pti), which is included on AMD64 version of FreeBSD and by default set "on" for non-AMD CPU's.

                    Majority of mitigations have been applied through system, kernel or compiler updates and in cases where mitigations need CPU microcode update to fully work - there it can be achieved by installing sysutils/devcpu-data package - which is by far the easiest way to load the microcode updates on FreeBSD system. Of what I've found of anyway.

                    So, I cannot see any justification for your trolling and personal attacks Perhaps you should actually look up some data before storming somebody verbally? I was very general in my attitude and what I said but I wasn't wrong either.

                    PS! I have no idea how pfSense devs have solved their mitigations or which FreeBSD have they based recent pfSense versions on. Mitigations were added to FreeBSD-11 or later. If they were using FreeBSD 10 for a base, they in fact needed to backport them.

                    Comment


                    • Don't you guys have no work to do? What a stupid topic.

                      Comment

                      Working...
                      X