Originally posted by duby229
View Post
Announcement
Collapse
No announcement yet.
FreeBSD Finally Gets Mitigated For Spectre & Meltdown
Collapse
X
-
- Likes 1
-
Originally posted by Luke_Wolf View Post
Stallman being a technocommunist
It will be noted that both GNU, and Linux, with all their "technocommunist" shit have actually grown further, faster, and have become far more advanced than FreeBSD which has been left in the dust and relegated to being "The OS thats mostly used as a base for other projects". This is despite a decade head start FreeBSD had in the 1990s as an actual port of professionally developer BSD-4.3 lite. The SJW friendly "technocommunists" won a long time ago, while you losers are bitterly arguing over which one of your non-productive netizens is to blame for your failures. The same corporations you claim to be worshiping actually chose GPL and copyleft to prevent knock offs from stealing their ideas. The tech world revolves around GNU/Linux infrastructure. Even Netflix, the one FreeBSD shop left is going to GNU/Linux. Oh yeah. In the actual real world, this "technocommunist" shit works, and no one, corporation or not wants to put up with your hysterics, or your own virtue signally for a technically inferior system.
Just like devaun, you too can fork FreeBSD and maintain it with your anti-SJWs. In fact, I openly encourage it. All the Anti-SJWs affraid of technocommunists can for FreeBSD into TrollBSD. Despite the hooting and hollering about how you are the pillars of this community, your TrollBSD is going to fail epicly, because you are going to get very few, if any talent to actually work on it. No one is going to use it either. No one uses FreeBSD to begin with, and no one is going to use TrollBSD. FreeBSD lost long before any SJW shit ever came up. getting rid of it is not bringing the project back.
I'm sitting here at work, and no one, I mean no one is taking devaun seriously from a professional stand point. Devaun is not a public relations nightmare either. You are good byeLast edited by GI_Jack; 14 March 2018, 05:09 PM.
- Likes 2
Comment
-
Originally posted by Danielsan View PostI was looking about info regarding Spectre/meltdown for FreeBSD and I ended up here, with 16 pages of idiocies about CoC and none a technical post...
Basically, don't worry about it. If you still do, use HardenedBSD and apply newest boot-time cpu microcodes by sysutils/devcpu-data metapackage.
Github also had some Spectre/Meltdown testing utility repo built for Linux but compatible with FreeBSD. Cant recall exact url, google should find it.
Comment
-
Originally posted by Danielsan View PostNecro-posting is bad, but 16 pages of non-sense is worsen...
Open any BSD or Solaris related thread with more than 10 posts and you can always see same crowd turn up spreading FUD..
- Likes 1
Comment
-
Originally posted by aht0 View Post
That's normal with Moronix users. FOSS is appareantly religious thing and anything not correct flavor of Linux gets load of shit thrown at it by certain fanatics.
Open any BSD or Solaris related thread with more than 10 posts and you can always see same crowd turn up spreading FUD..
- Likes 1
Comment
-
I was looking about info regarding Spectre/meltdown for FreeBSD
Kernel Page Table Isolation or PTI, is supposed to be the software mitigation for these kinds of vulnerabilities,
and there is also Microarchitectural Data Sampling (MDS) Mitigation
How well and good they are, I don't know, but I'm trusting pfSense devs enough that if they put them as options in the GUI they do something, and it's at least worth looking into.
Originally posted by aht0 View PostBasically, don't worry about it. If you still do, use HardenedBSD and apply newest boot-time cpu microcodes by sysutils/devcpu-data metapackage.
"naaah don't worry about it, just install newest microcode (which is integrated already for 99.9% of the cases since it's old stuff now)"
jeebus on a pogo stick, people these days
Comment
-
Originally posted by starshipeleven View PostI'm not much of a FreeBSD user but I guess I still know better than the other bumbling fool since I do use pfSense (FreeBSD-based) and I've seen a couple option in their menus.
https://docs.netgate.com/pfsense/en/...-isolation-pti
Kernel Page Table Isolation or PTI, is supposed to be the software mitigation for these kinds of vulnerabilities,
and there is also Microarchitectural Data Sampling (MDS) Mitigation
How well and good they are, I don't know, but I'm trusting pfSense devs enough that if they put them as options in the GUI they do something, and it's at least worth looking into.
Gotta love the security advice you give to people, if you know nothing, just shut up.
"naaah don't worry about it, just install newest microcode (which is integrated already for 99.9% of the cases since it's old stuff now)"
jeebus on a pogo stick, people these days
amd64 PTI (Meltdown)
arm64 Spectre variant 2
amd64 bhyve partial Spectre variant 2
armv7 Spectre variant 2
amd64 PTI-PCID integration
amd64 PTI default setting
amd64 Spectre IBRS
x86 Clang retpoline Spectre variant 2
i386 4/4G split
amd64 Intel SSBD
i386 Spectre IBRS
amd64 Lazy FP State Restore
According to Intel, quite a few of those need for full mitigation, both software patch AND microcode update when dealing with vulnerable Intel CPU's. Some mitigations don't need microcode updates but are switchable by special kernel tunable. PTI is one such (vm.pmap.pti), which is included on AMD64 version of FreeBSD and by default set "on" for non-AMD CPU's.
Majority of mitigations have been applied through system, kernel or compiler updates and in cases where mitigations need CPU microcode update to fully work - there it can be achieved by installing sysutils/devcpu-data package - which is by far the easiest way to load the microcode updates on FreeBSD system. Of what I've found of anyway.
So, I cannot see any justification for your trolling and personal attacks Perhaps you should actually look up some data before storming somebody verbally? I was very general in my attitude and what I said but I wasn't wrong either.
PS! I have no idea how pfSense devs have solved their mitigations or which FreeBSD have they based recent pfSense versions on. Mitigations were added to FreeBSD-11 or later. If they were using FreeBSD 10 for a base, they in fact needed to backport them.
- Likes 2
Comment
Comment