Announcement
Collapse
No announcement yet.
GNU Linux-Libre 4.16 Released, Won't Warn You About Spectre/Meltdown Microcode Updates
Collapse
X
-
I for one dislike the messages of the standard kernel as it shows anyone booting up a system directly on the boot screen that it hasn't been compiled with the fixes. If the security flaws were of such an importance then it shouldn't be an option, and yet it is. I wonder if it isn't just the result of virtue signalling by some of the kernel devs. So now the message spams the boot screen where it only attracts unwanted attention, while not every single Linux machine on the planet needs to be 100% bullet proof.
- Likes 1
-
Originally posted by AsuMagic View Post
Yeah, exactly, non-free software is okay as long as it cannot be replaced now?
Leave a comment:
-
Originally posted by AsuMagic View Post
Yeah, exactly, non-free software is okay as long as it cannot be replaced now?
Leave a comment:
-
Just tried, evertything works fine here:
DeVUAn:~$ cat /proc/sys/kernel/osrelease
4.16.0-gnu
DeVUAn:~$ cat /sys/devices/system/cpu/vulnerabilities/*
Not affected
Mitigation: __user pointer sanitization
Mitigation: Full AMD retpoline
DeVUAn:~$ fglrxinfo
display: :0.0 screen: 0
OpenGL vendor string: Advanced Micro Devices, Inc.
OpenGL renderer string: AMD Radeon HD 8400 / R3 Series
OpenGL version string: 4.5.13416 Compatibility Profile Context 15.302
GPUs are problem anywhere most of the time as expectedLast edited by dungeon; 02 April 2018, 01:00 PM.
Leave a comment:
-
Originally posted by willmore View Post
Then the warning should read "Linux-Libre is unsecure on this hardware due to CPU flaws. Do not use."
- Likes 1
Leave a comment:
-
For more details:
Posted by Matt Linton, Senior Security Engineer and Pat Parseghian, Technical Program Manager Yesterday, Google’s Project Zero team posted...
Variant 1 can be mitigated by recompilation
Variant 2 can be mitigated by firmware updates _OR_ retpoline
Variant 3 can be mitigated via KPTI.
As a result linux-libre is fine.
- Likes 5
Leave a comment:
-
Spectre/meltdown can be mitigated in software via KPTI and retpoline. This isn't as big a deal as you people are making it out to be.
- Likes 3
Leave a comment:
-
Originally posted by WolfpackN64 View Post
The FSF has always promoted extreme solutions because someone needs to show people just how much proprietary code runs on their systems. It's not a pragmatic approach, but no one expects it to be.
- Likes 5
Leave a comment:
-
Originally posted by Sonadow View PostIf anyone needs evidence that the FSF has gone full retard with its hardline 'free software or get lost' stance, this is the clearest of them all.
- Likes 8
Leave a comment:
-
If anyone needs evidence that the FSF has gone full retard with its hardline 'free software or get lost' stance, this is the clearest of them all.
- Likes 5
Leave a comment:
Leave a comment: