Yes it's easy red is bad, green is good, and not already discovered will be reds next, the problem is; times after times, some new red items are discovered. (and the good news; it's for the moment always before a massive impact)Stevo wrote: Fri May 17, 2019 3:00 pm Green is good in the script output, red is bad. You need to ask questions how to fix it if you get red results and need help. Seems pretty easy to me!
Absence of evidence is not evidence of absence.figueroa wrote: Fri May 17, 2019 2:11 pm Quoting from the article:
"Thus far, no attacks actually utilizing Spectre and Meltdown have been spotted in the wild, beyond proof-of-concept work submitted by researchers."
I am sitting on Debian Testing, waiting for you guys to get this straightened out. At least it works without holes in the kernel.beardedragon wrote: Thu May 16, 2019 8:30 pm I give up, I am going to install fresh and not use that kernel.
The risk does not warrant such extreme actions. It could also be rhetorically stated why don't all users change to AMD CPUs?beardedragon wrote: Fri May 17, 2019 3:02 pm Why don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so.
The kernels are already patched and in the repos. The 5.0-16 Liquorix kernel is also not vulnerable, as the checker output told you.beardedragon wrote: Fri May 17, 2019 3:02 pmWhy don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so.figueroa wrote: Fri May 17, 2019 2:59 pmThat's not what I'm saying. Mitigate what you can, subject to your resources and your needs. Don't sell the farm. Don't panic. Reduce your exposure. Practice safe computing. Nobody has been successfully attacked this way, yet.oops wrote: Fri May 17, 2019 2:22 pm ... So the only and unique alternative, for almost everyone, is to trust in researchers who find ;-)
Mitigate: To make less severe, intense, harsh, rigorous, painful,Stevo wrote: Fri May 17, 2019 6:09 pmThe kernels are already patched and in the repos. The 5.0-16 Liquorix kernel is also not vulnerable, as the checker output told you.beardedragon wrote: Fri May 17, 2019 3:02 pmWhy don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so.figueroa wrote: Fri May 17, 2019 2:59 pm
That's not what I'm saying. Mitigate what you can, subject to your resources and your needs. Don't sell the farm. Don't panic. Reduce your exposure. Practice safe computing. Nobody has been successfully attacked this way, yet.
Fixing the problem would Intel recalling and replacing all of its vulnerable CPUs at Intel's expense. Mitigating the problem is patching Linux kernels such that CPU-induced security vulnerabilities can't affect the operating system. It's not Linux's problem, yet they've patched their kernel to prevent Intel's microcode vulnerabilities from being able to be exploited in Linux. That's why it's called a mitigation, not a "fix" or a solution. It's more of a work-around. It effectively fixes the problem, but since the source of the problem is within Intel's microcode that's where an actual "fix" would need to be applied.beardedragon wrote: Fri May 17, 2019 8:36 pmMitigate: To make less severe, intense, harsh, rigorous, painful,Stevo wrote: Fri May 17, 2019 6:09 pmThe kernels are already patched and in the repos. The 5.0-16 Liquorix kernel is also not vulnerable, as the checker output told you.beardedragon wrote: Fri May 17, 2019 3:02 pm
Why don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so.
etc.; to soften; to meliorate; to alleviate; to diminish;
to lessen; as, to mitigate heat or cold; to mitigate
grief.
[1913 Webster]
That does not look like fixing the problem. Why even bring this up, or, use a topic that the average user would not even read? Sorry, I am probably too cautious, but, the main reason I do not use Windows is they have too many mitigating circumstances and it is a hacker's dream. I quit using Manjaro after years testing and stable because the main designer took a vacation and everything went to pot, The white screen of death was the result of changing something in nvidia they had no reason to change when they upgraded two kernels. Sorry if I offended you.
Code: Select all
[Desktop Entry]
Version=1.0
# fehlix: 2019-05-18
# file: spectre-meltdown-checker.desktop
# Zombieload thread: https://forum.mxlinux.org/viewtopic.php?p=503075#p503075
#
Type=Application
Name=Spectre and Meltdown Checker
Comment=Spectre and Meltdown mitigation detection tool
Exec=x-terminal-emulator -T "Spectre and Meltdown Checker" -e bash -c '( hash spectre-meltdown-checker 2>/dev/null || sudo apt install spectre-meltdown-checker) && sudo spectre-meltdown-checker | tee >( (echo "[""code]"; cat ; echo "[/""code]" ) | sed "s/\x1b\[[0-9;]*[mGKH]//g" | xsel -ib 2> /dev/null); echo ; gettext -d mx-goodies -s "Report copied to system clipboard" ; CLOSE=$(gettext mx-goodies "Press any key to close"); read -n 1 -s -r -p "$CLOSE "'
Icon=face-devilish
Path=
Terminal=false
StartupNotify=false
Type=Application
Categories=System;
Code: Select all
System:
Host: mx Kernel: 4.15.0-1-amd64 x86_64 bits: 64 compiler: gcc v: 6.3.0
Desktop: Xfce 4.12.3 Distro: MX-18.2_x64 Continuum March 14 2018
base: Debian GNU/Linux 9 (stretch)
CPU:
Topology: Dual Core model: Intel Core i3 530 bits: 64
flags: lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 23407
What was the problem, exactly?