|
CommunistPancake posted:i'm hearing a lot of desktop users yelling about the 30% DROP IN SPEED for their VIDEO-GAMES afaik it affects anything that does anything because the way they fix it is to make touching the kernel harder, and everything touches the kernel all the time
|
# ? Jan 3, 2018 02:49 |
|
|
# ? May 28, 2024 14:40 |
You Am I posted:I'm looking at moving my IT career towards an IT Security role. Not sure where in IT Security to start from or with, any recommendations? Is it worth becoming an auditor or is there some other part of IT Security that's worth looking into? Why do you want to move towards IT Security? What sort of skills do you currently have, and what sounds interesting? IT Security is a broad field so you're going to have to give us some more details. I've never done auditing as an actual job position, but it sounds awful to me at least. I'm sure some people enjoy that sort of thing.
|
|
# ? Jan 3, 2018 02:51 |
|
ate all the Oreos posted:afaik it affects anything that does anything because the way they fix it is to make touching the kernel harder, and everything touches the kernel all the time
|
# ? Jan 3, 2018 02:53 |
|
ate all the Oreos posted:would you like to know something about it or did you just want to talk about it with yr yosbros just wanted to shoot the poo poo
|
# ? Jan 3, 2018 02:55 |
|
i think it could sink intel if its that bad
|
# ? Jan 3, 2018 02:55 |
|
rafikki posted:Why do you want to move towards IT Security? What sort of skills do you currently have, and what sounds interesting? IT Security is a broad field so you're going to have to give us some more details. I've never done auditing as an actual job position, but it sounds awful to me at least. I'm sure some people enjoy that sort of thing. Dunno if you can call it auditing but I spend a lot of my time compliance-checking a large userbase. They keep me busy, the excuses you hear are fantastic and there's basically nothing legal that isn't also sfw but good god am I glad to have something to do that isn't scrolling through endless reams of scan results. I like talking to big groups about social media secfucks and how not to get fired/charged, that's fun too. Your iphone isn't a corporate asset, your dvd collection is not someone else's to back up for you and your rear end is not porn.
|
# ? Jan 3, 2018 02:56 |
|
Knowing nothing about cpu design how hard would this be to fix in future revisioh right 1166 isn't necessarily 1166
|
# ? Jan 3, 2018 02:57 |
|
Last Chance posted:just wanted to shoot the poo poo okay
|
# ? Jan 3, 2018 02:58 |
|
Number19 posted:there is now i guess: this is a thread for complaining about us politics, neh?
|
# ? Jan 3, 2018 03:03 |
|
Subjunctive posted:in April he told the SEC “I’m going to make this trade later this year”, and then it was on autopilot. he doesn’t get to change his mind. the optics are bad to people who think the CEO just logged into E-Trade to dump a few million in shares after getting an unpleasant email, but it’s super easy for the SEC to see whether the trade followed the 10b5-1 they have on file. I’m sure they did check when the form 4 came in, really, so I guess they did investigate a bit Investigate to see if the currently embargoed security vulnerability was known internally at the time. I honestly don't think he did anything illegal with his trade, but it would be nice if the SEC verified a bit.
|
# ? Jan 3, 2018 04:57 |
|
Last Chance posted:https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ quote:Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT
|
# ? Jan 3, 2018 05:01 |
|
ate poo poo on live tv posted:Investigate to see if the currently embargoed security vulnerability was known internally at the time. I honestly don't think he did anything illegal with his trade, but it would be nice if the SEC verified a bit.
|
# ? Jan 3, 2018 05:16 |
|
How about only when those sales coincide with major happenings in that company? Like making sure that, I don’t know, some securities weren’t, say, exchanged with foreknowledge gained from being inside? That would be weird. It’d be like a commission about the exchanges of securities. We could call it the CES I guess.
|
# ? Jan 3, 2018 05:40 |
|
Avenging_Mikon posted:How about only when those sales coincide with major happenings in that company?
|
# ? Jan 3, 2018 05:42 |
|
anthonypants posted:i mean, you could read the post on the previous page that explained that the ceo would have made their decision to sell their stock in april of last year, or you could continue to listen to el reg and reddit and hackernews with the rest of the internet, because why would the people on those websites lie to you? The point that was being made was did he know about the issue back in April. Apparently you’re just in such a rush to poo poo on people you just poo poo your pants instead. ate poo poo on live tv posted:Investigate to see if the currently embargoed security vulnerability was known internally at the time. I honestly don't think he did anything illegal with his trade, but it would be nice if the SEC verified a bit. See? Odds are that nothing wrong happened, but it’d be a good thing to investigate as it is actually their job to double-check things like that.
|
# ? Jan 3, 2018 05:47 |
|
Like, the SEC doesn't have the resources to investigate much more clear cut cases of insider trading like Kraft and 3G partners or whatever but sure let's have them instead investigate when every piece of material news was known internally just in case some C level happened to have a 405 in to sell. I mean, there aren't that many cases of news coming out that affects stock prices, nor do executives sell stock very frequently.
|
# ? Jan 3, 2018 05:53 |
|
Avenging_Mikon posted:See? Odds are that nothing wrong happened, but it’d be a good thing to investigate as it is actually their job to double-check things like that. anthonypants posted:i have no idea how you people think the world works but it is absolutely not the sec's job to subpoena a ceo's emails every time they want to buy or sell stock in their own company
|
# ? Jan 3, 2018 06:28 |
|
ohgodwhat posted:Like, the SEC doesn't have the resources to investigate much more clear cut cases of insider trading like Kraft and 3G partners or whatever but sure let's have them instead investigate when every piece of material news was known internally just in case some C level happened to have a 405 in to sell. I mean, there aren't that many cases of news coming out that affects stock prices, nor do executives sell stock very frequently. Right, I keep forgetting that America is ultra-turbo-hosed, as opposed to the turbo-hosed it was previously. Y’all should move to Canada. We’re legalizing weed nationwide.
|
# ? Jan 3, 2018 06:41 |
|
Avenging_Mikon posted:Right, I keep forgetting that America is ultra-turbo-hosed, as opposed to the turbo-hosed it was previously. Y’all should move to Canada. We’re legalizing weed nationwide. Lol that you appear unaware of how Canada has relatively lax financial crimes enforcement
|
# ? Jan 3, 2018 06:44 |
|
i would venture that most democracies are bad at investigating and punishing crimes of people with money, because if they were good at it the people with money would lobby to make them bad
|
# ? Jan 3, 2018 06:55 |
ate all the Oreos posted:afaik it affects anything that does anything because the way they fix it is to make touching the kernel harder, and everything touches the kernel all the time no one games on linux or windows servers, all the crying is baseless
|
|
# ? Jan 3, 2018 09:07 |
|
gamers saw "speculative execution" and thought it was about blind-firing from cover
|
# ? Jan 3, 2018 09:48 |
|
cinci zoo sniper posted:no one games on linux or windows servers, all the crying is baseless
|
# ? Jan 3, 2018 09:56 |
anthonypants posted:i've already seen at least one article that says there's performance issues on windows because of this thing itll be very microsoft for virtualisation security issue to affect windows 10 home. also what articles are you seeing with embargo still up?
|
|
# ? Jan 3, 2018 10:11 |
|
cinci zoo sniper posted:itll be very microsoft for virtualisation security issue to affect windows 10 home. also what articles are you seeing with embargo still up? stuff that lets you leak memory from other vms on the same host also lets you leak memory from just other stuff on your machine, not sure why you'd think that's unusual. there aren't any articles really, people are just reading between the lines.
|
# ? Jan 3, 2018 10:14 |
Jabor posted:stuff that lets you leak memory from other vms on the same host also lets you leak memory from just other stuff on your machine, not sure why you'd think that's unusual. so whom are you leaking your memory to on a local machine? or is it non-vm apps that are leaking?
|
|
# ? Jan 3, 2018 10:20 |
|
cinci zoo sniper posted:so whom are you leaking your memory to on a local machine? or is it non-vm apps that are leaking? are you one of those templeos proponents who doesn't believe in process isolation or something?
|
# ? Jan 3, 2018 10:26 |
Jabor posted:are you one of those templeos proponents who doesn't believe in process isolation or something? no, i am not
|
|
# ? Jan 3, 2018 10:32 |
|
then maybe you can figure out on your own why leaking kernel memory to a user-space process is a bad thing
|
# ? Jan 3, 2018 10:34 |
Jabor posted:then maybe you can figure out on your own why leaking kernel memory to a user-space process is a bad thing that would require an understanding of low level stuff
|
|
# ? Jan 3, 2018 10:36 |
|
were you looking for a tweet of someone saying "thing bad" in 140 characters or less?
|
# ? Jan 3, 2018 10:39 |
|
sounds like we picked an excellent time to try and move to virtual desktops at work lmao
|
# ? Jan 3, 2018 10:40 |
|
cinci zoo sniper posted:that would require an understanding of low level stuff "anything is root without the patch that can make things significantly slower"
|
# ? Jan 3, 2018 10:43 |
Jabor posted:were you looking for a tweet of someone saying "thing bad" in 140 characters or less? no, im basically waiting for an embargo to lift and deets to come in so i can make a meaningful q on the subject. there's too much seeming hysteria everywhere to buy a "thing bad", especially in 140 characters or less atomicthumbs posted:"anything is root without the patch that can make things significantly slower" that's less than great
|
|
# ? Jan 3, 2018 10:56 |
|
This will most certainly affect client machines too, as there are low level software features that take advantage of this feature, and could cause kernel dumps that could compromise user systems easily. Its most certainly going to be an issue. Its not like Windows Server and Windows are very different or do very different things, they both function using the same kernel.
|
# ? Jan 3, 2018 13:02 |
|
otoh i suspect that the performance impact will be reasonably modest for consumer workloads, it makes decent sense that e.g. database workloads would be sensitive, but i struggle to think of a consumer workload that'll load the syscalls/sec down very hard. for games for example a modern graphics driver should not have to cross the boundary very often, they have to be doing a lot of bulking in userspace to make it work even with the normal lower performance impact
|
# ? Jan 3, 2018 13:29 |
|
Cybernetic Vermin posted:otoh i suspect that the performance impact will be reasonably modest for consumer workloads, it makes decent sense that e.g. database workloads would be sensitive, but i struggle to think of a consumer workload that'll load the syscalls/sec down very hard. for games for example a modern graphics driver should not have to cross the boundary very often, they have to be doing a lot of bulking in userspace to make it work even with the normal lower performance impact Graphics loads, no, but most gameplay is still CPU intensive to handle in game engine mechanics and everything else. It'll still have an impact, what impact that is I can't say yet, but I suspect it will at least take a hit. Most modern games still don't take advantage of multi-core processing, and are heavily single core dependent and that's likely to allow the microcode change to have a performance hit.
|
# ? Jan 3, 2018 13:36 |
|
CommieGIR posted:Graphics loads, no, but most gameplay is still CPU intensive to handle in game engine mechanics and everything else. It'll still have an impact, what impact that is I can't say yet, but I suspect it will at least take a hit. if the details we have so far are correct there will be almost no impact on "pure" cpu-intensive loads, since the fix so far suggested is a huge overhead on syscalls as the entire kernel pagetable needs to be established on entry and then fully discarded on exit. if there is a microcode fix it may indeed have some impact, but we have no idea what that would look like in that case. since games mostly avoid doing io during gameplay (and to the extent they do it is large streaming chunks), and graphics drivers bulk calls in userspace, most games should be fine, they just don't syscall much
|
# ? Jan 3, 2018 13:53 |
|
Cybernetic Vermin posted:if the details we have so far are correct there will be almost no impact on "pure" cpu-intensive loads, since the fix so far suggested is a huge overhead on syscalls as the entire kernel pagetable needs to be established on entry and then fully discarded on exit. if there is a microcode fix it may indeed have some impact, but we have no idea what that would look like in that case. since games mostly avoid doing io during gameplay (and to the extent they do it is large streaming chunks), and graphics drivers bulk calls in userspace, most games should be fine, they just don't syscall much Fair enough, and to support your claim, I did find this: https://www.phoronix.com/scan.php?page=news_item&px=x86-PTI-Initial-Gaming-Tests
|
# ? Jan 3, 2018 14:10 |
|
|
# ? May 28, 2024 14:40 |
|
start of a thread: https://twitter.com/lavados/status/948536300830851072 e: just to be clear i do think there's a ton of hysteria for what is rowhammer again
|
# ? Jan 3, 2018 14:23 |