Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v14.1 - Hello, is this a delivery order?
«2 »
 
  • Locked thread
Shifty Pony
Dec 28, 2004

Up ta somethin'


 sure it took a while for those PoC papers to pay off but you have to admit it was worth the wait.

it will be interesting to see what the microcode fix will be. iirc those attacks aren't actually all that likely to work individually but instead rely on being able to repeatedly hammer the caches with the attack millions of times per second until sheer luck wins out. I wonder if it might be possible to watch for access patterns and faults indicative of the attack and halt/flush everything when they are spotted. I don't know how much flexibility they have with the hardware they are working to fix.

* # ¿ Jan 3, 2018 19:28
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 14, 2024 14:41
  • Quote
Shifty Pony
Dec 28, 2004

Up ta somethin'


 apparently the MS KB4056892 patch for Meltdown breaks ASUS's GPU and MB fan control software. who knows what the gently caress ASUS was doing behind the scenes to cause that incompatibility.

now my desktop is slightly louder thanks a bunch ASUS :mad:

* # ¿ Jan 6, 2018 16:06
  • Quote
Shifty Pony
Dec 28, 2004

Up ta somethin'

Subjunctive posted:

why would GPU drivers need to be updated with fixes for Meltdown and Spectre?

perhaps it might be less a Meltdown/Spectre fix and more a fix to prevent the MS fix from causing performance drops or errors?

* # ¿ Jan 9, 2018 03:23
  • Quote
Shifty Pony
Dec 28, 2004

Up ta somethin'

Subjunctive posted:

what could they do to change the performance characteristics? they’re already designed to minimize kernel transitions, AFAIK

an edge case perhaps?

I'm really just guessing here. it is also possible they didn't change a drat thing and this driver set had just been run through tests on updates systems.

* # ¿ Jan 9, 2018 03:46
  • Quote
Shifty Pony
Dec 28, 2004

Up ta somethin'


 crossing from the tech bubble thread

good security idea: deploy something that lets you instantly remotely lock and encrypt any system and train overseas office managers on how to quickly trigger it if a bunch of unauthorized people force their way into the office to gain access to sensitive data.

bad security idea: defining "police with a search warrant" as unauthorized.

quote:

Like managers at Uber’s hundreds of offices abroad, they’d been trained to page a number that alerted specially trained staff at company headquarters in San Francisco. When the call came in, staffers quickly remotely logged off every computer in the Montreal office, making it practically impossible for the authorities to retrieve the company records they’d obtained a warrant to collect. The investigators left without any evidence.
* # ¿ Jan 11, 2018 19:12
  • Quote
  • Locked thread
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v14.1 - Hello, is this a delivery order?
«2 »