Page 1 of 2 12 LastLast
Results 1 to 30 of 63

Thread: Major security flaw found in Intel processors

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1

    Major security flaw found in Intel processors

    A security flaw has been found in virtually all Intel processors that will require fixes within Windows, macOS and Linux, according to reports.
    Developers are currently scrambling behind the scenes to fix the significant security hole within the Intel chips, with patches already available within some versions of Linux and some testing versions of Windows, although the fixes are expected to significantly slow down computers.
    The specific details of the flaw, which appears to affect virtually all Intel processors made in the last decade and therefore millions of computers running virtually any operating system, have not been made public.
    But details of the fixes being developed point to issues involving the accessing of secure parts of a computerís memory by regular programs. It is feared that the security flaw within the Intel processors could be used to access passwords, login details and other protected information on the computer.
    ďModern operating systems rely upon Intelís chips to provide some essential security services Ė but if a flaw has been found then the operating systems themselves will need to be updated to do the job that they believed Intelís chips were doing properly,Ē said independent security expert Graham Cluley.
    The fixes involve moving the memory used by the core of the computerís operating system, known as the kernel, away from that used by normal programs. In that way, normal programs, including anything from javascript from a website to computer games, cannot be manipulated to exploit the hole and gain access to the protected kernel memory.
    But implementing the fix is expected to significantly affect the performance of the computer, making some actions up to around 30% slower.

    More at: https://www.theguardian.com/technolo...s-mac-os-linux
    Never attempt to teach a pig to sing; it wastes your time and annoys the pig.

    Robert Heinlein

    Give a man an inch and right away he thinks he's a ruler

    Groucho Marx

    I love mankindÖitís people I canít stand.

    Linus, from the Peanuts comic

    You cannot have liberty without morality and morality without faith

    Alexis de Torqueville

    Those who fail to learn from the past are condemned to repeat it.
    Those who learn from the past are condemned to watch everybody else repeat it

    A Zero Hedge comment



  2. Remove this section of ads by registering.
  3. #2
    Defective by design.
    Trusted Computing is not to be trusted.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  4. #3
    https://nakedsecurity.sophos.com/201...el-os-patches/

    Looking at the last Kernel upgrade. 4.14.*** but I think some of these are addressed.
    or,, I know some architecture issues were addressed., if not these specifically.

    they will be
    Last edited by pcosmar; 01-03-2018 at 03:45 PM.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  5. #4
    So.... not an issue w/ AMD?
    "He's talkin' to his gut like it's a person!!" -me
    "dumpster diving isn't professional." - angelatc


    "Each of us must choose which course of action we should take: education, conventional political action, or even peaceful civil disobedience to bring about necessary changes. But let it not be said that we did nothing." - Ron Paul

    "Paul said "the wave of the future" is a coalition of anti-authoritarian progressive Democrats and libertarian Republicans in Congress opposed to domestic surveillance, opposed to starting new wars and in favor of ending the so-called War on Drugs."

  6. #5
    Quote Originally Posted by dannno View Post
    So.... not an issue w/ AMD?
    Seems not with this,, (by some reading). But AMD architecture was addressed in the last kernel.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  7. #6
    I'll leave this here for your reading enjoyment.

    http://pythonsweetness.tumblr.com/po...nux-page-table
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  8. #7
    There is another take, and according to this one the implications to both Intel and the entire CPU industry could be dire. What follows is the transcription of the Monday afternoon tweetstorm by Nicole Perlroth - cybersecurity reporter at the NYT - according to whom today's "bug" is "not an Intel problem but an entire chipmaker design problem that affects virtually all processors on the market." In fact, according to the cybersecurity expert, one aspect of the bug is extremely troubling simply because there is no fix. Here is the full explanation.

    • 1. Apparently I don't know how to thread, so here goes my second attempt at blasting you with critical news on this "Intel Chip problem" which is not an Intel problem but an entire chipmaker design problem that affects virtually all processors on the market.
    • 2. Christmas didn't come for the computer security industry this year. A critical design flaw in virtually all microprocessors allows attackers to dump the entire memory contents off of a machine/mobile device/PC/cloud server etc.
    • 3. Our story on the motherlode of all vulnerabilities just posted here: https://www.nytimes.com/2018/01/03/b...ter-flaws.html. More will be post soon.
    • 4. We're dealing with two serious threats. The first is isolated to #IntelChips, has been dubbed Meltdown, and affects virtually all Intel microprocessors. The patch, called KAISER, will slow performance speeds of processors by as much as 30 percent.
    • 5. The second issue is a fundamental flaw in processor design approach, dubbed Spectre, which is more difficult to exploit, but affects virtually ALL PROCESSORS ON THE MARKET (Note here: Intel stock went down today but Spectre affects AMD and ARM too), and has NO FIX.
    • 6. Spectre will require a complete re-architecture of the way processors are designed and the threats posed will be with us for an entire hardware lifecycle, likely the next decade.
    • 7. The basic issue is the age old security dilemma: Speed vs Security. For the past decade, processors were designed to gain every performance advantage. In the process, chipmakers failed to ask basic questions about whether their design was secure. (Narrator: They were not)
    • 8. Meltdown and Spectre show that it is possible for attackers to exploit these design flaws to access the entire memory contents of a machine. The most visceral attack scenario is an attacker who rents 5 minutes of time from an Amazon/Google/Microsoft cloud server and steals...
    • 9. Data from other customers renting space on that same Amazon/Google/Microsoft cloud server, then marches onto another cloud server to repeat the attack, stealing untold volumes of data (SSL keys, passwords, logins, files etc) in the process.
    • 10. Basically, the motherlode. Meltdown can be exploited by any script kiddie with attack code. Spectre is harder to exploit, but nearly impossible to fix, short of shipping out new processors/hardware. The economic implications are not clear, but these are serious threats and
    • 11. Chipmakers like Intel will have to do a full recall-- unclear if there's even manufacturing capacity for this-- OR customers will have to wait for secure processors to reach the market, and do their own risk analysis as to whether they need to swap out all affected hardware.
    • 12. Intel is not surprisingly trying to downplay the threat of these attacks, but proof-of-concept attacks are already popping up online today, and the timeline for a full rollout of the patch is not clear. And that's just for the Meltdown threat. Spectre affects AMD and ARM too.
    • 13. But judging by stock moves today (Intel down, AMD up), investors didn't know that, taken together, Spectre and Meltdown affect all modern microprocessors.
    • 14. Meltdown and Spectre affect most chipmakers including those from AMD, ARM, and Intel, and all the devices and operating systems running them (GOOG, AMZN, MSFT, APPL etc).
    • 15. The flaws were originally discovered last June by a researcher at Google Project Zero (shout out @ Jann Horn) and then separately by Paul Kocher and a crew of highly impressive researchers at Rambus and academic institutions. Originally public disclosure was set for next week
    • 16. But news of Meltdown started to leak out (shout out @TheRegister) yesterday, so the disclosure was moved up a week to right now. The problem with this rushed timeline is that we don't necessarily know when to expect Meltdown patches from tech cos.
    • 7. Google says its systems have been updated to defend against Meltdown security.googleblog.com/2018/01/todays…. Microsoft issued an emergency update today. Amazon said it protected AWS customers running Amazon's tailored Linux version, and would roll out the MSFT patch for other customers 2day

    If the above is remotely true, the semi-space which has surged in recent week alongside the broad tech sector meltup, will have a very tough time in the coming weeks.

    More at: https://www.zerohedge.com/news/2018-...are-staggering
    Never attempt to teach a pig to sing; it wastes your time and annoys the pig.

    Robert Heinlein

    Give a man an inch and right away he thinks he's a ruler

    Groucho Marx

    I love mankindÖitís people I canít stand.

    Linus, from the Peanuts comic

    You cannot have liberty without morality and morality without faith

    Alexis de Torqueville

    Those who fail to learn from the past are condemned to repeat it.
    Those who learn from the past are condemned to watch everybody else repeat it

    A Zero Hedge comment

  9. #8
    The conditions required for these kinds of attacks in the wild are very difficult to achieve. These are very "academic" problems. But they do point at a general vulnerability in using (literally) opaque hardware - there is no way to audit the hardware itself short of roundabout software-testing methods. Software cannot protect itself from compromised hardware. That said, there's way too much FUD on this particular headline. Source: myself; this is my field (CPU architecture).



  10. Remove this section of ads by registering.
  11. #9
    Quote Originally Posted by ClaytonB View Post
    That said, there's way too much FUD on this particular headline. Source: myself; this is my field (CPU architecture).
    It is over blown,, but I updated my kernel anyway.

    Seems it has been a quietly known issue for some time and patches are out.
    Eventually,, the Next-gen processors will evolve.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  12. #10
    Quote Originally Posted by pcosmar View Post
    It is over blown,, but I updated my kernel anyway.

    Seems it has been a quietly known issue for some time and patches are out.
    Eventually,, the Next-gen processors will evolve.
    Absolutely, everybody should be taking safety precautions. What bothers me most about the news coverage is that this is being covered as though the chip designers are being "blind-sided" by some kind of "discovery" within the chip. Chip designers are well aware of these dangers and, to an extent, so are software designers. There is actually an entire field of research devoted to it. This isn't quite fake news, but it's taking a proof-of-concept that demonstrates a pretty arcane vulnerability (that exists in any CPU) and says, "See, we broke the CPU". In fact, the demonstrated exploits still require the attacker to have access to information that she probably can't get at runtime (precise location(s) of branches and other timing-sensitive instructions in the targeted code). Ironically, closed-source OS's like MSwin, iOS and so on are probably less vulnerable to this kind of attack for exactly this reason. In other words, Linus might want to back off on the afterburners on this particular issue lest he end up with egg on his face.

  13. #11
    Quote Originally Posted by ClaytonB View Post
    Ironically, closed-source OS's like MSwin, iOS and so on are probably less vulnerable to this kind of attack for exactly this reason. In other words, Linus might want to back off on the afterburners on this particular issue lest he end up with egg on his face.
    Actually,, no.
    The Open Source community has more eyes,, and less with blinders on..

    I suspect Micro$oft will be impacted most as they are the most vulnerable architecture (and most common).

    and I can not speak for apple users,, but linux/gnu users tend to be far more security conscious that the average windoze user.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  14. #12
    So, if Spectre affects all processors, does that include Qualcomm? Seems to me that if it is anywhere near that serious, things are gonna get super interesting when someone figures out how to gain control of billions of cellphones and tablets that every manufacturer has been going out of their way to prevent individual users from having any kind of meaningful ability to modify (as in, there is virtually no ability to slick them).
    There are no crimes against people.
    There are only crimes against the state.
    And the state will never, ever choose to hold accountable its agents, because a thing can not commit a crime against itself.

  15. #13
    Quote Originally Posted by fisharmor View Post
    So, if Spectre affects all processors, does that include Qualcomm? Seems to me that if it is anywhere near that serious, things are gonna get super interesting when someone figures out how to gain control of billions of cellphones and tablets that every manufacturer has been going out of their way to prevent individual users from having any kind of meaningful ability to modify (as in, there is virtually no ability to slick them).
    Cloud vulnerability is being discussed. Servers will be of more concern than personal devices,, except for anything you save "out there".
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  16. #14
    I have a bad feeling about this. Maybe I am missing something here but why are Linux and Microsoft OS's so quick to push updates that could potentially impact production systems performance and not just leave it to anti-virus vendors or a determination whether the exploits are possible based on purpose of the device.

    For example, why should one hose Linux based web and database server performance when the users are only reading pages and/or there are restrictions on what data can be being submitted. This seems pretty obvious but they are telling everyone to update, why?

    Hmmm.
    Last edited by kahless; 01-04-2018 at 11:09 PM.

  17. #15
    Quote Originally Posted by kahless View Post
    I have a bad feeling about this. Maybe I am missing something here but why are Linux and Microsoft OS's so quick to push updates that could potentially impact production systems performance and not just leave it to anti-virus vendors or a determination whether the exploits are possible based on purpose of the device.

    For example, why should one hose Linux based web and database server performance when the users are only reading pages and/or there are restrictions on what data can be being submitted. This seems pretty obvious but they are telling everyone to update, why?

    Hmmm.
    Maybe we'll finally see the end of the public cloud? It was a stupid idea to begin with.

  18. #16
    Quote Originally Posted by kahless View Post
    I have a bad feeling about this. Maybe I am missing something here but why are Linux and Microsoft OS's so quick to push updates that could potentially impact production systems performance and not just leave it to anti-virus vendors or a determination whether the exploits are possible based on purpose of the device.

    For example, why should one hose Linux based web and database server performance when the users are only reading pages and/or there are restrictions on what data can be being submitted. This seems pretty obvious but they are telling everyone to update, why?

    Hmmm.
    I have noticed no reduced performance on my machine. Though I have not been running Virtual environments.

    The last kernel (4.14.8) is pretty snappy.. , on my machine.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom



  19. Remove this section of ads by registering.
  20. #17
    Quote Originally Posted by pcosmar View Post
    I have noticed no reduced performance on my machine. Though I have not been running Virtual environments.

    The last kernel (4.14.8) is pretty snappy.. , on my machine.
    One of the articles I read said database servers were being impacted. Just think of the massive amount of machines on the web running all different kernels that could potentially be brought to their knees by applying the patches. Not sure what I am missing here since it does not seem to make any sense for a website to receive these updates.

    For example vBulletin on RPF would have sufficient input validation protections and no one is sitting down at the server browsing the web that could execute the malicious code. If the apache web server could be effected why not just patch apache.

    Unless I am missing something I do not see how a site like RPF could be impacted. By Cento/RHEL and other Linux distros pushing the updates I believe they are probably asking for trouble.

    Who knows with declining hardware and hosting sales maybe that is what they want. This would be a boon to server manufacturers and hosting providers (an industry in decline). People upgrading their servers because their web/database servers are slower with the patches.
    Last edited by kahless; 01-05-2018 at 12:59 PM.

  21. #18
    Quote Originally Posted by kahless View Post
    One of the articles I read said database servers were being impacted. Just think of the massive amount of machines on the web running all different kernels that could potentially be brought to their knees by applying the patches. Not sure what I am missing here since it does not seem to make any sense for a website to receive these updates.

    For example vBulletin on RPF would have sufficient input validation protections and no one is sitting down at the server browsing the web that could execute the malicious code. If the apache web server could be effected why not just patch apache.

    Unless I am missing something I do not see how a site like RPF could be impacted. By Cento/RHEL and other Linux distros pushing the updates I believe they are probably asking for trouble.

    Who knows with declining hardware and hosting sales maybe that is what they want. This would be a boon to server manufacturers and hosting providers. People upgrading their servers because their web/database servers are slower with the patches.
    well something you obviously don't understand is that updates are routine.
    the linix kernel is continuously being updated. as are others.
    Security patches happen almost daily.
    and replacing a kernel only requires installation and a reboot. Took less than ten minutes.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  22. #19
    Quote Originally Posted by pcosmar View Post
    well something you obviously don't understand is that updates are routine.
    the linix kernel is continuously being updated. as are others.
    Security patches happen almost daily.
    and replacing a kernel only requires installation and a reboot. Took less than ten minutes.
    I know this since I have been supporting Linux servers for 20 years in 24x7 up time environments. I read the details of each update before allowing it to be applied and exclude some that are known to be problematic which is rare. It does happen sometimes where they rush an update that hoses a driver or a DB update that effects performance.

    In this case it seemed to be rushed out despite the potential significant performance impact without making the case how some systems could or count not be compromised and the hype that all systems should be upgraded.
    Last edited by kahless; 01-05-2018 at 01:27 PM.

  23. #20
    I had someone tell me 5 years ago when 4 core processors were a thing he said he worked for a large manufacture that makes 5 core processors, I said don't you mean 4 core, he said nope they have an extra one built in there for backdoor purposes, then started bragging about how it can do all this without making any lag on the CPU. Then I was like its gotta slow it down or use battery or atleast or cost money to manufacture that backdoor and he said that its no extra cost because it gets monetized in the sales and there is no competition. The best thing about the Trump administration is the conspiracies that are becoming true, from aliens to manufactured backdoors in consumer electronics. Whats next lizard people??

  24. #21
    Quote Originally Posted by nikcers View Post
    I had someone tell me 5 years ago when 4 core processors were a thing he said he worked for a large manufacture that makes 5 core processors, I said don't you mean 4 core, he said nope they have an extra one built in there for backdoor purposes, then started bragging about how it can do all this without making any lag on the CPU. Then I was like its gotta slow it down or use battery or atleast or cost money to manufacture that backdoor and he said that its no extra cost because it gets monetized in the sales and there is no competition. The best thing about the Trump administration is the conspiracies that are becoming true, from aliens to manufactured backdoors in consumer electronics. Whats next lizard people??
    Manufactured back doors and corporate malware have been known issues.

    Trusted computing was adding chip level crap. DRM was more defective design.
    and of course the usual players,, alphabetically
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  25. #22
    LINUX users,,

    Kernel 4.14 contained some of the patches..

    Kernel 4.15 scheduled for release in Jan.. rc testing now.
    https://www.phoronix.com/scan.php?pa...5-rc5-Released

    Grab 4.15.** whenever it hits the repositories.
    @kahless
    Server and performance in testing.
    https://www.phoronix.com/scan.php?pa...kpti-kvm&num=1
    Last edited by pcosmar; 01-05-2018 at 01:42 PM.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  26. #23
    Quote Originally Posted by pcosmar View Post
    LINUX users,,

    Kernel 4.14 contained some of the patches..

    Kernel 4.15 scheduled for release in Jan.. rc testing now.
    https://www.phoronix.com/scan.php?pa...5-rc5-Released

    Grab 4.15.** whenever it hits the repositories.
    @kahless
    Server and performance in testing.
    https://www.phoronix.com/scan.php?pa...kpti-kvm&num=1
    4.15, although commonly found with servers, enterprise OS's using older kernels 2.6.x or 3.1x for stability rather than bleeding edge kernels.

  27. #24
    Quote Originally Posted by kahless View Post
    4.15, although commonly found with servers, enterprise OS's using older kernels 2.6.x or 3.1x for stability rather than bleeding edge kernels.
    I would find that to be a bit silly,,, and most certainly "Not best practice".

    I started with 2.6 Slackware. 13 years ago.



    edit

    oh hell,, 2.6 was pre 64 bit..

    those systems could not handle 4 gig of ram,, (3 was max)
    Last edited by pcosmar; 01-05-2018 at 02:47 PM.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom



  28. Remove this section of ads by registering.
  29. #25
    Quote Originally Posted by pcosmar View Post
    I would find that to be a bit silly,,, and most certainly "Not best practice".

    I started with 2.6 Slackware. 13 years ago.

    edit

    oh hell,, 2.6 was pre 64 bit..

    those systems could not handle 4 gig of ram,, (3 was max)
    Notice I wrote 2.6.x and they are actually 64 bit, have been for some time now. Updates are back ported and the number incremented. You just do not get new versions of software but rather maintenance updates for stability. These are very stable kernels for high availability environments and yes "best practice" not running bleeding edge kernels for availability. They are commonly found in hosting environments - in Enterprise Linux distros like RHEL/Centos, Scientific Linux...

  30. #26
    Quote Originally Posted by kahless View Post
    Notice I wrote 2.6.x and they are actually 64 bit, have been for some time now. Updates are back ported and the number incremented. You just do not get new versions of software but rather maintenance updates for stability. These are very stable kernels for high availability environments and yes "best practice" not running bleeding edge kernels for availability. They are commonly found in hosting environments - in Enterprise Linux distros like RHEL/Centos, Scientific Linux...
    Linix kernel 4.14 (I had 4.8.**) has been out and stable for some time. that is hardly bleeding edge. I has tested Release Candidates before..

    4.15rc5 is a release candidate,, in testing,, that is bleeding edge.

    It will be Running enterprise software by the end of Feb,, if not the beginning of February

    and since you mention CENTOS,,
    https://www.tecmint.com/install-upgr...n-in-centos-7/
    and this (from Oct)
    https://access.redhat.com/errata/RHSA-2017:2918
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  31. #27
    It was revealed during the Snowden leaks, iirc, that pretty much all tech had been compromised with backdoors at the manufacturer level.

    eta:

    http://www.ronpaulforums.com/showthr...turer-s-drives

    Quote Originally Posted by me 2-17-15
    Regardless of what is claimed by the articles, I think it's naive to think it's just a few targeted systems. They didn't call it the "Total Information Awareness" program for nuthin'. This is also the sort of stuff that limited the Snowden releases to around 5% of his total haul. EVERYTHING is compromised. All of it.
    Pardon me if I don't run out to install whatever the media and Intel (agencies) blare at me to install to fix "bugs" now. The same ones that have hidden the "flaws" are now offering the solution? Eh, a bit too Hegelian for my liking.
    Last edited by devil21; 01-06-2018 at 11:52 AM.
    "Let it not be said that we did nothing." - Ron Paul

    The entire internet is the domain of paid shills and bots. If you don't know this by now....

    Israel, under control of the Crown and, ultimately, the Vatican, own the USA. If you don't know this by now....

    Talk to people about liberty. You won't find it on websites, you won't find it in politicians.

    Visiting the Outer Banks of NC?
    Outer Banks NC Fishing Boat Rentals

  32. #28
    Quote Originally Posted by devil21 View Post
    It was revealed during the Snowden leaks, iirc, that pretty have all tech had been compromised with backdoors at the manufacturer level.

    Pardon me if I don't run out to install whatever the media and Intel (agencies) blare at me to install to fix "bugs" now.
    The Open Source,, and Digital Rights communities have been working on just those issues.
    Hardware back doors are closed when found.. And this had been known about for some time,and vault7 revealed more.

    The fix for these problems is available,, and is being scrutinized by many eyes,,, some of them more paranoid than you.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  33. #29
    Quote Originally Posted by pcosmar View Post
    The Open Source,, and Digital Rights communities have been working on just those issues.
    Hardware back doors are closed when found.. And this had been known about for some time,and vault7 revealed more.

    The fix for these problems is available,, and is being scrutinized by many eyes,,, some of them more paranoid than you.
    That assumes these same organizations haven't been infiltrated just like every other organization of importance has. I don't have much faith in that assumption. ymmv
    "Let it not be said that we did nothing." - Ron Paul

    The entire internet is the domain of paid shills and bots. If you don't know this by now....

    Israel, under control of the Crown and, ultimately, the Vatican, own the USA. If you don't know this by now....

    Talk to people about liberty. You won't find it on websites, you won't find it in politicians.

    Visiting the Outer Banks of NC?
    Outer Banks NC Fishing Boat Rentals

  34. #30
    Quote Originally Posted by devil21 View Post
    ymmv
    You are quite welcome to code your own OS from Source Code. That is the beauty and freedom of Open Source.
    or look into the several distributions made by some one else.. There are un-hackable (hard code,read only),, high security distros for just that purpose.

    it is ever evolving

    My distro,, my favorite. is the work of a guy in Texas and a bunch of folk in a community of users.
    https://www.pclinuxos.com/
    https://en.wikipedia.org/wiki/PCLinuxOS
    https://distrowatch.com/table.php?di...tion=pclinuxos
    Last edited by pcosmar; 01-06-2018 at 01:32 PM.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

Page 1 of 2 12 LastLast


Similar Threads

  1. Major flaw in Presidential polling samples
    By Joeinmo in forum Rand Paul Forum
    Replies: 7
    Last Post: 12-10-2015, 10:31 PM
  2. A major flaw in Gold ?
    By Rylick in forum Economy & Markets
    Replies: 7
    Last Post: 05-14-2010, 06:34 PM
  3. Major flaw in US constitution
    By Kraig in forum U.S. Constitution
    Replies: 101
    Last Post: 08-30-2009, 11:08 PM
  4. GAO: Major security flaws found at federal buildings
    By tsopranos in forum U.S. Political News
    Replies: 1
    Last Post: 07-08-2009, 07:49 AM
  5. A possible major flaw with the gold standard?
    By jon_perez in forum Economy & Markets
    Replies: 53
    Last Post: 12-05-2007, 10:37 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •