Page 1 of 3 123 LastLast
Results 1 to 30 of 63

Thread: Major security flaw found in Intel processors

  1. #1

    Major security flaw found in Intel processors

    A security flaw has been found in virtually all Intel processors that will require fixes within Windows, macOS and Linux, according to reports.
    Developers are currently scrambling behind the scenes to fix the significant security hole within the Intel chips, with patches already available within some versions of Linux and some testing versions of Windows, although the fixes are expected to significantly slow down computers.
    The specific details of the flaw, which appears to affect virtually all Intel processors made in the last decade and therefore millions of computers running virtually any operating system, have not been made public.
    But details of the fixes being developed point to issues involving the accessing of secure parts of a computer’s memory by regular programs. It is feared that the security flaw within the Intel processors could be used to access passwords, login details and other protected information on the computer.
    “Modern operating systems rely upon Intel’s chips to provide some essential security services – but if a flaw has been found then the operating systems themselves will need to be updated to do the job that they believed Intel’s chips were doing properly,” said independent security expert Graham Cluley.
    The fixes involve moving the memory used by the core of the computer’s operating system, known as the kernel, away from that used by normal programs. In that way, normal programs, including anything from javascript from a website to computer games, cannot be manipulated to exploit the hole and gain access to the protected kernel memory.
    But implementing the fix is expected to significantly affect the performance of the computer, making some actions up to around 30% slower.

    More at: https://www.theguardian.com/technolo...s-mac-os-linux
    Never attempt to teach a pig to sing; it wastes your time and annoys the pig.

    Robert Heinlein

    Give a man an inch and right away he thinks he's a ruler

    Groucho Marx

    I love mankind…it’s people I can’t stand.

    Linus, from the Peanuts comic

    You cannot have liberty without morality and morality without faith

    Alexis de Torqueville

    Those who fail to learn from the past are condemned to repeat it.
    Those who learn from the past are condemned to watch everybody else repeat it

    A Zero Hedge comment



  2. Remove this section of ads by registering.
  3. #2
    Defective by design.
    Trusted Computing is not to be trusted.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  4. #3
    https://nakedsecurity.sophos.com/201...el-os-patches/

    Looking at the last Kernel upgrade. 4.14.*** but I think some of these are addressed.
    or,, I know some architecture issues were addressed., if not these specifically.

    they will be
    Last edited by pcosmar; 01-03-2018 at 03:45 PM.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  5. #4
    So.... not an issue w/ AMD?
    "He's talkin' to his gut like it's a person!!" -me
    "dumpster diving isn't professional." - angelatc
    "You don't need a medical degree to spot obvious bullshit, that's actually a separate skill." -Scott Adams
    "When you are divided, and angry, and controlled, you target those 'different' from you, not those responsible [controllers]" -Q

    "Each of us must choose which course of action we should take: education, conventional political action, or even peaceful civil disobedience to bring about necessary changes. But let it not be said that we did nothing." - Ron Paul

    "Paul said "the wave of the future" is a coalition of anti-authoritarian progressive Democrats and libertarian Republicans in Congress opposed to domestic surveillance, opposed to starting new wars and in favor of ending the so-called War on Drugs."

  6. #5
    Quote Originally Posted by dannno View Post
    So.... not an issue w/ AMD?
    Seems not with this,, (by some reading). But AMD architecture was addressed in the last kernel.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  7. #6
    I'll leave this here for your reading enjoyment.

    http://pythonsweetness.tumblr.com/po...nux-page-table
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  8. #7
    There is another take, and according to this one the implications to both Intel and the entire CPU industry could be dire. What follows is the transcription of the Monday afternoon tweetstorm by Nicole Perlroth - cybersecurity reporter at the NYT - according to whom today's "bug" is "not an Intel problem but an entire chipmaker design problem that affects virtually all processors on the market." In fact, according to the cybersecurity expert, one aspect of the bug is extremely troubling simply because there is no fix. Here is the full explanation.

    • 1. Apparently I don't know how to thread, so here goes my second attempt at blasting you with critical news on this "Intel Chip problem" which is not an Intel problem but an entire chipmaker design problem that affects virtually all processors on the market.
    • 2. Christmas didn't come for the computer security industry this year. A critical design flaw in virtually all microprocessors allows attackers to dump the entire memory contents off of a machine/mobile device/PC/cloud server etc.
    • 3. Our story on the motherlode of all vulnerabilities just posted here: https://www.nytimes.com/2018/01/03/b...ter-flaws.html. More will be post soon.
    • 4. We're dealing with two serious threats. The first is isolated to #IntelChips, has been dubbed Meltdown, and affects virtually all Intel microprocessors. The patch, called KAISER, will slow performance speeds of processors by as much as 30 percent.
    • 5. The second issue is a fundamental flaw in processor design approach, dubbed Spectre, which is more difficult to exploit, but affects virtually ALL PROCESSORS ON THE MARKET (Note here: Intel stock went down today but Spectre affects AMD and ARM too), and has NO FIX.
    • 6. Spectre will require a complete re-architecture of the way processors are designed and the threats posed will be with us for an entire hardware lifecycle, likely the next decade.
    • 7. The basic issue is the age old security dilemma: Speed vs Security. For the past decade, processors were designed to gain every performance advantage. In the process, chipmakers failed to ask basic questions about whether their design was secure. (Narrator: They were not)
    • 8. Meltdown and Spectre show that it is possible for attackers to exploit these design flaws to access the entire memory contents of a machine. The most visceral attack scenario is an attacker who rents 5 minutes of time from an Amazon/Google/Microsoft cloud server and steals...
    • 9. Data from other customers renting space on that same Amazon/Google/Microsoft cloud server, then marches onto another cloud server to repeat the attack, stealing untold volumes of data (SSL keys, passwords, logins, files etc) in the process.
    • 10. Basically, the motherlode. Meltdown can be exploited by any script kiddie with attack code. Spectre is harder to exploit, but nearly impossible to fix, short of shipping out new processors/hardware. The economic implications are not clear, but these are serious threats and
    • 11. Chipmakers like Intel will have to do a full recall-- unclear if there's even manufacturing capacity for this-- OR customers will have to wait for secure processors to reach the market, and do their own risk analysis as to whether they need to swap out all affected hardware.
    • 12. Intel is not surprisingly trying to downplay the threat of these attacks, but proof-of-concept attacks are already popping up online today, and the timeline for a full rollout of the patch is not clear. And that's just for the Meltdown threat. Spectre affects AMD and ARM too.
    • 13. But judging by stock moves today (Intel down, AMD up), investors didn't know that, taken together, Spectre and Meltdown affect all modern microprocessors.
    • 14. Meltdown and Spectre affect most chipmakers including those from AMD, ARM, and Intel, and all the devices and operating systems running them (GOOG, AMZN, MSFT, APPL etc).
    • 15. The flaws were originally discovered last June by a researcher at Google Project Zero (shout out @ Jann Horn) and then separately by Paul Kocher and a crew of highly impressive researchers at Rambus and academic institutions. Originally public disclosure was set for next week
    • 16. But news of Meltdown started to leak out (shout out @TheRegister) yesterday, so the disclosure was moved up a week to right now. The problem with this rushed timeline is that we don't necessarily know when to expect Meltdown patches from tech cos.
    • 7. Google says its systems have been updated to defend against Meltdown security.googleblog.com/2018/01/todays…. Microsoft issued an emergency update today. Amazon said it protected AWS customers running Amazon's tailored Linux version, and would roll out the MSFT patch for other customers 2day

    If the above is remotely true, the semi-space which has surged in recent week alongside the broad tech sector meltup, will have a very tough time in the coming weeks.

    More at: https://www.zerohedge.com/news/2018-...are-staggering
    Never attempt to teach a pig to sing; it wastes your time and annoys the pig.

    Robert Heinlein

    Give a man an inch and right away he thinks he's a ruler

    Groucho Marx

    I love mankind…it’s people I can’t stand.

    Linus, from the Peanuts comic

    You cannot have liberty without morality and morality without faith

    Alexis de Torqueville

    Those who fail to learn from the past are condemned to repeat it.
    Those who learn from the past are condemned to watch everybody else repeat it

    A Zero Hedge comment

  9. #8
    The conditions required for these kinds of attacks in the wild are very difficult to achieve. These are very "academic" problems. But they do point at a general vulnerability in using (literally) opaque hardware - there is no way to audit the hardware itself short of roundabout software-testing methods. Software cannot protect itself from compromised hardware. That said, there's way too much FUD on this particular headline. Source: myself; this is my field (CPU architecture).



  10. Remove this section of ads by registering.
  11. #9
    Quote Originally Posted by ClaytonB View Post
    That said, there's way too much FUD on this particular headline. Source: myself; this is my field (CPU architecture).
    It is over blown,, but I updated my kernel anyway.

    Seems it has been a quietly known issue for some time and patches are out.
    Eventually,, the Next-gen processors will evolve.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  12. #10
    Quote Originally Posted by pcosmar View Post
    It is over blown,, but I updated my kernel anyway.

    Seems it has been a quietly known issue for some time and patches are out.
    Eventually,, the Next-gen processors will evolve.
    Absolutely, everybody should be taking safety precautions. What bothers me most about the news coverage is that this is being covered as though the chip designers are being "blind-sided" by some kind of "discovery" within the chip. Chip designers are well aware of these dangers and, to an extent, so are software designers. There is actually an entire field of research devoted to it. This isn't quite fake news, but it's taking a proof-of-concept that demonstrates a pretty arcane vulnerability (that exists in any CPU) and says, "See, we broke the CPU". In fact, the demonstrated exploits still require the attacker to have access to information that she probably can't get at runtime (precise location(s) of branches and other timing-sensitive instructions in the targeted code). Ironically, closed-source OS's like MSwin, iOS and so on are probably less vulnerable to this kind of attack for exactly this reason. In other words, Linus might want to back off on the afterburners on this particular issue lest he end up with egg on his face.

  13. #11
    Quote Originally Posted by ClaytonB View Post
    Ironically, closed-source OS's like MSwin, iOS and so on are probably less vulnerable to this kind of attack for exactly this reason. In other words, Linus might want to back off on the afterburners on this particular issue lest he end up with egg on his face.
    Actually,, no.
    The Open Source community has more eyes,, and less with blinders on..

    I suspect Micro$oft will be impacted most as they are the most vulnerable architecture (and most common).

    and I can not speak for apple users,, but linux/gnu users tend to be far more security conscious that the average windoze user.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  14. #12
    So, if Spectre affects all processors, does that include Qualcomm? Seems to me that if it is anywhere near that serious, things are gonna get super interesting when someone figures out how to gain control of billions of cellphones and tablets that every manufacturer has been going out of their way to prevent individual users from having any kind of meaningful ability to modify (as in, there is virtually no ability to slick them).
    There are no crimes against people.
    There are only crimes against the state.
    And the state will never, ever choose to hold accountable its agents, because a thing can not commit a crime against itself.

  15. #13
    Quote Originally Posted by fisharmor View Post
    So, if Spectre affects all processors, does that include Qualcomm? Seems to me that if it is anywhere near that serious, things are gonna get super interesting when someone figures out how to gain control of billions of cellphones and tablets that every manufacturer has been going out of their way to prevent individual users from having any kind of meaningful ability to modify (as in, there is virtually no ability to slick them).
    Cloud vulnerability is being discussed. Servers will be of more concern than personal devices,, except for anything you save "out there".
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  16. #14
    I have a bad feeling about this. Maybe I am missing something here but why are Linux and Microsoft OS's so quick to push updates that could potentially impact production systems performance and not just leave it to anti-virus vendors or a determination whether the exploits are possible based on purpose of the device.

    For example, why should one hose Linux based web and database server performance when the users are only reading pages and/or there are restrictions on what data can be being submitted. This seems pretty obvious but they are telling everyone to update, why?

    Hmmm.
    Last edited by kahless; 01-04-2018 at 11:09 PM.

  17. #15
    Quote Originally Posted by kahless View Post
    I have a bad feeling about this. Maybe I am missing something here but why are Linux and Microsoft OS's so quick to push updates that could potentially impact production systems performance and not just leave it to anti-virus vendors or a determination whether the exploits are possible based on purpose of the device.

    For example, why should one hose Linux based web and database server performance when the users are only reading pages and/or there are restrictions on what data can be being submitted. This seems pretty obvious but they are telling everyone to update, why?

    Hmmm.
    Maybe we'll finally see the end of the public cloud? It was a stupid idea to begin with.

  18. #16
    I had someone tell me 5 years ago when 4 core processors were a thing he said he worked for a large manufacture that makes 5 core processors, I said don't you mean 4 core, he said nope they have an extra one built in there for backdoor purposes, then started bragging about how it can do all this without making any lag on the CPU. Then I was like its gotta slow it down or use battery or atleast or cost money to manufacture that backdoor and he said that its no extra cost because it gets monetized in the sales and there is no competition. The best thing about the Trump administration is the conspiracies that are becoming true, from aliens to manufactured backdoors in consumer electronics. Whats next lizard people??



  19. Remove this section of ads by registering.
  20. #17
    Quote Originally Posted by kahless View Post
    I have a bad feeling about this. Maybe I am missing something here but why are Linux and Microsoft OS's so quick to push updates that could potentially impact production systems performance and not just leave it to anti-virus vendors or a determination whether the exploits are possible based on purpose of the device.

    For example, why should one hose Linux based web and database server performance when the users are only reading pages and/or there are restrictions on what data can be being submitted. This seems pretty obvious but they are telling everyone to update, why?

    Hmmm.
    I have noticed no reduced performance on my machine. Though I have not been running Virtual environments.

    The last kernel (4.14.8) is pretty snappy.. , on my machine.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  21. #18
    Quote Originally Posted by nikcers View Post
    I had someone tell me 5 years ago when 4 core processors were a thing he said he worked for a large manufacture that makes 5 core processors, I said don't you mean 4 core, he said nope they have an extra one built in there for backdoor purposes, then started bragging about how it can do all this without making any lag on the CPU. Then I was like its gotta slow it down or use battery or atleast or cost money to manufacture that backdoor and he said that its no extra cost because it gets monetized in the sales and there is no competition. The best thing about the Trump administration is the conspiracies that are becoming true, from aliens to manufactured backdoors in consumer electronics. Whats next lizard people??
    Manufactured back doors and corporate malware have been known issues.

    Trusted computing was adding chip level crap. DRM was more defective design.
    and of course the usual players,, alphabetically
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  22. #19
    Quote Originally Posted by pcosmar View Post
    I have noticed no reduced performance on my machine. Though I have not been running Virtual environments.

    The last kernel (4.14.8) is pretty snappy.. , on my machine.
    One of the articles I read said database servers were being impacted. Just think of the massive amount of machines on the web running all different kernels that could potentially be brought to their knees by applying the patches. Not sure what I am missing here since it does not seem to make any sense for a website to receive these updates.

    For example vBulletin on RPF would have sufficient input validation protections and no one is sitting down at the server browsing the web that could execute the malicious code. If the apache web server could be effected why not just patch apache.

    Unless I am missing something I do not see how a site like RPF could be impacted. By Cento/RHEL and other Linux distros pushing the updates I believe they are probably asking for trouble.

    Who knows with declining hardware and hosting sales maybe that is what they want. This would be a boon to server manufacturers and hosting providers (an industry in decline). People upgrading their servers because their web/database servers are slower with the patches.
    Last edited by kahless; 01-05-2018 at 12:59 PM.

  23. #20
    Quote Originally Posted by kahless View Post
    One of the articles I read said database servers were being impacted. Just think of the massive amount of machines on the web running all different kernels that could potentially be brought to their knees by applying the patches. Not sure what I am missing here since it does not seem to make any sense for a website to receive these updates.

    For example vBulletin on RPF would have sufficient input validation protections and no one is sitting down at the server browsing the web that could execute the malicious code. If the apache web server could be effected why not just patch apache.

    Unless I am missing something I do not see how a site like RPF could be impacted. By Cento/RHEL and other Linux distros pushing the updates I believe they are probably asking for trouble.

    Who knows with declining hardware and hosting sales maybe that is what they want. This would be a boon to server manufacturers and hosting providers. People upgrading their servers because their web/database servers are slower with the patches.
    well something you obviously don't understand is that updates are routine.
    the linix kernel is continuously being updated. as are others.
    Security patches happen almost daily.
    and replacing a kernel only requires installation and a reboot. Took less than ten minutes.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  24. #21
    Quote Originally Posted by pcosmar View Post
    well something you obviously don't understand is that updates are routine.
    the linix kernel is continuously being updated. as are others.
    Security patches happen almost daily.
    and replacing a kernel only requires installation and a reboot. Took less than ten minutes.
    I know this since I have been supporting Linux servers for 20 years in 24x7 up time environments. I read the details of each update before allowing it to be applied and exclude some that are known to be problematic which is rare. It does happen sometimes where they rush an update that hoses a driver or a DB update that effects performance.

    In this case it seemed to be rushed out despite the potential significant performance impact without making the case how some systems could or count not be compromised and the hype that all systems should be upgraded.
    Last edited by kahless; 01-05-2018 at 01:27 PM.

  25. #22
    Quote Originally Posted by kahless View Post

    In this case it seemed to be rushed out in spite of a significant performance impact without making the case how some systems could be compromised.
    Seems rushed? Patches had been out long before News was reported..

    The "news" was released on patch Tuesday (windoze)

    Patches had been available for linux,, at least since December. (perhaps longer)

    and the projected slowdowns in performance (from my reading) were speculated results of the flaw being exploited..

    My experience,,so far,, the new kernel is working fine,, and seems to have a performance increase.. (though that is subjective)
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  26. #23
    LINUX users,,

    Kernel 4.14 contained some of the patches..

    Kernel 4.15 scheduled for release in Jan.. rc testing now.
    https://www.phoronix.com/scan.php?pa...5-rc5-Released

    Grab 4.15.** whenever it hits the repositories.
    @kahless
    Server and performance in testing.
    https://www.phoronix.com/scan.php?pa...kpti-kvm&num=1
    Last edited by pcosmar; 01-05-2018 at 01:42 PM.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  27. #24
    Quote Originally Posted by pcosmar View Post
    Seems rushed? Patches had been out long before News was reported..

    The "news" was released on patch Tuesday (windoze)

    Patches had been available for linux,, at least since December. (perhaps longer)

    and the projected slowdowns in performance (from my reading) were speculated results of the flaw being exploited..

    My experience,,so far,, the new kernel is working fine,, and seems to have a performance increase.. (though that is subjective)
    Like I said rushed to the extent that telling everyone to update in spite of the performance impact and without noting how systems could and could not be compromised in plain english. This might not be a big deal for you as a desktop user but it is a big deal if you could potentially hose production servers.

    https://bgr.com/2018/01/04/intel-chi...w-slow-mac-pc/
    You’d really notice the speed “if you hammer the disk, the network, or use software that makes lots of system calls in and out of the kernel,”
    Linux kernel supremo Linus Torvalds has suggested a five per cent slowdown should be typical; Willy Tarreau, CTO of HAProxy and a Linux kernel contributor, has reported a 17 per cent slowdown; worst-case scenarios have been as high as 30 per cent.
    https://bgr.com/2018/01/04/intel-chi...w-slow-mac-pc/
    The fixes will also slow down computers by between 5% to 30%, according to some researchers
    ....
    The report notes that if all you do is play games on your computer, then the PC won’t see a slowdown because the software rarely jumps to the kernel. The same thing happens if you use the computer to browse the internet, write emails and type documents. “If you do a lot of in-memory number crunching, you won’t see much of an impact because again the kernel isn’t getting in the way,” The Register says. Furthermore, process context identifiers (PCID) support enabled on your hardware and kernel would minimize the performance hit.

    You’d really notice the speed “if you hammer the disk, the network, or use software that makes lots of system calls in and out of the kernel,” and if you lack PCID support.

    Data centers and enterprise computers may be impacted the most. Because of slowdowns, cloud service prices could increase because computers will need more time, and therefore more resources, to process data. Those extra costs might be passed along to customers.
    Desktop users are not as effected as servers it seems. If you are making allot of syscalls it is indicated in the fix it could be as much as 30% performance hit. If you have a server on the cusp bogged down with traffic even 5% is allot.
    Last edited by kahless; 01-05-2018 at 01:56 PM.



  28. Remove this section of ads by registering.
  29. #25
    Quote Originally Posted by pcosmar View Post
    LINUX users,,

    Kernel 4.14 contained some of the patches..

    Kernel 4.15 scheduled for release in Jan.. rc testing now.
    https://www.phoronix.com/scan.php?pa...5-rc5-Released

    Grab 4.15.** whenever it hits the repositories.
    @kahless
    Server and performance in testing.
    https://www.phoronix.com/scan.php?pa...kpti-kvm&num=1
    4.15, although commonly found with servers, enterprise OS's using older kernels 2.6.x or 3.1x for stability rather than bleeding edge kernels.

  30. #26
    Quote Originally Posted by kahless View Post
    4.15, although commonly found with servers, enterprise OS's using older kernels 2.6.x or 3.1x for stability rather than bleeding edge kernels.
    I would find that to be a bit silly,,, and most certainly "Not best practice".

    I started with 2.6 Slackware. 13 years ago.



    edit

    oh hell,, 2.6 was pre 64 bit..

    those systems could not handle 4 gig of ram,, (3 was max)
    Last edited by pcosmar; 01-05-2018 at 02:47 PM.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  31. #27
    Quote Originally Posted by pcosmar View Post
    I would find that to be a bit silly,,, and most certainly "Not best practice".

    I started with 2.6 Slackware. 13 years ago.

    edit

    oh hell,, 2.6 was pre 64 bit..

    those systems could not handle 4 gig of ram,, (3 was max)
    Notice I wrote 2.6.x and they are actually 64 bit, have been for some time now. Updates are back ported and the number incremented. You just do not get new versions of software but rather maintenance updates for stability. These are very stable kernels for high availability environments and yes "best practice" not running bleeding edge kernels for availability. They are commonly found in hosting environments - in Enterprise Linux distros like RHEL/Centos, Scientific Linux...

  32. #28
    Quote Originally Posted by kahless View Post
    Notice I wrote 2.6.x and they are actually 64 bit, have been for some time now. Updates are back ported and the number incremented. You just do not get new versions of software but rather maintenance updates for stability. These are very stable kernels for high availability environments and yes "best practice" not running bleeding edge kernels for availability. They are commonly found in hosting environments - in Enterprise Linux distros like RHEL/Centos, Scientific Linux...
    Linix kernel 4.14 (I had 4.8.**) has been out and stable for some time. that is hardly bleeding edge. I has tested Release Candidates before..

    4.15rc5 is a release candidate,, in testing,, that is bleeding edge.

    It will be Running enterprise software by the end of Feb,, if not the beginning of February

    and since you mention CENTOS,,
    https://www.tecmint.com/install-upgr...n-in-centos-7/
    and this (from Oct)
    https://access.redhat.com/errata/RHSA-2017:2918
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

  33. #29
    Quote Originally Posted by pcosmar View Post
    Linix kernel 4.14 (I had 4.8.**) has been out and stable for some time. that is hardly bleeding edge. I has tested Release Candidates before..

    4.15rc5 is a release candidate,, in testing,, that is bleeding edge.

    It will be Running enterprise software by the end of Feb,, if not the beginning of February

    and since you mention CENTOS,,
    https://www.tecmint.com/install-upgr...n-in-centos-7/
    and this (from Oct)
    https://access.redhat.com/errata/RHSA-2017:2918
    Big difference between users with a desktop and business - enterprise use which are hosting environments designed for stability - typically older kernels.

    You would break enterprise support or whatever hosting environment the provider is using by updating to a newer non-supported kernel. These systems are thoroughly tested with the older kernels for stability. They have been out a long time thus thoroughly tested and safe to use for high availability with security updates and fixes back ported.

    But we are getting off topic now since the point was not breaking production systems with these patches due the performance issues.
    Last edited by kahless; 01-05-2018 at 05:50 PM.

  34. #30
    Quote Originally Posted by kahless View Post
    Big difference between users with a desktop and business - enterprise use which are hosting environments designed for stability - typically older kernels.
    I'm getting that looking for info,,, and surprised to see old kernels in use..

    It was kernel 4 that had major changes,, and a new release schedule.
    This may indeed affect the Server side if they are all running antiques.
    Liberty is lost through complacency and a subservient mindset. When we accept or even welcome automobile checkpoints, random searches, mandatory identification cards, and paramilitary police in our streets, we have lost a vital part of our American heritage. America was born of protest, revolution, and mistrust of government. Subservient societies neither maintain nor deserve freedom for long.
    Ron Paul 2004

    Registered Ron Paul supporter # 2202
    It's all about Freedom

Page 1 of 3 123 LastLast


Similar Threads

  1. Major flaw in Presidential polling samples
    By Joeinmo in forum Rand Paul Forum
    Replies: 7
    Last Post: 12-10-2015, 10:31 PM
  2. A major flaw in Gold ?
    By Rylick in forum Economy & Markets
    Replies: 7
    Last Post: 05-14-2010, 06:34 PM
  3. Major flaw in US constitution
    By Kraig in forum U.S. Constitution
    Replies: 101
    Last Post: 08-30-2009, 11:08 PM
  4. GAO: Major security flaws found at federal buildings
    By tsopranos in forum U.S. Political News
    Replies: 1
    Last Post: 07-08-2009, 07:49 AM
  5. A possible major flaw with the gold standard?
    By jon_perez in forum Economy & Markets
    Replies: 53
    Last Post: 12-05-2007, 10:37 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •