User avatar
ycrawler
Posts: 141
Joined: Thu Aug 10, 2017 8:23 pm

Re: What to do about Intel, AMD and ARM security flaws?

Fri Jan 19, 2018 6:50 pm

would running a separate firefox profile with firejail for for example online banking be a good idea for the time being, or just pointless?

User avatar
viking60
Posts: 2
Joined: Thu Jan 04, 2018 12:08 am
Contact: Website

Re: What to do about Intel, AMD and ARM security flaws?

Mon Jan 22, 2018 1:03 am

Spectre is nasty and your passwords can be revealed through a javascript on a website.
Firejail seems to help for that .

Solus is patched as good as it gets according to my tests with the spectre-meltdown-checker but you need to make sure that your Browser does not give your passwords away.

In Chrome based browsers that means activating strict site isolation (recommended way). FF is patched as of version 57.04 via regular update.
I do both (Activate site isolation and FireJail) which is as good as it gets -I guess.

And yes banking with your smartphone....I wouldn't do it right now sine updates are scarce on some smartphone OS's.

Those flaws are extremely nasty - but I am sure Ikey can say a lot more about it.....

More here

User avatar
Lorien
Posts: 52
Joined: Wed May 03, 2017 2:05 am

Re: What to do about Intel, AMD and ARM security flaws?

Wed Jan 24, 2018 5:38 pm

Here is a nice and easy way to check your system, without having to download anything:

http://kroah.com/log/blog/2018/01/19/meltdown-status-2/

Run this from the terminal:
grep . /sys/devices/system/cpu/vulnerabilities/*

On my pc running Solus, it shows this:
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline

User avatar
ycrawler
Posts: 141
Joined: Thu Aug 10, 2017 8:23 pm

Re: What to do about Intel, AMD and ARM security flaws?

Wed Jan 24, 2018 11:59 pm

Lorien wrote:
Wed Jan 24, 2018 5:38 pm
Here is a nice and easy way to check your system, without having to download anything:

http://kroah.com/log/blog/2018/01/19/meltdown-status-2/

Run this from the terminal:
grep . /sys/devices/system/cpu/vulnerabilities/*

On my pc running Solus, it shows this:
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline
mine shows the same. does that mean we are vulnereable to one of the flaws abut not the other two?

User avatar
Lorien
Posts: 52
Joined: Wed May 03, 2017 2:05 am

Re: What to do about Intel, AMD and ARM security flaws?

Thu Jan 25, 2018 12:36 am

As i understand it more "spectre" patches are coming in kernel 4.15 & 4.16.

Looks like the Solus developers have done all they can at the moment, we just have to wait for new kernels and microcode updates as i understand it.

User1
Posts: 31
Joined: Wed Apr 11, 2018 8:15 pm

Re: What to do about Intel, AMD and ARM security flaws?

Fri Apr 13, 2018 1:46 pm

So what's new about this? No one interested anymore since january?? o.O

We're on kernel 4.15 now and on my system https://www.maketecheasier.com/check-li ... erability/ still tells some vulnerabilities. Nothing more possible?

User avatar
kyrios
Posts: 2162
Joined: Thu Sep 22, 2016 4:20 pm

Re: What to do about Intel, AMD and ARM security flaws?

Fri Apr 13, 2018 3:35 pm

User1 wrote:
Fri Apr 13, 2018 1:46 pm
So what's new about this? No one interested anymore since january?? o.O

We're on kernel 4.15 now and on my system https://www.maketecheasier.com/check-li ... erability/ still tells some vulnerabilities. Nothing more possible?
Since January many fixes have been applied to address these vulnerabilities and many other will still be applied in the coming months/years.
Most are on the kernel level (why do you think the point releases are for?), but also on the llvm, gcc compilers, the browsers, etc. The intel microcode has also been updated in the repository once it was stable for those who cannot update their BIOS, etc..

Just check the changelog or subscribe to the mailing lists if you want to follow the progress.

sunnyflunk
Development Team
Posts: 2974
Joined: Sun Mar 13, 2016 11:35 pm

Re: What to do about Intel, AMD and ARM security flaws?

Tue Apr 17, 2018 10:57 pm

The script is quite old and usually has some form of detection that may have changed.

The kernel reports state of these vulnerabilities.

Code: Select all

cat /sys/devices/system/cpu/vulnerabilities/*

Return to “General Chit-Chat”