Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 22 Oct 2018, 20:40
All times are UTC - 4
 Forum index » Off-Topic Area » Security
New Spectre-linked flaws found, some ARMs affected too
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [3 Posts]  
Author Message
belham2

Joined: 15 Aug 2016
Posts: 1552

PostPosted: Fri 04 May 2018, 10:46    Post subject:  New Spectre-linked flaws found, some ARMs affected too  

".....The new vulnerabilities, dubbed “Spectre Next Generation” or “Spectre-NG,” are said to affect processors from Intel and at least some ARM chips. AMD processors are currently being analyzed to determine if they are impacted as well...."

https://www.securityweek.com/intel-working-patches-8-new-spectre-flaws-report
Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 2605

PostPosted: Fri 04 May 2018, 13:58    Post subject:  

Most browsers have been updated to reduce the browser timer precision from typically 5µs to 20µs, which tends to mitigate the risk from type 1, 2 and 3 variants as the observation of speculative execution in effect becomes unreliable when using a javascript type hack vector. For a single user case such as Puppy/desktop these later variants are much less 'informative' and more a risk factor for virtualisation/server/shared host type situations.

Generally if you're running a new browser version with revised timer precision then you're still pretty secure. Much more so if scripts are disabled. If you enable scripts for some sites, just ensure you also have a ad-blocker also active (puppy host file configuration tool can be just as good - Menu, Internet - Pup Advert blocker), so that any attempts that might try to worm their way in via adverts displayed on trusted web pages where scripts might have been enabled will tend to end up not being processed locally.

ublock origin and puppy advert blocker seems to work well for me (I see very few adverts). As does NoScript, especially in Firefox Quantum as its even easier to be selective as to which content is temporarily enabled on a particular web page.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1700
Location: N.E. USA

PostPosted: Sat 05 May 2018, 00:52    Post subject:  

Some Atom Processors are now vunerable... just the E600 series and the Z2400 series. These are by now minor deployments.

If the L1 cache is split instruction and data, this new M/S version takes advantage.

Regards
8Geee

_________________
Linux user #498913

Some people need to reimagine their thinking.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [3 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0793s ][ Queries: 14 (0.0119s) ][ GZIP on ]