Welcome!

Please read this important information about Spectre and Meltdown vulnerabilities.
Please read this important information about MX sources lists.
News
  • MX Linux on social media: here
  • Mepis support still here
Current releases
  • MX-17 Final release info here
  • MX-16.1 release info here
  • antiX-17 release info here
    New users
    • Please read this first, and don't forget to add system and hardware information to posts!
    • Read Forum Rules

Meltdown & Spectre [resolved]

Message
Author
supusr
Forum Novice
Forum  Novice
Posts: 11
Age: 64
Joined: Sun May 29, 2016 2:06 pm

Meltdown & Spectre [resolved]

#1 Postby supusr » Mon Jan 08, 2018 5:31 pm

I'm using fully updated MX-17 with Firefox but am concerned about possible vulnerabilities from the above blunders from Intel & AMD (my machine is Intel). I'm getting ready to do my federal taxes with Turbotax, but don't want my passwords stolen. Has MX been patched (either through or separate from Debian)?
Thanks.
Last edited by supusr on Mon Jan 08, 2018 8:34 pm, edited 1 time in total.

User avatar
Stevo
Forum Veteran
Forum Veteran
Posts: 14144
Age: 59
Joined: Fri Dec 15, 2006 8:07 pm

Re: Meltdown & Spectre

#2 Postby Stevo » Mon Jan 08, 2018 6:38 pm

We don't have any Meltdown patches yet for the 4.13 kernel we ship with, but we have other fixed kernels available:

The 4.9 stock Debian kernel, which can be installed from the package installer.

A backported Debian 4.14.12 kernel in the main repository, currently requires a manual install, and we are working to make that easier.

Liquorix kernels 4.14-12 from the test repository, package installer can install.

The current 57.0.4 Firefox is hardened against Spectre, Pale Moon seems be resistant anyway, according to the developers. Other browsers are no doubt working on updates.

There is some debate as to whether the kernel fixes apply to, or in fact are even necessary, on 32-bit. We need some testing on that platform.

Update: the kpti patches don't seem to be applied on 32-bit, but it's still unclear as to whether 32-bit kernels are still exploitable. They also don't apply on AMD cpus, so those users need not upgrade.

This is still a bit confusing, but 32-bit users currently seem to be out of luck: https://security.stackexchange.com/ques ... -platforms

supusr
Forum Novice
Forum  Novice
Posts: 11
Age: 64
Joined: Sun May 29, 2016 2:06 pm

Re: Meltdown & Spectre [resolved]

#3 Postby supusr » Mon Jan 08, 2018 8:34 pm

Thanks very much for the clear and relevant response. I will consider installing another kernel or just waiting a few days for possible fix advice from the normal package updater.

User avatar
Adrian
Forum Veteran
Forum Veteran
Posts: 7732
Age: 42
Joined: Wed Jul 12, 2006 1:42 am

Re: Meltdown & Spectre [resolved]

#4 Postby Adrian » Mon Jan 08, 2018 8:48 pm

supusr wrote:Thanks very much for the clear and relevant response. I will consider installing another kernel or just waiting a few days for possible fix advice from the normal package updater.

I think installing Debian kernel that is patched is a good idea. But also keep in mind that this CPU design flow was out there for 20+ years. It's true that only now everybody has the details of the exploit, but unless you are a specific target I don't think you need to worry about this too much.

User avatar
uncle mark
Forum Veteran
Forum Veteran
Posts: 4898
Age: 2017
Joined: Sat Nov 11, 2006 10:42 pm

Re: Meltdown & Spectre [resolved]

#5 Postby uncle mark » Mon Jan 08, 2018 9:21 pm

Adrian wrote:I think installing Debian kernel that is patched is a good idea. But also keep in mind that this CPU design flow was out there for 20+ years. It's true that only now everybody has the details of the exploit, but unless you are a specific target I don't think you need to worry about this too much.

I don't think the NSA is concerned with my tax return. As much as I sometimes like to think otherwise, I'm just not that important.
Desktop: Custom build Asus/AMD/nVidia -- MEPIS 11
Laptop: Acer Aspire 5250 -- MX-15
Assorted junk: assorted Linuxes

User avatar
bicyclist56
Forum Regular
Forum Regular
Posts: 186
Age: 61
Joined: Mon Jul 27, 2015 12:41 am

Re: Meltdown & Spectre [resolved]

#6 Postby bicyclist56 » Mon Jan 08, 2018 10:36 pm

One solution to the vulnerability problem for modern processors is the use of i486 ☺
http://yeokhengmeng.com/2018/01/make-the-486-great-again/
MX-16_x64 Final - only one OS in 4 PC, and MX-15_x64 in 5 others PC
Перевод Руководства MX -
http://www.mepiscommunity.org/wiki/help ... anslations
Мой блог - http://bicyclist56.blogspot.com/p/mx-linux.html

User avatar
asqwerth
Forum Guide
Forum Guide
Posts: 2331
Joined: Sun May 27, 2007 5:37 am

Re: Meltdown & Spectre [resolved]

#7 Postby asqwerth » Tue Jan 09, 2018 12:28 am

I'm dusting off my Acer Aspire One netbook, which has a pre-2013 Atom CPU, which apparently is not susceptible to Meltdown.

https://www.theregister.co.uk/2018/01/0 ... erability/

32-bit MX16 is already installed on it. So I'll just dist-upgrade it and tell the parents to do their banking on this for the moment while I try to sort out their old computer.

Spectre will affect all CPUs and in any case may not be fixable via software patches. Not sure what we can do about that, except be more cautious (suspicious!) about emails, the websites one visits, etc.
Desktop: Intel i5-4460, 16GB RAM, Intel integrated graphics
Clevo N130WU-based Ultrabook: Intel i7-8550U (Kaby Lake R), 16GB RAM, Intel integrated graphics (UEFI)
ASUS X42D laptop: AMD Phenom II, 6GB RAM, Mobility Radeon HD 5400

User avatar
i_ri
Forum Regular
Forum Regular
Posts: 292
Joined: Tue Jun 30, 2015 12:26 am

Re: Meltdown & Spectre [resolved]

#8 Postby i_ri » Tue Jan 09, 2018 12:31 am

hello supusr
thanks for the quick work anticapitalista and Stevo
yes took libelf-dev first.
upgraded mx17_64 machine to what thought was found highest number on the list 4.14.11. it works. THen I spotted the 4.14.12 hiding under the name 4.14.0 . Oooh.
thanks for the new kernels.
using on cpu:i5 M560, intel graphics
Linux Version 4.14.11-antix.1-amd64-smp, Compiled #1 SMP PREEMPT Fri Jan 5 14:27:33 EET 2018

supusr
Forum Novice
Forum  Novice
Posts: 11
Age: 64
Joined: Sun May 29, 2016 2:06 pm

Re: Meltdown & Spectre [resolved]

#9 Postby supusr » Tue Jan 09, 2018 1:36 am

Just happened to check back here after installing the patched kernel (for one of the problems, at least), and noticed all the additional replies. Thanks again to all.

User avatar
anticapitalista
Forum Veteran
Forum Veteran
Posts: 5306
Joined: Sat Jul 15, 2006 10:40 am

Re: Meltdown & Spectre [resolved]

#10 Postby anticapitalista » Tue Jan 09, 2018 6:36 am

never mind
anticapitalista
Reg. linux user #395339.

Philosophers have interpreted the world in many ways; the point is to change it.

antiX-15 "Killah P!" - lean and mean.
http://antix.mepis.org


Return to “General”

Who is online

Users browsing this forum: No registered users and 1 guest