Thanks for sharing you thoughts!figueroa wrote: ↑Thu May 16, 2019 11:29 pm I'm going to let it all hang out here saying that if you are on a single user or family computer that isn't performing any server functions exposed directly to the Internet (i.e. behind a router with NAT), and you haven't exposed ports to unauthenticated users, it's not very important. Users should evaluate their own exposure and consider reducing that exposure, eliminating exposure to the extent possible. Practicing safe computing is more important that locking down the CPU. Disclaimer -- this is my reasonably informed opinion.
Zombieload
Re: Zombieload
Re: Zombieload
Consider that there are no known in-the-wild exploits of these flaws -- don't panic.
https://www.extremetech.com/computing/2 ... rabilities
https://www.extremetech.com/computing/2 ... rabilities
- Head_on_a_Stick
- Posts: 919
- Joined: Sun Mar 17, 2019 3:37 pm
Re: Zombieload
Well that's hardly surprising given that they were only made public a few days ago.
Now that these vulnerabilities are public then you can be sure that every script kiddie from here to China will be trying them in an attempt to find computers that have not been patched yet.
mod note: Signature removed, please read the forum rules
- beardedragon
- Posts: 114
- Joined: Wed Mar 27, 2019 11:26 pm
Re: Zombieload
MX Kernel: 5.0.0-16.1-liquorix-amd64 x86_64 bits
Rule #1 Backup Everything
Rule #2 Read Rule #1
Rule #2 Read Rule #1
Re: Zombieload
Quoting from the article:Head_on_a_Stick wrote: ↑Fri May 17, 2019 11:41 am Well that's hardly surprising given that they were only made public a few days ago.
"Thus far, no attacks actually utilizing Spectre and Meltdown have been spotted in the wild, beyond proof-of-concept work submitted by researchers."
This reflects on ALL of the last 17 months' uncovered vulnerabilities.
Re: Zombieload
... So the only and unique alternative, for almost everyone, is to trust in researchers who find ;-)figueroa wrote: ↑Fri May 17, 2019 2:11 pmQuoting from the article:Head_on_a_Stick wrote: ↑Fri May 17, 2019 11:41 am Well that's hardly surprising given that they were only made public a few days ago.
"Thus far, no attacks actually utilizing Spectre and Meltdown have been spotted in the wild, beyond proof-of-concept work submitted by researchers."
This reflects on ALL of the last 17 months' uncovered vulnerabilities.
Pour les nouveaux utilisateurs: Alt+F1 pour le manuel, ou FAQS, MX MANUEL, et Conseils Debian - Info. système “quick-system-info-mx” (QSI) ... Ici: System: MX-19_x64 & antiX19_x32
Re: Zombieload
That's not what I'm saying. Mitigate what you can, subject to your resources and your needs. Don't sell the farm. Don't panic. Reduce your exposure. Practice safe computing. Nobody has been successfully attacked this way, yet.
Re: Zombieload
Green is good in the script output, red is bad. You need to ask questions how to fix it if you get red results and need help. Seems pretty easy to me!
- beardedragon
- Posts: 114
- Joined: Wed Mar 27, 2019 11:26 pm
Re: Zombieload
Why don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so.
Rule #1 Backup Everything
Rule #2 Read Rule #1
Rule #2 Read Rule #1
- beardedragon
- Posts: 114
- Joined: Wed Mar 27, 2019 11:26 pm
Re: Zombieload
beardedragon wrote: ↑Fri May 17, 2019 3:02 pmWhy don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so?
Rule #1 Backup Everything
Rule #2 Read Rule #1
Rule #2 Read Rule #1