Zombieload

For interesting topics. But remember this is a Linux Forum. Do not post offensive topics that are meant to cause trouble with other members or are derogatory towards people of different genders, race, color, minors (this includes nudity and sex), politics or religion. Let's try to keep peace among the community and for visitors.

No spam on this or any other forums please! If you post advertisements on these forums, your account may be deleted.

Do not copy and paste entire or even up to half of someone else's words or articles into posts. Post only a few sentences or a paragraph and make sure to include a link back to original words or article. Otherwise it's copyright infringement.

You can talk about other distros here, but no MX bashing. You can email the developers of MX if you just want to say you dislike or hate MX.
Message
Author
User avatar
KBD
Posts: 959
Joined: Sun Jul 03, 2011 7:52 pm

Re: Zombieload

#51 Post by KBD »

figueroa wrote: Thu May 16, 2019 11:29 pm I'm going to let it all hang out here saying that if you are on a single user or family computer that isn't performing any server functions exposed directly to the Internet (i.e. behind a router with NAT), and you haven't exposed ports to unauthenticated users, it's not very important. Users should evaluate their own exposure and consider reducing that exposure, eliminating exposure to the extent possible. Practicing safe computing is more important that locking down the CPU. Disclaimer -- this is my reasonably informed opinion.
Thanks for sharing you thoughts!

User avatar
figueroa
Posts: 1049
Joined: Fri Dec 21, 2018 12:20 am

Re: Zombieload

#52 Post by figueroa »

Consider that there are no known in-the-wild exploits of these flaws -- don't panic.
https://www.extremetech.com/computing/2 ... rabilities
Andy Figueroa
Using Unix from 1984; GNU/Linux from 1993

User avatar
Head_on_a_Stick
Posts: 919
Joined: Sun Mar 17, 2019 3:37 pm

Re: Zombieload

#53 Post by Head_on_a_Stick »

figueroa wrote: Fri May 17, 2019 11:29 am Consider that there are no known in-the-wild exploits of these flaws
Well that's hardly surprising given that they were only made public a few days ago.

Now that these vulnerabilities are public then you can be sure that every script kiddie from here to China will be trying them in an attempt to find computers that have not been patched yet.
mod note: Signature removed, please read the forum rules

User avatar
beardedragon
Posts: 114
Joined: Wed Mar 27, 2019 11:26 pm

Re: Zombieload

#54 Post by beardedragon »

Stevo wrote: Thu May 16, 2019 10:43 pm What kernel were you using?
MX Kernel: 5.0.0-16.1-liquorix-amd64 x86_64 bits
Rule #1 Backup Everything
Rule #2 Read Rule #1

User avatar
figueroa
Posts: 1049
Joined: Fri Dec 21, 2018 12:20 am

Re: Zombieload

#55 Post by figueroa »

Head_on_a_Stick wrote: Fri May 17, 2019 11:41 am Well that's hardly surprising given that they were only made public a few days ago.
Quoting from the article:
"Thus far, no attacks actually utilizing Spectre and Meltdown have been spotted in the wild, beyond proof-of-concept work submitted by researchers."

This reflects on ALL of the last 17 months' uncovered vulnerabilities.
Andy Figueroa
Using Unix from 1984; GNU/Linux from 1993

User avatar
oops
Posts: 1603
Joined: Tue Apr 10, 2018 5:07 pm

Re: Zombieload

#56 Post by oops »

figueroa wrote: Fri May 17, 2019 2:11 pm
Head_on_a_Stick wrote: Fri May 17, 2019 11:41 am Well that's hardly surprising given that they were only made public a few days ago.
Quoting from the article:
"Thus far, no attacks actually utilizing Spectre and Meltdown have been spotted in the wild, beyond proof-of-concept work submitted by researchers."

This reflects on ALL of the last 17 months' uncovered vulnerabilities.
... So the only and unique alternative, for almost everyone, is to trust in researchers who find ;-)
Pour les nouveaux utilisateurs: Alt+F1 pour le manuel, ou FAQS, MX MANUEL, et Conseils Debian - Info. système “quick-system-info-mx” (QSI) ... Ici: System: MX-19_x64 & antiX19_x32

User avatar
figueroa
Posts: 1049
Joined: Fri Dec 21, 2018 12:20 am

Re: Zombieload

#57 Post by figueroa »

oops wrote: Fri May 17, 2019 2:22 pm ... So the only and unique alternative, for almost everyone, is to trust in researchers who find ;-)
That's not what I'm saying. Mitigate what you can, subject to your resources and your needs. Don't sell the farm. Don't panic. Reduce your exposure. Practice safe computing. Nobody has been successfully attacked this way, yet.
Andy Figueroa
Using Unix from 1984; GNU/Linux from 1993

User avatar
Stevo
Developer
Posts: 12774
Joined: Fri Dec 15, 2006 8:07 pm

Re: Zombieload

#58 Post by Stevo »

Green is good in the script output, red is bad. You need to ask questions how to fix it if you get red results and need help. Seems pretty easy to me!

User avatar
beardedragon
Posts: 114
Joined: Wed Mar 27, 2019 11:26 pm

Re: Zombieload

#59 Post by beardedragon »

figueroa wrote: Fri May 17, 2019 2:59 pm
oops wrote: Fri May 17, 2019 2:22 pm ... So the only and unique alternative, for almost everyone, is to trust in researchers who find ;-)
That's not what I'm saying. Mitigate what you can, subject to your resources and your needs. Don't sell the farm. Don't panic. Reduce your exposure. Practice safe computing. Nobody has been successfully attacked this way, yet.
Why don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so.
Rule #1 Backup Everything
Rule #2 Read Rule #1

User avatar
beardedragon
Posts: 114
Joined: Wed Mar 27, 2019 11:26 pm

Re: Zombieload

#60 Post by beardedragon »

beardedragon wrote: Fri May 17, 2019 3:02 pm
figueroa wrote: Fri May 17, 2019 2:59 pm
oops wrote: Fri May 17, 2019 2:22 pm ... So the only and unique alternative, for almost everyone, is to trust in researchers who find ;-)
That's not what I'm saying. Mitigate what you can, subject to your resources and your needs. Don't sell the farm. Don't panic. Reduce your exposure. Practice safe computing. Nobody has been successfully attacked this way, yet.
Why don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so?
Rule #1 Backup Everything
Rule #2 Read Rule #1

Post Reply

Return to “General”