Zombieload

For interesting topics. But remember this is a Linux Forum. Do not post offensive topics that are meant to cause trouble with other members or are derogatory towards people of different genders, race, color, minors (this includes nudity and sex), politics or religion. Let's try to keep peace among the community and for visitors.

No spam on this or any other forums please! If you post advertisements on these forums, your account may be deleted.

Do not copy and paste entire or even up to half of someone else's words or articles into posts. Post only a few sentences or a paragraph and make sure to include a link back to original words or article. Otherwise it's copyright infringement.

You can talk about other distros here, but no MX bashing. You can email the developers of MX if you just want to say you dislike or hate MX.
Message
Author
User avatar
oops
Posts: 1602
Joined: Tue Apr 10, 2018 5:07 pm

Re: Zombieload

#61 Post by oops »

Stevo wrote: Fri May 17, 2019 3:00 pm Green is good in the script output, red is bad. You need to ask questions how to fix it if you get red results and need help. Seems pretty easy to me!
Yes it's easy red is bad, green is good, and not already discovered will be reds next, the problem is; times after times, some new red items are discovered. (and the good news; it's for the moment always before a massive impact)
Pour les nouveaux utilisateurs: Alt+F1 pour le manuel, ou FAQS, MX MANUEL, et Conseils Debian - Info. système “quick-system-info-mx” (QSI) ... Ici: System: MX-19_x64 & antiX19_x32

User avatar
Head_on_a_Stick
Posts: 919
Joined: Sun Mar 17, 2019 3:37 pm

Re: Zombieload

#62 Post by Head_on_a_Stick »

figueroa wrote: Fri May 17, 2019 2:11 pm Quoting from the article:
"Thus far, no attacks actually utilizing Spectre and Meltdown have been spotted in the wild, beyond proof-of-concept work submitted by researchers."
Absence of evidence is not evidence of absence.
mod note: Signature removed, please read the forum rules

User avatar
beardedragon
Posts: 114
Joined: Wed Mar 27, 2019 11:26 pm

Re: Zombieload

#63 Post by beardedragon »

beardedragon wrote: Thu May 16, 2019 8:30 pm I give up, I am going to install fresh and not use that kernel.
I am sitting on Debian Testing, waiting for you guys to get this straightened out. At least it works without holes in the kernel.
Rule #1 Backup Everything
Rule #2 Read Rule #1

User avatar
figueroa
Posts: 1049
Joined: Fri Dec 21, 2018 12:20 am

Re: Zombieload

#64 Post by figueroa »

beardedragon wrote: Fri May 17, 2019 3:02 pm Why don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so.
The risk does not warrant such extreme actions. It could also be rhetorically stated why don't all users change to AMD CPUs?
Andy Figueroa
Using Unix from 1984; GNU/Linux from 1993

User avatar
Stevo
Developer
Posts: 12774
Joined: Fri Dec 15, 2006 8:07 pm

Re: Zombieload

#65 Post by Stevo »

beardedragon wrote: Fri May 17, 2019 3:02 pm
figueroa wrote: Fri May 17, 2019 2:59 pm
oops wrote: Fri May 17, 2019 2:22 pm ... So the only and unique alternative, for almost everyone, is to trust in researchers who find ;-)
That's not what I'm saying. Mitigate what you can, subject to your resources and your needs. Don't sell the farm. Don't panic. Reduce your exposure. Practice safe computing. Nobody has been successfully attacked this way, yet.
Why don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so.
The kernels are already patched and in the repos. The 5.0-16 Liquorix kernel is also not vulnerable, as the checker output told you.

User avatar
beardedragon
Posts: 114
Joined: Wed Mar 27, 2019 11:26 pm

Re: Zombieload

#66 Post by beardedragon »

Stevo wrote: Fri May 17, 2019 6:09 pm
beardedragon wrote: Fri May 17, 2019 3:02 pm
figueroa wrote: Fri May 17, 2019 2:59 pm

That's not what I'm saying. Mitigate what you can, subject to your resources and your needs. Don't sell the farm. Don't panic. Reduce your exposure. Practice safe computing. Nobody has been successfully attacked this way, yet.
Why don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so.
The kernels are already patched and in the repos. The 5.0-16 Liquorix kernel is also not vulnerable, as the checker output told you.
Mitigate: To make less severe, intense, harsh, rigorous, painful,
etc.; to soften; to meliorate; to alleviate; to diminish;
to lessen; as, to mitigate heat or cold; to mitigate
grief.
[1913 Webster]
That does not look like fixing the problem. Why even bring this up, or, use a topic that the average user would not even read? Sorry, I am probably too cautious, but, the main reason I do not use Windows is they have too many mitigating circumstances and it is a hacker's dream. I quit using Manjaro after years testing and stable because the main designer took a vacation and everything went to pot, The white screen of death was the result of changing something in nvidia they had no reason to change when they upgraded two kernels. Sorry if I offended you.
Rule #1 Backup Everything
Rule #2 Read Rule #1

User avatar
JayM
Qualified MX Guide
Posts: 6793
Joined: Tue Jan 08, 2019 4:47 am

Re: Zombieload

#67 Post by JayM »

beardedragon wrote: Fri May 17, 2019 8:36 pm
Stevo wrote: Fri May 17, 2019 6:09 pm
beardedragon wrote: Fri May 17, 2019 3:02 pm

Why don't you either patch the kernels and upgrade them. or. drop them and advise the rest of the users to do so.
The kernels are already patched and in the repos. The 5.0-16 Liquorix kernel is also not vulnerable, as the checker output told you.
Mitigate: To make less severe, intense, harsh, rigorous, painful,
etc.; to soften; to meliorate; to alleviate; to diminish;
to lessen; as, to mitigate heat or cold; to mitigate
grief.
[1913 Webster]
That does not look like fixing the problem. Why even bring this up, or, use a topic that the average user would not even read? Sorry, I am probably too cautious, but, the main reason I do not use Windows is they have too many mitigating circumstances and it is a hacker's dream. I quit using Manjaro after years testing and stable because the main designer took a vacation and everything went to pot, The white screen of death was the result of changing something in nvidia they had no reason to change when they upgraded two kernels. Sorry if I offended you.
Fixing the problem would Intel recalling and replacing all of its vulnerable CPUs at Intel's expense. Mitigating the problem is patching Linux kernels such that CPU-induced security vulnerabilities can't affect the operating system. It's not Linux's problem, yet they've patched their kernel to prevent Intel's microcode vulnerabilities from being able to be exploited in Linux. That's why it's called a mitigation, not a "fix" or a solution. It's more of a work-around. It effectively fixes the problem, but since the source of the problem is within Intel's microcode that's where an actual "fix" would need to be applied.
Please read the Forum Rules, How To Ask For Help, How to Break Your System and Don't Break Debian. Always include your full Quick System Info (QSI) with each and every new help request.

User avatar
fehlix
Developer
Posts: 10303
Joined: Wed Apr 11, 2018 5:09 pm

Re: Zombieload

#68 Post by fehlix »

Putting the checker into an desktop icon so I can quickly check my different installs or reminds me to check.
ALso the checker get's installed if not already.

Code: Select all

[Desktop Entry]
Version=1.0
# fehlix: 2019-05-18
# file: spectre-meltdown-checker.desktop
# Zombieload thread: https://forum.mxlinux.org/viewtopic.php?p=503075#p503075
# 
Type=Application
Name=Spectre and Meltdown Checker
Comment=Spectre and Meltdown mitigation detection tool
Exec=x-terminal-emulator -T "Spectre and Meltdown Checker"  -e bash -c '( hash spectre-meltdown-checker 2>/dev/null || sudo apt install spectre-meltdown-checker) && sudo spectre-meltdown-checker  | tee >( (echo "[""code]"; cat ; echo "[/""code]" ) | sed "s/\x1b\[[0-9;]*[mGKH]//g"  | xsel -ib 2> /dev/null); echo ; gettext -d mx-goodies -s  "Report copied to system clipboard" ; CLOSE=$(gettext mx-goodies "Press any key to close"); read -n 1 -s -r -p "$CLOSE "'
Icon=face-devilish
Path=
Terminal=false
StartupNotify=false
Type=Application
Categories=System;
:puppy:
Gigabyte Z77M-D3H, Intel Xeon E3-1240 V2 (Quad core), 32GB RAM,
GeForce GTX 770, Samsung SSD 850 EVO 500GB, Seagate Barracuda 4TB

ctt
Posts: 9
Joined: Sun Jan 20, 2019 10:27 am

Re: Zombieload

#69 Post by ctt »

there's reddit post about home user overreacted about recent vulnerabilites. I agree, but i'm no expert
https://www.reddit.com/r/linux/comments ... rotecting/

in comment shows new 5.0.16 kernal boot option, mitigation.
https://git.kernel.org/pub/scm/linux/ke ... 34329903ff

I got problem update to 4.19 last-time. Need someone help

Code: Select all

System:
  Host: mx Kernel: 4.15.0-1-amd64 x86_64 bits: 64 compiler: gcc v: 6.3.0 
  Desktop: Xfce 4.12.3 Distro: MX-18.2_x64 Continuum March 14  2018 
  base: Debian GNU/Linux 9 (stretch) 
CPU:
  Topology: Dual Core model: Intel Core i3 530 bits: 64 
  flags: lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 23407

User avatar
Head_on_a_Stick
Posts: 919
Joined: Sun Mar 17, 2019 3:37 pm

Re: Zombieload

#70 Post by Head_on_a_Stick »

ctt wrote: Sat May 18, 2019 9:05 am I got problem update to 4.19 last-time. Need someone help
What was the problem, exactly?

You should probably open a new thread for this.
mod note: Signature removed, please read the forum rules

Post Reply

Return to “General”