There is a serious security flaw in billions of Intel CPUs that can let attackers steal confidential data like passwords and encryption keys. Firmware updates can fix it, but at a potential significant performance loss.
I admittedly stopped reading halfway through but I feel like these newest vulnerabilities being discovered are probably just fucking government back doors the manufacturers have been forced to include.
Every article is a copy paste of the same bullshit talking about the vulnerability and pointing to the stupid cryptic list of processors that requires you to jump through hoops to read it. You can’t just search for your processor in a database I mean fuck that would take them at least an a couple hours of their precious time to set up and they have only had a year. How do you fix it? Why with a microcode update of course!!..from where you ask? Well don’t worry just look at the cryptic list it will tell you if you need a microcode update!!
Fuck every article about this shit. Anyone wanna bust an Eli5 on how to fix this problem for people? (I was assuming it’s a BIOS update but the articles have only confused me further)
You can’t just search for your processor in a database I mean fuck that would take them at least an a couple hours of their precious time to set up and they have only had a year. How do you fix it?
I figured out how to do it fairly quickly but it would be a hell of a lot easier if people could just type in “11700K” in a box on a web page or something and it could just tell them. Or they could have added a little bit of code to their CPU ID utility that says “yupp your processor is effected by the flaw”. I am mostly annoyed at all this not for me but for all the people who would read those pages and the contents would seem like an insane foreign language to them all while articles are telling them it’s a major security flaw that would allow people to steal their encryption keys.
Ha-ha. My chip’s too old to be affected. I don’t see my architecture on the list.
I knew putting off upgrading for around a decade would pay off. (Windows Update tells me my PC is not “ready” for Windows 11 due to its hardware, either. Oh no, whatever shall I do.)
Install backdoors and sell that info to governments and companies, then years later reveal the issue to justify downgrading performance of older CPUs to encourage people to upgrade.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@lemmy.world
This is a most excellent place for technology news and articles.
/tinfoilhat
I admittedly stopped reading halfway through but I feel like these newest vulnerabilities being discovered are probably just fucking government back doors the manufacturers have been forced to include.
/tinfoilhat
Check out the documentary Zero Days (2016) if you haven’t already. That’s not really a tinfoil hat take these days IMO.
Just means they have to intentionally create new ones to be eventually found for the next generation.
On the plus side now we can steal the info from the criminal’s computers. The cycle of internet life…
I’m curious if there’s a silver lining of all current DRM keys being accessible through this.
Good thing I’m poor can’t afford Intel. AMD for the win 😂
Every article is a copy paste of the same bullshit talking about the vulnerability and pointing to the stupid cryptic list of processors that requires you to jump through hoops to read it. You can’t just search for your processor in a database I mean fuck that would take them at least an a couple hours of their precious time to set up and they have only had a year. How do you fix it? Why with a microcode update of course!!..from where you ask? Well don’t worry just look at the cryptic list it will tell you if you need a microcode update!!
Fuck every article about this shit. Anyone wanna bust an Eli5 on how to fix this problem for people? (I was assuming it’s a BIOS update but the articles have only confused me further)
I just found this on the page where they list effected models:
“Note The latest software can be obtained through operating system or VMM vendors”
It’ll probably just be something that happens through ordinary OS updates tbh (though I understand you’d rather know one way or another.)
This page tells you how to get your CPUID: https://www.intel.com/content/www/us/en/support/articles/000006831/processors/processor-utilities-and-programs.html
Then search for the CPUID here: https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html
I figured out how to do it fairly quickly but it would be a hell of a lot easier if people could just type in “11700K” in a box on a web page or something and it could just tell them. Or they could have added a little bit of code to their CPU ID utility that says “yupp your processor is effected by the flaw”. I am mostly annoyed at all this not for me but for all the people who would read those pages and the contents would seem like an insane foreign language to them all while articles are telling them it’s a major security flaw that would allow people to steal their encryption keys.
That is a fair point.
Ha-ha. My chip’s too old to be affected. I don’t see my architecture on the list.
I knew putting off upgrading for around a decade would pay off. (Windows Update tells me my PC is not “ready” for Windows 11 due to its hardware, either. Oh no, whatever shall I do.)
Dont the older chips suffer from a greater performance drop from spectre and meltdown vulnerabilities?
Good thing my CPU is ancient.
My old-ass Ivy Bridge: Oh no! Anyway…
It is by Design for IDF
Bwahaha I’m safe with my i5 3450, gotta look at the brighter side of my dumpster fire of a pc
Guess it’s time for another FPS hit…
While the article says it won’t impact most applications, I suspect it’s closer to saying “won’t impact most applications as much”.
But that’s, like the one place other than games where consumers are looking for performance. What’s left, web browsing and MS Office?
"whew* my horrible bubble sort implementation is safe from performance impacts
It’s not they aren’t impacted only you “don’t see the impact” as noticeably.
Downfall, Inception, Meltdown, Spectre, I hate to see new vulnerabilities, but their naming choices are solid.
They should name them after their investors and board members.
deleted by creator
Everything is so much easier when you put it in absolutes - because it’s no longer reasonable.
I absolutely agree with your statement.
ಠ_ಠ
Install backdoors and sell that info to governments and companies, then years later reveal the issue to justify downgrading performance of older CPUs to encourage people to upgrade.
Just feels like Prism all over again.