[–]▶ No.851866>>852010 >>852016 >>852039 >>858677 >>859344 >>872880 >>882259 [Watch Thread][Show All Posts]
https://www.extremetech.com/computing/262031-researchers-found-another-major-security-flaw-intel-cpus
>Tl;DR: AMT is remotely vulnerable via default passwords
Tech was right again!
Sorry I keep posting ET; they're just my favorite site
▶ No.851879>>852050 >>918521
Intel is fucking dumb. I'm buying a used PPC Mac on ebay and throwing my Intel shit in the bin. Fuck this.
▶ No.851880>>851889 >>851890 >>851916 >>851972 >>851974 >>859382
Is it at all possible to remove an Intel CPU from a thinkpad and replace it with something made by AMD? Is there anything made by AMD that's compatible? Or should I just figure out how to get Linux running on my GameCube (PowerPC + ATI graphics)?
▶ No.851889>>851979
>>851880
Well you can try PlayStation as well, it's AMD CPU and GPU, and fairly decent performance for modern age.
▶ No.851890>>851909
>>851880
The second choice is your best bet, but based on the sheer and utter retardation of your first question you probably won't be able to pull it off.
▶ No.851904>>851911 >>852012
>no text dump
>not even an archive
>Tech
I'm sick of doing work for shitty OPs.
>Security researchers have pinpointed another major security hole in Intel processors, in addition to the security holes in the Intel Management Engine and the Meltdown flaw that hits Intel CPUs uniquely hard. This time, it’s an issue with Intel’s Active Management Technology (AMT), a feature typically reserved for systems that support Intel vPro or workstation platforms with certain Xeon CPUs.
The Intel AMT is designed to allow administrators to access and update PCs, even if those PCs are turned off. All they need is an internet connection and a wall socket and they can be updated. That’s a useful tool for large multinational firms with far-flung employees, but it’s also a potential security risk. F-Secure has published information highlighting how easily an attacker with even brief local access can gain full access to an entire machine. Here’s how they describe the problem:
>A BIOS password normally prevents an unauthorized user from making low-level changes to a device. However, the essence of this issue is that even when a BIOS password has been set, an attacker does not need it to configure AMT. Not only that, due to insecure defaults in the BIOS and AMT’s BIOS extension (MEBx) configuration, an attacker with physical access can effectively backdoor a machine by provisioning AMT using the default password. The attacker can then access the device remotely, by connecting to the same wireless or wired network as the user. In certain cases, the assailant can also program AMT to connect to their own server, which negates the necessity of being in the same network segment as the victim.
>In short, setting a BIOS password won’t help and once someone has access, you can’t kick them out. The researchers note that no other security measures, including local firewalls, BIOS passwords, anti-malware software, or use of a VPN can prevent a compromised system from leaking data, because it’s been compromised outside of the Windows environment, in a separate OS that’s completely shielded from any attempt to inspect or control the data flowing out of or into it.
>From here, the possibilities are endless. Even firmware-based malware can be easily uploaded to the system with no chance of detection. And while local access might seem a tough barrier to crack, it’s not as hard as it seems. The changes can be made in under a minute, according to F-Secure. It may not be the kind of attack that gets deployed across thousands of systems on a corporate local network --- at least not without additional steps — but it’s exactly the kind of targeted attack a government agency might use. And more to the point, it illustrates that Intel CPUs are once again vulnerable to set of management capabilities that Intel decided to sandbox entirely from the primary operating system.
>And more to the point, this is an easily resolved flaw. Even if you think the chance of system penetration via inappropriate local access is minimal, the solution to this problem is to not allow access to the AMT until the proper BIOS password is entered. If a user can’t unlock the BIOS, they shouldn’t be allowed to enter a password for AMT configuration (the default password is, of course, “admin”). Most AMT-capable devices, F-Secure notes, don’t use the feature in the first place. They’re still at risk of local attack, because this attack works against AMT-enabled devices with default passwords. And once inside AMT (reached by hitting Ctrl-P during boot), the attacker can log in using “admin,” input a new remote password, configure AMT to suppress notifications that the laptop has been connected to remotely (thereby preventing users from knowing what’s happened), and also configure it to allow wireless remote management in addition to wired management.
>Once this is done, the attacker can connect to the system if he’s on the same local area network or program AMT to enable Client Initiated Remote Access (CIRA), which will connect to the attackers’ servers and avoid any need for local access at all.
>Not a great look on a company that’s already being hammered by other security flaws. Intel’s entire rationale for keeping so much of its security infrastructure locked away looks less and less like the principled decision of a company keeping us safe and more like a desperate attempt to cover just how badly it treats security. Because folks, look, this is not a sophisticated attack. This is not some crazy idea. In fact, it’s one of the first things I would expect an attacker to try, if said person had even a basic concept of what functions like AMT and the Intel Management Engine can be configured to do.
https://archive.fo/qRWSz
▶ No.851909>>851956
>>851890
>The second choice is your best bet
Neat. I need to go find the GameCube's broadband modem on eBay, then.
>but based on the sheer and utter retardation of your first question you probably won't be able to pull it off.
I'll refrain from asking such stupid questions in the future.
▶ No.851911>>851923 >>858919
>>851904
It's worth emphasizing that this is a local-only exploit (at least initially) and it can be mitigated by accessing the AMT and changing the password. Chances are nobody here will be directly affected by it, and it continues the merciless nightmare for Intel and especially their management engine, so cheers all around for /tech/.
▶ No.851916
>>851880
Unfortunately there are no Ryzen Thinkpads yet. Soon.
▶ No.851923
>>851911
Please /tech/ does nothing but post shit about the work other people do.
▶ No.851956
>>851909
>go find the GameCube's broadband modem on eBay, then.
Honestly, you should just buy a wii instead. I'm pretty sure the wii itself will be cheaper than the boradband adapter.
<muh etherent > wifi
You can just use a usb etherenet adapter which you should be able to find fairly cheap.
▶ No.851966
▶ No.851972>>851974 >>859382
>>851880
>Is it at all possible to remove an Intel CPU from a thinkpad and replace it with something made by AMD?
If it's newer it probably has a soldered-in CPU, if it's older then you'd need to replace the main board in your device. Basically you'd be better off buying an AMD laptop of your choosing.
>Or should I just figure out how to get Linux running on my GameCube (PowerPC + ATI graphics)?
PowerPC after late 2005 is vulnerable to Spectre, so having a Gamecube as a desktop would be no better than having an AMD box; in fact since IBM has had problems patching their POWER chips, it might be worse since that seems to be going smoother for Team Red. However, certain G3 and G4 Apple devices are practically immune to these security flaws due to peculiarities in their design, but they are a decade old so be aware of performance tradeoffs going into a transition to those devices. See >>851512
▶ No.851974>>852026
>>851880
>>851972
Also, as an addendum, while Gamecube is older than the G3's and G4's linked above, it's a 400-500MHz processor and would be difficult to use for daily tasks, if you can even get anything running on it. I was thinking more along the lines of the Wii, which IS modern enough to support a desktop system with some success but would have the post G5 PPC Spectre vulnerability. Either way, PPC consoles are unlikely to have any patches issued for Spectre.
▶ No.851979>>853306
>>851889
The PS4 CPU is weak as fuck and its PCI bus is bridged behind an ARM chip. Don't buy one for casual jailbreaking or you're in for a world of pain.
▶ No.852010
>>851866 (OP)
Again, nobody tells if it "works" on macbooks and other apple hardware. WTF is it too hard?
▶ No.852012>>852019 >>852170 >>852200 >>854323
>>851904
>The Intel AMT is designed to allow administrators to access and update PCs, even if those PCs are turned off. All they need is an internet connection and a wall socket and they can be updated. That’s a useful tool for large multinational firms with far-flung employees, but it’s also a potential security risk.
"Potential security risk." Let's call it what it is: a fucking backdoor.
Why is this garbage even sold to home users who don't need or want it? Is it because NSA are the admins now?
Y'all niggers better start boycotting. Don't worry about Intel going out of business though, they still make CPUs for the military. This is just about letting them know you don't like being assraped, speaking to them in the only language they understand: money. BOYCOTT INTEL.
▶ No.852015>>852017
>Retarded Sysadmins keep Remote Management Enabled without changing the password
>Somehow this is Intels fault
/tech/ -LARPNiggers
▶ No.852016
>>851866 (OP)
>AMT exploit
This is in addition to the one found last May?
https://www.intel.com/content/www/us/en/architecture-and-technology/intel-amt-vulnerability-announcement.html
>On May 1, Intel published a security advisory regarding a critical firmware vulnerability in certain systems that utilize Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM) or Intel® Small Business Technology (SBT). The vulnerability could enable a network attacker to remotely gain access to business PCs or devices that use these technologies. Consumer PCs with consumer firmware and data center servers using Intel® Server Platform Services are not affected by this vulnerability.
I think not since the article you cite links to the following:
https://business.f-secure.com/intel-amt-security-issue
>On May 1, Intel published a security advisory regarding a critical firmware vulnerability in certain systems that utilize Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM) or Intel® Small Business Technology (SBT). The vulnerability could enable a network attacker to remotely gain access to business PCs or devices that use these technologies. Consumer PCs with consumer firmware and data center servers using Intel® Server Platform Services are not affected by this vulnerability.
▶ No.852017
>>852015
>switch off Remote Management or change password makes you safe.
BIOS password and settings are irrelevant to an exploit of AMT.
▶ No.852019
>>852012
>ge even sold to home users who don't need or want it? Is it because NSA are the admins now?
Yes.
>Y'all niggers better start boycotting.
This.
▶ No.852026>>852032
>>851974
>Wii, which IS modern enough to support a desktop system with some success but would have the post G5 PPC Spectre vulnerability
Are you sure about that? The CPU is based on the G3 architecture.
▶ No.852032>>852035 >>859401
>>852026
Not him, but I posted here before that you can easily run Debian (Whiite Linux) on a Homebrew'd Wii with IceWM and even Dillon as the main web browser fairly well as long as you had ample SWAP space, which I just had dedicated to a USB flash drive
Would still never use it as a daily driver though. But it was a nice little novelty nonetheless.
▶ No.852035
>>852032
that flash drive isn't going to live long
▶ No.852039>>852041 >>852101
>>851866 (OP)
X86 is such a steaming pile of botnet shit it needs to die.
▶ No.852041
>>852039
Its really pathetic that you spam this shit in multiple threads. Begone LARP Goblin
▶ No.852050
▶ No.852099>>858224
>be user of old ThinkPad
>maxed out stats for atleast muh maximum performance
>just werks
<now on suicide watch because old CPUs are said to be slowed down the most
Do I just keep deferring all updates from now on? I don't want 50% performance drops. I'm on Core2Duo at the moment...
▶ No.852101>>852106
>>852039
Why do you care? Is somebody forcing you to use x86?
▶ No.852106>>852107 >>882197
>>852101
My boss. A lot of big orgs use proprietary software that only x86.
Sucks a massive dick, but there's not really a convenient way around it.
So, on another note, are there any CPU architectures that aren't a steaming file of shit?
▶ No.852107>>852109
>>852106
So why do you care about that? You don't own those computers do you? What your employers decide to do with their business ought to have zero effect upon your personal life.
▶ No.852109>>852110
>>852107
Actually, it is my personal computer. I won't get into why - it's a long story.
But, regardless, we also FORCE clients to use some of this software in order to communicate with us. I've also had to deal with clients where they've forced me to use software that is OSX only.
The fact of the matter is that in the real working world, compromise is necessary. It's hard to escape this. Not only are we in debt to (((them))) by way of usury and fractional reserve banking practises, but they've placed their brackets all around Silicon Valley too.
▶ No.852110>>852111 >>852117
>>852109
() parentheses
[] brackets
{} braces
Learn the difference, it might save you face
▶ No.852112>>852114 >>852139 >>852775 >>858632
>>852111
>implying programmers gives one hot fuck damn about what English majors with too much time on their hands define a bracket to be
▶ No.852114>>852126
>>852112
>implying that non-programmers refer to brackets as parentheses
Regardless, you completely dodged the rest of my post.
▶ No.852117
>>852110
This post is correct. Only my fair lady tier bongs call them all brackets.
▶ No.852126
>>852114
>you completely dodged the rest of my pos
I'm not the same person you were replying to. Why the fuck doesn't /tech/ use poster id's anyways?
▶ No.852132>>852135
YEAR OF THE RISC-V DESKTOP CPU FUCKING WHEN
▶ No.852135>>852138 >>852140 >>852163 >>852187 >>853625
>>852132
The general purpose desktop as we know it needs to die. Say good bye to Windows and Linux both. We're going to have to start using the video game console model, everything compartmentalized and specialized and locked down to a strict set of supported hardware so that it can be optimized as much as is humanly possible with absolutely no room for "a complete standalone OS embedded into the CPU for the purpose of remote code execution and spying".
▶ No.852138
>>852135
>absolutely no room for "a complete standalone OS embedded into the CPU for the purpose of remote code execution and spying".
o i am laffin
▶ No.852139
>>852112
>implying normal people gives one hot fuck damn about what programmers with too much time on their hands define anything to be
▶ No.852140>>852141
>>852135
What's better than one big botnet?
EVEN MORE BOTNETS!
Drawn yourself.
▶ No.852141>>852145
>>852140
And if they're specialized and compartmentalized you can just remove them, you double nigger.
▶ No.852145>>852146
>>852141
And after that you can finally drawn yourself, because you have exactly 0 hardware and 0 software to work with that isn't botnetted you fucking idiot.
▶ No.852146>>852180
>>852145
>he gets mad at other people for not using botnetted hardware and software
▶ No.852163>>852164
>>852135
*SPIES ON YOU*
Oh Jesus Christ in heaven!
▶ No.852164
>>852163
Where do faggots like you even come from anyways?
▶ No.852165
▶ No.852170>>852207 >>852349
>>852012
It's gonna keep happening if you still a class collaborationist.
Stop being a retard
▶ No.852180
>>852146
It's okay lainon. One day they will see the light.
▶ No.852187
>>852135
>implying nu-consoles don't have their own super sekrit mario management engine embedded inside the audio codec/USB controller/GPU etc.
No thanks, I'd rather a no-frills libre motherboard standard every piece of consumer desktop HW is strictly required to follow.
▶ No.852200>>858820
>>852012
>several low functioning autists on /tech/ boycott Intel
>Intel lose a couple of thousand in potential sales
>military, government and large corps still buy Intel
The dent in their profits is going to be undetectable. Indistinguishable from noise.
Don't buy Intel because they will fuck you over. But calling it a boycott and acting like it's going to achieve anything on a larger scale is a pipe dream.
▶ No.852207>>852222
>>852170
trannyboardownersuckingdick.mp4
▶ No.852225>>852231
>>852222
this violates the rules of this board, cease and desist immediately
▶ No.852231
>>852225
Hi (((/leftypol/ BO))).
▶ No.852233>>852236 >>852237 >>852239
>>852222
why are traps so ugly irl?
also who is the guy getting sucked off?
▶ No.852236>>852239 >>852242
>>852233
Because they're not 2D.
▶ No.852237>>852499
>>852233
because it's a dude wearing makeup in clothes that doesn't fit his body.
▶ No.852264>>852265
>>852222
Are those pig songs added, right?
▶ No.852265
▶ No.852266>>852292 >>853628 >>935685
>>852242
It's not gay if you wear programming socks.
▶ No.852292
>>852266 (checked)
>It's not gay if you wear programming socks.
For the record, proper programming socks must be toe socks.
▶ No.852327>>852329 >>852333 >>852358 >>852711 >>852732
x86 has always been shit.
By 2020 the plan is to have BIOS removed. So you couldn't even write a self-booting disk/usb stick if you wanted.
The worst home computer architecture won the battle in the 80s. Now it's fully infiltrated and controlled.
It turns out open source software was a red herring. Linux was a distraction. No degree of security or autonomy over a Win10 user. The hardware was fully backdoored long ago. The compilers, including gcc are now nearly fully backdoored. If you're still using x86 for anything but jerking it and checking the weather you're a fool.
▶ No.852329
>>852327
>No degree of security or autonomy over a Win10 user
Wrong.
>If you're still using x86 for anything but jerking it
One of the most intimate and publicly embarrassing, sometimes incriminating information there is. What else am I going to keep secret? My Stallman folder?
▶ No.852333>>852335 >>858233
>>852327
>By 2020 the plan is to have BIOS removed.
The BIOS has a lot of legacy bloat. It should be removed and replaced with something more lightweight.
▶ No.852335
▶ No.852358>>852364 >>852372 >>852378 >>858826
>>852327
Well at least SPARC is alive again.
https://www.theregister.co.uk/2017/09/19/oracle_sparc_m8_solaris/
Maybe someday RAPTOR will actually ship their POWER9 workstations also.
▶ No.852364
>>852358
they'll ship around the same time star citizen does. atleast if you give them 10 grand you get a cool jpeg and an interactive model
▶ No.852372
>>852358
i couldn't even afford a stick of ram for that
▶ No.852378
>>852358
>>852358
>8 32 core 4 ghz procs with 8 TB RAM
▶ No.852499
▶ No.852711
>>852327
>The compilers, including gcc are now nearly fully backdoored.
Everybody go and read Reflections On Trusting Trust again. This anon has, obviously.
▶ No.852732>>852734 >>852735 >>882467
>>852327
>It turns out open source software was a red herring. Linux was a distraction.
Linuxes were good until 2010 then suddenly went to shit due to systemd, Grub2, touchscreen DE's and other things. KDE and Gnome also went to shit.
>No degree of security or autonomy over a Win10 user.
Be serious. Admittedly Windows can be hardened better than Linux. At least Windows firewall lets you block specific programs and not just ports for one thing. The 1980s called, they want their Gufw back.
>The hardware was fully backdoored long ago.
True, proof is Intel ME and similar crap we know of.
>The compilers, including gcc are now nearly fully backdoored.
For this claim do you have proof? "Nearly fully backdoored", as in "nearly full of shit"? Proof (file, line of code, refusal to patch, disassembled compiler) or it's opinion. I remember that VS2015 has some stupid telemetry crap that it adds to what you build, but that's been found out, fixed in VS2017 and GCC doesn't have that.
▶ No.852734>>858890
>>852732
>Linuxes were good until 2010 then suddenly went to shit due to systemd, Grub2, touchscreen DE's and other things. KDE and Gnome also went to shit.
Linux is what, 8 million lines of code not including the user-space?
OpenBSD is 4 million, but that includes the user space and X.
TempleOS is 100000 lines of code.
Forth can be 1000 lines or less, with the ANSI standard dictionary.
▶ No.852735>>852736 >>852737
>>852732
>I remember that VS2015 has some stupid telemetry crap that it adds to what you build, but that's been found out, fixed in VS2017.
Not surprised that an openplacebotard would be so gullible.
▶ No.852736>>852742
>>852735
>you're gullible
Insult attempt != argument. Proof please? No proof?
▶ No.852737>>852740
>>852735
Not so fast, in current year Pajeets at MS are personally asking you why you Googled a specific framework and used it in your program instead of using MS's do-alike. There was a thread on this a while back.
▶ No.852740>>852741
>>852737
Paranoia and rumor cheapens this thread.
Keep it tight with proof and shiet... so you're saying VS2017 still has telemetry added to user projects or what?
▶ No.852741>>852863
>>852740
>Paranoia and rumor cheapens this thread.
>Keep it tight with proof and shiet... so you're saying VS2017 still has telemetry added to user projects or what?
LOL nice one, outing yourself so boldly.
This was covered here, the Pajeets had a log of what the programmer searched for. If you lurked you'd remember.
Lurk two years anon.
▶ No.852742>>852743 >>852863
>>852736
Gigabytes of proprietary software is impossible to audit or trust. You are a hypocrite for trusting it but denouncing free software like systemd. You just want to push people to proto-proprietary software like the BSDs or all the way to M$ etc.
▶ No.852743>>852863
>>852742
>You are a hypocrite for trusting it but denouncing free software like systemd.
Oh fucking please. Everybody knows systemd is pure cancer by now. It's larger than most historical OS's and subsumes much of their function. It's too big and swiftly-moving to be audited.
Pretending that it's the only thing going on Linux is not going to get you anywhere here kid.
▶ No.852775
>>852112
>"this word is whatever I define it to be, and only that!"
▶ No.852863>>852895 >>873199
>>852742
>implying systemd is possible to audit or trust
>implying the extra freedom by MIT/BSD licenses is a Bad Thing(tm)
>still no proof of VS2017 adding telemetry to user programs
>>852741
>This was covered here, the Pajeets had a log of what the programmer searched for.
Clarify because that's ambiguous. Searched for what, where? Searched the web page (the extension names) or his own open project (the code)?
VS2017 IDE telemetry can be disabled (choose no participation in VS Experience Improvement Program from Help->Send Feedback->Settings) or at worst it can be firewall blocked. Firefox is no better off, check it.
But I wasn't talking about VS2017 telemetry in the IDE however (and I'll laugh in your face when systemd adds telemetry of its own, enabled by default, in addition to leaking DNS to Google). I was talking about covertly adding telemetry stubs to user programs compiled with it, which VS2015 did but VS2017 doesn't do anymore... unless of course you have evidence to the contrary? Which I'd like to see? Pretty please?
>>852743
>Everybody knows systemd is pure cancer by now. It's larger than most historical OS's and subsumes much of their function. It's too big and swiftly-moving to be audited.
I have the following conspiracy theory and I'd like your opinion: what if systemd is designed as a secondary kernel and its only purpose is to increase the attack surface on all Linuxes that use it? Because it sure as hell isn't just an init system anymore. It's a high-level kernel now. If its purpose would be just to help user apps interface with Linux that would be an insult to Linux. So naturally I think its real goal is evil.
▶ No.852895>>852896
>>852863
>implying the extra freedom by MIT/BSD licenses is a Bad Thing(tm)
The last MINIX convention got cancelled for lack of speakers, despite being inside every single AMT chip Intel-Aviv has sold for the past what, 15 years? This is what cuck licences do to projects.
▶ No.852896>>852897 >>853076
>>852895
Minix has only been part of ME since 11.0 which I believe came out with Skylake.
MIT/BSD licenses protects developers, but the GPL protects users
▶ No.852897
>>852896
>MIT/BSD licenses protects developers
Ostensibly false
▶ No.852971
This is really depressing because I just built a very expensive Xeon server as a home lab :(
▶ No.853003
>an attacker with physical access to a machine can do bad things with it
shoo-shoo, what a fucking surprise! breaking news everyone woo-woo
▶ No.853076>>853085
>>852896
Developers are also users, that's the whole point of the GPL.
▶ No.853085>>853128 >>853131 >>853196 >>853623
>>853076
No, developers are not users. They are two distinct and different states. When you are developing you are not using. When you are using you are not developing. While a developer may at times be a developer and at other times be a user, he is never both at the same time.
▶ No.853095>>853098
>WE'RE UP TO FIVE MASSIVE INTEL EXPLOTS NOW
And normalfags aren't aware of even a single one. Why haven't we been using this whole spectre shitfest to spread FUD?
▶ No.853098
>>853095
it was used pretty much to it's full extent. people don't care until their bank accounts are empty.
▶ No.853124
I tried pressing ctrl+p on my amt-enabled laptop (with tpm perma-disabled in bios) and nothing happened, what's missing?
▶ No.853131
>>853085
you are not developing allah is developing
▶ No.853306>>855265
>>851979
Didn't you hear him? He said PLAYSTATION.
▶ No.853439>>855063
so i guess this guy is basically fucked now right? the fbi can just use a spectre attack to break into his encrypted unpatched macbook.
▶ No.853623
>>853085
So, what are developers using to develop the software users use?
▶ No.853625>>853632
▶ No.853632>>853633 >>854263 >>859395
>>853625
No, more like a #2 Phillips screwdriver. A purpose built tool designed to restrict the user without restricting its use. Forget about PCs and say "Hallo" to the special purpose computing appliance.
Imagine a painting tablet that only runs a single digital painting application, A technical drawing table that can only run a single CAD application, the IRS tablet that only runs your income tax form, a video cutting station that looks like an old film editing station and only runs a simple video editor, and a video FX station which only runs a selection of video processors, and electronic book that will only display a single ebook format, etc. pp.
I don't agree with the post you replied to, that this will spell the death of the generic work station or home computer, but I do see this as a desirable future for consumer computing. It would solve all of the security problems and most of the usability problems with consumer computing. And it would put a clear barrier between "us", the people who actually create shit, and "them", the people who leach off our creations.
▶ No.853633>>854263
>>853632
To expand on the last sentence: It would be like the 70's again. When only the military, scientist, big corporations and nerds who really cared had computers.
▶ No.853639>>855245
I keeps happening and getting worse.
Year of AMD, maybe ?
▶ No.853643
▶ No.854252>>854255
We just need more secu-crypto researchers looking for massive exploits.
Then blackmail the said companies to remove such exploits otherwise threat them to crash the market by making the exploit public. You may also bluff if you like.
>This kills the botnet
The problem is they'll make even stronger botnet instead.
▶ No.854255>>854269
>>854252
Wat? Shit's just gonna get more bloated and full of bugs. Look at the shit languages they're pushing now, like Rust and Go. They're just excuses to write shit code and pretend the language will fix all problems. No you dense fuckers, only writing good, solid, simple code will fix anything. Terry Davis got the fucking message, and nobody else did apparently. So there's gonna be shitloads of botnet and bugs in the future.
▶ No.854263
Ideas™
>>853632
>>853633
I kind of agree with that anon.
Multitasking was a mistake.
How about cartridges?
Stack:
Cartridges (ROM)
>games, software
>CPU
Cartridges (R/W)
>operating systems
>storage devices
Hub (optional)
>multi-monitor, multi-networking, multi-channel audio, etc.
>connect/split peripherals, other hubs and catridges
Peripheral1 (1 as in I/In)
>keyboard, speakers, wifi
>storage devices but not recommended
Peripheral0 (0 as in O/Out)
>HW:
>screen monitor
>cartridge and peripheral slot(s)
>SW:
>busybox-like with basic network stack - can be a cartridge slot if you want your own custom or hardened network stack or if you want none at all
Cartridges in general are throw-aways. Makes it easier to discard the botnet.
cons:
>theoretically slower than mobo design
>power is clusterfuck
>standards will be a clusterfuck
^this idea is Public domain DO NOT PATENT
▶ No.854269
>>854255
>only writing good, solid, simple code will fix anything.
Yeah, there's too many people out there born in the mid 70s.
>So there's gonna be shitloads of botnet and bugs in the future.
Just immune system at work. Good load off of my mind and x86_NSA_3PLA can go die finally
▶ No.854323>>882493
>>852012
>Why is this garbage even sold to home users who don't need or want it? Is it because NSA are the admins now?
Yes, there is no other reason to add this to consumer CPU's in which 99 percent of the time won't be used, unless the NSA believes you're a journalist that needs to stop publishing information that it doesn't want you to publish.
If you want to know something even more interesting there is a so-called ‘halt and catch fire’ instruction that was discovered inside Intel's' x86 processor. This instruction, executed in ring 3 from an unprivileged process, appears to lock the processor entirely. To rule out kernel bugs, the instruction was tested against three Linux kernels and two Windows kernels, yielding the same results. Kernel debugging with serial I/O and interrupt hooks appeared to corroborate the results. At the time of this paper’s publishing, the vendor has not been provided sufficient time to respond to the issue.
If you would like to see all the undocumented x86 instruction sets your CPU has you can try it with sandsift here https://github.com/xoreaxeaxeax/sandsifter
▶ No.855063
>>853439
if the computer is still on they can dump characters from ram but that is about it.
▶ No.855245
>>853639
Trading one evil for another.
POWER9
▶ No.855265
>>853306
Yes, and only one Playstation console has AMD CPU and Graphics.
The PS4.
▶ No.858224>>858271
>>852099
>old Thinkpad
>left for dead by both Keknovo and driver OEMs
>vulnerable ME: will never be patched
>vulnerable AMT: will never be patched
>vulnerable CPU (Meltdown/Spectre/Skyfall/Solace/JamesBond007WTFBBQ): will never be patched
>vulnerable WiFi (KRACK): will never be patched
>vulnerable Bluetooth (BlueBorne): will never be patched
>assraping exploits for all of these will likely be released sooner or later by shadowbrokers or wlvault
▶ No.858233>>858249 >>858408
>>852333
>The BIOS has a lot of legacy bloat. It should be removed and replaced with something more lightweight.
You do realize it's going to be replaced by UEFI (which is orders of magnitude more bloated) and nothing else?
▶ No.858249>>858259
>>858233
UEFI is orders of magnitude more flexible in the bootstrapping process. Legacy assumptions about bootstrapping is done away allowing any number of features that BIOS backwards compatibility will not allow. It's also faster.
▶ No.858259>>858263
>>858249
Why is it so difficult to get a UEFI-compatible boot disk going? MBR is the easiest thing in the world.
▶ No.858263>>858266
>>858259
Proof of trust is a difficult concept. Turn off secure boot if you're having so much trouble.
▶ No.858266>>858273
>>858263
I think one of us is misunderstanding something. If I turn off secure boot, how will that make the UEFI partition a non-requirement?
▶ No.858271>>858275
>>858224
Not sure if people on /tech/ actually use thinkpads or if it is just a meme.
Botnet and slow. What is the point?
▶ No.858273
>>858266
You're talking about the UEFI boot partition? I'm not sure what problems you have. Maybe I'm just lucky but it just works for me.
▶ No.858275>>858278
>>858271
Used Thinkpads are unusually cheap considering their specs and quality, and no more botnet than their contemporaries. They're shit in the ways all computers are shit, but they're pretty good compared to the alternatives.
▶ No.858278>>858420
>>858275
But aren't they 100% intel? Why would you want that? If your trying to be retro why not just get an old AMD laptop or PPC Powerbook?
▶ No.858408>>858914
>>858233
>You do realize it's going to be replaced by UEFI (which is orders of magnitude more bloated) and nothing else?
Sadly yes. I don't understand why things have to get slower and more bloated overtime instead of less.
▶ No.858420>>858438 >>858760
>>858278
If you want retro, get a Z80, 6502, or something of that era (except Intel). The AMD and PPC are probably pozzed too. I wouldn't trust anything past m68k tbh.
▶ No.858438>>858609 >>911576
>>858420
>m68k
68k was the shit. If Carmack had started to write software for the Amiga instead of PC and if Commodore hadn'tt made all the blunders they in the early 90s, computing history could have played out much different than it did.
▶ No.858609
>>858438
Or if he managed to get away with stealing that Mac from school...
▶ No.858632
>>852112
>being literally autistic
😂
▶ No.858677
>>851866 (OP)
>Tl;DR: AMT is remotely vulnerable via default passwords
learn what "remote" means first, skiddo
>A BIOS password normally prevents an unauthorized user from making low-level changes to a device. However, the essence of this issue is that even when a BIOS password has been set, an attacker does not need it to configure AMT. Not only that, due to insecure defaults in the BIOS and AMT’s BIOS extension (MEBx) configuration, an attacker with physical access can effectively backdoor a machine by provisioning AMT using the default password.
keyword: physical
in any case AMT is some homo shit that shouldn't even exist, and I knew this long before the skiddies started talking about it
▶ No.858760
>>858420
>not creating your own superior, super fast architecture by placing millions of transistors on a circuit board
It's like you want to be cucked by the CIA
▶ No.858820
>>852200
>military, government and large corps still buy Intel
You forgot normalfags.
▶ No.858826
>>852358
It was alive the whole time, Fujitsu never stopped making their own SPARC processors. They're expensive as fuck Big Iron stuff though.
▶ No.858890>>859381
>>852734
Forth is a programming language not an operating system.
▶ No.858914
>>858408
>I don't understand why things have to get slower and more bloated overtime instead of less.
The same reason make-work exists: to provide an excuse for existing. Without this fake believe purpose in life, many bipedals would die out of sheer boredom.
▶ No.858919
>>851911
How exactly would one go about accessing the AMT? I never accessed this shit and recently lost my job so a new MB and CPU is out of the question. My BIOS is incredibly barebones and won't even let me turn off IME which is extremely unfortunate. At least I know what version it is!
▶ No.859344>>859378
>>851866 (OP)
https://archive.fo/toZat
https://techcrunch.com/2018/01/28/intel-reportedly-notified-chinese-companies-of-chip-security-flaw-before-the-u-s-government/
I'll just paste the title:
Intel reportedly notified Chinese companies of chip security flaw before the U.S. government
I'll check back with my relatives in the MSS PSB to see if they knew about it beforehand.
▶ No.859378>>859707
>>859344
Without jumping to conclusion, what do you think the reason for this was? It's a bigger country, more focused on cyber security because they are renown for having many cyber criminals, and obviously an important market to try and hold given their main competitor (AMD) is aggressive in the area already.
Do you think they ordered their alert list based on something like liability, user count, user importance, and/or maybe something else or should conspiracy be assumed (I don't think so just yet)?
▶ No.859381>>859384
>>858890
It can, and has been used as an OS. Ditto with BASIC.
▶ No.859382>>859386 >>860926
>>851880
>Installing Linux on Gamecube
Unless you like cutting your teeth on what is essentially a shitty PPC G3-tier CPU, I wouldn't recommend it.
A saner alternative to this Spectre-Meltdown madness is to just get an old pre-2013 Intel Atom laptop/UMPC or Raspberry Pi 3 modded into a laptop. You can get a good netbook for ~$30 USD and a killer UMPC for ~$130. Typing this from pic related running Void Linux.
>>851972
>2005
gamecube was made in 2001, faggot.
▶ No.859384>>859404 >>859495
>>859381
Wrong. Forth and BASIC are USERLANDS, not complete OS'. The Commodore 64 for example, actually had a level of abstraction between the kernel and BASIC interface, the "KERNAL" and the KERNAL in fact used its own separate ROM that people could bootstrap other interfaces to like JiffyDOS. In overall function however, many consider it closer to a BIOS found in IBM PCs
▶ No.859386>>859723 >>860076
>>859382
>A saner alternative
A saner alternative to all of this would be to stop using computers.
Computers were a mistake.
▶ No.859395
>>853632
Frankly that sucks. Your world is completely throw-away. What needs to happen is all general computing devices (which is just about anything electronic now-a-days) must follow open standards or that the hardware must be open or else face a very hefty VAT.
▶ No.859401
>>852032
>dillo
>"web browser"
enjoy your dildo, anon
▶ No.859404
>>859384
Interestingly enough, the C64 RAM was actually 64K, but many areas of the memory map are occupied by ROM. However the 6502 is smart enough to know that you can't write to ROM, and redirects writes to the ROM area to RAM instead. You can then change the area the VIC][][ chip uses to a ROM-occupied area to use previously unusable area. This can for using the KERNAL area for video memory, for example. Unfortunately this means you cannot read screen memory.
▶ No.859494
>AMD appeared to be justing their own shit all these years
>Actually they were doing opposition research
>Meanwhile, they gave their engineers all the time in the world to create the perfect CPU to JUST Intel's shit
>Release CPU in 2017
>Intel loses its shit
>Intel releases rushed 8core cpus
>AMD then begins leaking Intel design flaws
>Intel's fw
Where were you when Intel was slowly raped into bankruptcy over a whole year?
▶ No.859495
>>859384
I already knew that, but the OS is a lot more than the kernel. That said, you can write a kernel in Forth at least.
▶ No.859707>>859715
>>859378
Not sure. But this shouldn't happen considering the tense state of China-US relations after that HK guy was detained for spying. I wonder if it has to do with China making their dragoncore processors, or just flat out threatening to fuck into over a la google style.
My relative in the MSS said there wasn't anything that he knew of, so probably just shitty planning on intels part thats gonna get spun into, "Intel help the chinese fuck the US gov over!!!?!?!"
▶ No.859715>>859741
>>859707
>Google 'Dragoncore'
>All the results are related to Yu-Gi-Oh
>Google "Dragoncore processor"
>All results are related to Qualcomm Snapdragon ARM chips
I guarantee you exactly 0 chipmakers see dragoncore as any kind of threat.
Are you a Chink? Why do I continue to see you shill Loongson processors all over this board?
▶ No.859723>>859834 >>860076
>>859386
>Computers were a mistake.
That's a realization too late to make. If all computers became disfunctional right now, society would immediately collapse with niggers running amuck looting anything there is to loot etc.
▶ No.859741
>>859715
Not shrilling. Just saying its possible although it's outsourced to fab in Germany so and a single core costs 1000USD roughly soo.....
>In other words its all talk no do like usual with the CPC
▶ No.859834>>859956 >>860009
>>859723
It's not a realization, it's just hyperbole. Intel was the mistake, any other choice was better.
You don't just fucking pick the worst ever architecture and then say all computers are a mistake. You picked the shit computers, now you got shit. That's how it fucking works.
▶ No.859956
>>859834
IBM could have chosen Motorola instead of Intel, but didn't. John Carmack could have been working on Amiga and could have made his groundbraking 90s games for it, but didn't, and they became PC killer apps instead while the Amiga died. Oh well.
▶ No.860009>>860044 >>860089
>>859834
The bigger mistake was when Microsoft picked C instead of Pascal or PL/I. Segmentation was created specifically to improve high-level programming languages and the OS environment. The main problems with C are null-terminated strings, the flat memory model, and arrays that suck.
If you want to fix hardware and software, you have to dispel some myths.
1. Programming languages are too hard to understand unless they look like C.
2. There is no point in replacing C with anything unless it's gigabytes of garbage per second PajeetScript.
3. Languages without a GC like Fortran, Pascal, and Ada are not worth learning, so you should use slow PajeetScript which has a runtime written in C.
4. All problems can be solved by abstraction and throwing more hardware at it so there is no need to care about the lower levels.
This problem is not permanent unless you want it to be. I read on the Mill forums where he said he would have built a capability architecture but it wouldn't be able to run C programs, and I think that's sad.
https://wiki.osdev.org/Segmentation
https://wiki.osdev.org/Segment_Limits
▶ No.860044>>860096
>>860009
I guess implementing MMUs were a waste anyway. Who doesn't have the memory to cover the entire address space anyway?
▶ No.860076>>860087
>>859386
>>859723
it's not technologies fault that people are low tier consumer whores obsessed with shiny things. We are by default doomed based off societies average IQ alone
▶ No.860087>>860703
>>860076
By definition, the average IQ is 100.
▶ No.860089>>861240
>>860009
>null-terminated strings
A one-L NUL, it ends a string
A two-L NULL points to no thing
(But I will bet a golden bull
That there is no three-L NULLL)
▶ No.860096>>861240
>>860044
The main overhead and complexity in operating systems comes from file I/O. Virtual memory was created to get rid of internal file I/O by treating the entire disk as if it was persistent RAM. That's called a single-level store and it's extremely powerful and scalable. Most of our OSes treat RAM and disk like paper tape. Null-terminated strings come from a paper tape convention. They do the opposite of single-level store. They remove parallelism and random access and make things more sequential.
https://en.wikipedia.org/wiki/Single-level_store
▶ No.860703>>881272
>>860087
Does this mean my IQ score will go up as more niggers are imported into my country?
▶ No.860924
▶ No.860926>>861887
>>859382
it would be more practical to buy an Acer ZG5 bth
▶ No.861042>>861901
Shit thread.
>TL;DR: Motherboard manufacturer allows you to configure parts of the system even if you set BIOS/UEFI password.
This is not an Intel flaw. This is an a motherboard firmware flaw. In-fact Intel motherboards don't allow access to the AMT configuration before asking for the password.
▶ No.861240>>873223
>>860096
>Null-terminated strings
You terminate strings by (void *)0 ? See >>860089
▶ No.861887>>861940 >>862014 >>862141
>>860926
very good computer for pentest ops
▶ No.861901
>>861042
you can turn on pre-bios passwords in nearly every system i have ever seen, its just disabled by default and nobody seems to use it
▶ No.861940
>>861887
>capslock key forcefully removed
why
▶ No.861976>>881261
my backspace key broke so i put the capslock key where the backspace was.
▶ No.862014
>>861887
Have you tried not dunking your camera in vaseline?
▶ No.862141
>>861887
I have actually compiled gentoo on one of these. Jesus christ it takes so long.
▶ No.872741>>872755 >>872775
>>872734
>bumping multiple older threads without any meaningful contributions at all
Enjoy your lawsuits.
http://archive.fo/fLyAT
▶ No.872755
>>872741
The company said the remaining two suits were securities class actions, where the plaintiffs allege that Intel and some of its officers violated securities laws by making statements about products or its internal controls that were later revealed to have been false or misleading.
INTEL CEO ABOUT TO LOSE HIS SHIRT
▶ No.872775>>872780 >>872796
>>872741
sorry. the front page threads were getting stale so i want people to check the catalog and hopefully we get some better discussion on existing threads or get some new threads posted.
▶ No.872780
>>872775
I wonder how many exploits have been developed and deployed so far? Will we find old malware from before this was a known problem which takes advantage of these issues? I would bet every state-level actor and a bunch of non-state actors are busy as beavers with this right about now.
▶ No.872796>>872822
>>872775
>my taste is better than every one else on this board so im gonna replace threads that i think are stale with threads every one else thought went stale last month.
dont do that shit ever again, if you think the topics on the front page are boring, gtfo or better yet come up with something new.
▶ No.872822>>872826
>>872796
This is an ongoing crisis and it’s fair to discuss it here even if the thread is old.
▶ No.872826>>872830
>>872822
aggreed, but 'bump' isnt a discussion, its necroposting, and if my theory is correct, the guy is a cannonical shill who only came here to bump 10 threads in order to bury the ubuntu thread.
▶ No.872830>>872839 >>872843 >>872874 >>882360
>>872826
i am not a shill. if i wanted to be subtle i would write a bot to necrobump 2 - 7 threads over the course of a day and leave it running forever to shit up board quality in general. bumping them simultaneously makes it obvious. i'm simply tired of the same shitty threads sticking on the front page. people need to learn to use the catalog.
>"software autism thread"
>"where's terry now thread"
>"is X better thread"
>"rate my DE thread"
>"i know this should be in the sticky but please give me hardware advice thread"
why not instead:
<"coding thread"
<"cool new library thread"
<"crypto and how to mine thread"
<"/tech/ worthy news thread"
i have created coding and crypto threads before and they get buried too often because nobody checks the catalog.because /tech/ doesn't code
▶ No.872839>>872843 >>872851
>>872830
if you had bumped them slowly it would not have gotten burried, thats now 2 excuses youve made that make no sense, now im even more sure youre a shill. the fact of the matter is that if you dont have anything of substance to add to a thread, you should have no reason to believe that anyone else has anything to add either...
▶ No.872843>>872851
>>872839
>>872830
thats why all the threads you bumped are back off the front page already, youre luck the BO is offline, if you didnt notice, nobody else tries to pull the shit that you just did, because theyd be banned in a fucking second.
▶ No.872844
fucking spamming piece of shit
▶ No.872851>>872856
>>872839
i wasn't trying to slide threads. only to stir them. if i bumped them slowly but sustained it would shit the entire board up. instead i've triggered you. let that be a lesson to you. i hope you've learned to use the catalog.
>>872843
>theyd be banned in a fucking second.
<implying vpn does not exist
okay sweetie.
▶ No.872856>>872861 >>872878
>>872851
>implying you intend to evade your ban
in case you didnt notice, nobody is replying to the threads youre bumping anyway, the only reason youre still here and still trying is that youre a fucking shill.
▶ No.872861>>872865 >>872878
>>872856
lel what am i shilling sweetie?
#triggered
▶ No.872865>>872869 >>872878
>>872861
youre shilling for canonical, trying to bury the ubuntu thread, keep it up, i personally will keep that thread on the front page all week, your job will be 9x harder than mine, and your shit stinks from a mile away, so even if you evade your ban, it wont be hard to see its you when you come back, you may think im triggered, but this is a game for me, glhf.
▶ No.872869>>872874 >>872878
>>872865
Why do you believe that's it's buried? Everything in the catalog is up for viewing!
▶ No.872874>>872876 >>872878
>>872869
>Why do you believe that's it's buried?
>>872830
>because nobody checks the catalog.
congratulations: you answered your own question, before you even asked it!
▶ No.872876>>872878 >>872881
>>872874
i'm not him you stupid motherfucker
▶ No.872878
▶ No.872880>>872907
>>851866 (OP)
The high priest Terry believed that x86_64 was a perfect foundation for the temple of God, but the catastrophic events have shown him that he had been in error for all these years. His hard work has been all in vain.
▶ No.872881
>>872876
congratulations: you skipped over half the conversation, and you get bonus points for unironically saying something that he would sarcastically say!
▶ No.873199>>881039
>>852863
>But I wasn't talking about VS2017 telemetry in the IDE however (and I'll laugh in your face when systemd adds telemetry of its own, enabled by default, in addition to leaking DNS to Google). I was talking about covertly adding telemetry stubs to user programs compiled with it, which VS2015 did but VS2017 doesn't do anymore... unless of course you have evidence to the contrary? Which I'd like to see? Pretty please?
Compare WPF/Silverlight (open source) to Universal Windows Platform (closed source).
Nobody is using the latter, ever wonder why?
▶ No.873223>>881281
>>861240
This forced meme is kinda lame. NUL is just an abbreviation in the ASCII table, just as BEL and LF.
He was obviously refering to the null byte used to terminate all C language so-called "strings". Prove that you're a human and can parse natural language like one, else we'll just write you off as one of the markov bots that haunts this forsaken place.
▶ No.873522
time to change to AMD and develop a standarize the use of an open source processor architecture.
▶ No.881026>>881038
>over two months later
>Intel firmware fix still not available
>previous fixed firmware was bricking computers
Hahaha I can't wait for the Russians and Chinese to start (continue?) using these flaws.
▶ No.881030
>everything is botnet
>to the point you more or less have plausible deniability for any data that may exist, because all of it could be fabricated out of whole cloth
wew
▶ No.881038>>881072
>>881026
>Hahaha I can't wait for the Russians and Chinese to start (continue?) using these flaws.
Without a doubt any intelligence agency that isn't shit already uses it, or you think most 0days last forever?
▶ No.881039>>881042
>>873199
>Nobody is using the latter, ever wonder why?
▶ No.881042
▶ No.881072
>>881038
This vuln is now old af but no real fixes yet.
▶ No.881261
>>861976
Thanks anon. I've never legitimately laughed out loud on an imageboard.
▶ No.881272
>>860703
effectively, yes. IQ changes based on the average. It's funny, but most naysayers who claim that we aren't headed for an idiocracy-esque future cite that the average IQ is climbing but fail to realize that that is relative to a fixed point. Of course the IQ is climbing, the average is going down, so today's 100 is last decade's 95.
▶ No.881281
>>873223
'\0' is semantically distinct from (void *)0 .
▶ No.881295
>>881278
Bots need to fucking die already.
▶ No.882196>>882198
https://www.amdflaws.com/
Oh look, Intel’s Israeli branch has been busy making up flaws for AMD.
>must have local administrator privileges
>must flash a malicious BIOS
>gave less than 24 hours notice to AMD before disclosure
Sure smells Jewy.
▶ No.882197
▶ No.882198>>882206 >>882276 >>882310 >>882349
>>882196
they even look as jewy as they act
▶ No.882206
>>882198
No, NO! Don’t post images like that you filthy goy.
BTW did you notice the CEO was in the IDF’s cyber security 8200 division? That’s their digital blackmail squad.
▶ No.882259
>>851866 (OP)
Isn't this already exploited in the last year
▶ No.882276>>882343
>>882198
>could've filmed literally anywhere and nobody would bat an eye
>let's lie about it instead
I'm starting to think kike genetics make it impossible for them to tell the truth.
▶ No.882310>>882574
>>882198
Fucking Intel schlomos spreading FUD. Nuke Israel when?
▶ No.882343
>>882276
Kek, I don’t get it either. That’s hilarious.
▶ No.882349>>882367 >>882400
>>882198
>that guy in the middle
My hand instinctively clutched my wallet when I saw him.
▶ No.882360
>>872830
>i am not a shill. if i wanted to be subtle i would write a bot to necrobump 2 - 7 threads over the course of a day and leave it running forever to shit up board quality in general.
So /pol/ on a daily basis? ineffective.
▶ No.882400>>882543
>>882349
>knows jews gonna jew
>doesn't realize jews know you know
>you've just told the jew where you keep your wallet
▶ No.882467>>882485
I'm using Raspian on an overclocked Raspberry PI 3. I'm not claiming x86 has to die, or other nonsense. But Raspi3 is enough for surfing, if you don't open to many tabs. It's not vulnerable to Meltdown and Spectre. Alternative single board computers might even be more secure, and it helps with compartmentalization (don't do all you shit on one computer).
>>852732
>Linuxes were good until 2010 then suddenly went to shit due to systemd, Grub2, touchscreen DE's and other things. KDE and Gnome also went to shit.
Linux is the Kernel. The other mentioned technologies are ok or even good, but you don't need to use them. So what? Ever heard of Distrowatch?
▶ No.882484
▶ No.882485>>890179
>>882467
Pi's are all invulnerable to Spectre.
▶ No.882493
>>854323
>Yes, there is no other reason to add this to consumer CPU's in which 99 percent of the time won't be used, unless the NSA believes you're a journalist that needs to stop publishing information that it doesn't want you to publish.
Cyberwar? Espionage against other countries. Americans tend to forget that they exist, sometimes...
▶ No.882543
>>882400
>that pic
It's like someone stuck Mini-me's face onto Fat Bastard's body.
▶ No.882574>>890188 >>925335
>>882310
New York
Washington
Hollywood
London
Berlin
Brussels
Mecca
Vatican
San Francisco
....Lots of targets.
▶ No.890151
▶ No.890179>>890184 >>890200
▶ No.890184
>>890179
Search for "raspberry pi speculative execution"
▶ No.890188
>>882574
On one hand I hate this soyboy cuck supreme, on the other he supports the eradication of one of the most prominent mental illness' to plague our current society.
▶ No.890200
>>890179
There's a thread up about this Schlomo.
▶ No.890930
▶ No.892171
>tfw I fell for integrated israel meme
Not even once
▶ No.895251
▶ No.900817>>902687
Bump, it's been over three months, has Intel even made new microcode available to vendors yet?
I know they did once but it turned out that the first microcode fix they gave out was actually bricking machines. Has anybody gotten a BIOS update yet?
What a shitshow, they will never live this down.
▶ No.902687
>>900817
No new microcode yet, Intel is still thinking about how they can sneak in some new backdoor to make up for the one they'll fix.
▶ No.911485>>911493
More massive Intel flaws came out this week too.
▶ No.911493
>>911485
Yes, and we have a thread discussing those
Too bad mods here are useless or they would've anchored this thread being bumped by a single fucking person at this point
▶ No.911576
>>858438
I'm kinda glad it turned out like it did though. If Commodore and Atari had survived, they would have most likely just become pozzed and lamerized just like everything else.
▶ No.917078>>918522
There are more new exploits that just came out. Jewtel's shitting the bed lately.
▶ No.918515>>918522 >>919901
TWO NEW CRITICAL SPECTRE VARIANTS DISCOVERED
ONE CAN WRITE TO YOUR FIRMWARE
▶ No.918521
>>851879
why not buy an amd cpu?
also aren't ppc cpus already extremely exploitable?
▶ No.918522
>>918515
>>917078
So what is the current status on real-life danger resulting from this? Are there drive-by kind of exploits where your system can get compromised and owned by executing some cancerous Javascript on some random page you visited or somesuch? What are the means to mitigate the risks, use an expendable system that has both firmware and OS reflashed/reimage once a week, and do anything else on airgapped systems?
▶ No.919899
Literally a NSA backdoor.
My guess is the NSA did something intel didn't like so they cucked them out of a backdoor to show resolve.
▶ No.919901
>>918515
So can linux.
Specially if you use an old version of systemd because it used to mount the EFI read/write and didn't require root privileges, so literally anybody with shell access would be able to brick your motherboard.
It's fixed but it's yet another of Poettering's marvels in software engineering.
▶ No.925103>>925122
New embargoed Incel remote exploits coming this week, be prepared for a shocker!
▶ No.925118>>925313 >>925595 >>935715
>Exploits disclosed nearly 6 months ago
>Performance penalty turned out to be literally nothing
>Intel stocks higher than they've been in years
>Intel still not dead
>Literally nobody cares except a single virgin that keeps bumping his own thread
>mfw /tech/ was wrong again
▶ No.925122>>925147 >>935715
>>925103
How long before hacker start using these backdoors to explode people's batteries?
*removes laptop battery*
N-nothing personal, cianiggers!
▶ No.925147
>>925122
They're already doing it with phones.
▶ No.925313
>>925118
This proofs how a monopolist can control the media.
▶ No.925335>>935715
>>882574
Trudeau is a fag but I see nothing wrong with selling weapons to a regime that kills the degenerates he supposedly likes.
It was the best choice for canadians.
▶ No.925595
>>925118
>it's cool that Intel and the mass media has everybody so brainwashed that their trash insecure processors continue to sell
CIA detected
▶ No.934605>>935695 >>935718
How many critical Intel bugs have been revealed since the beginning of the year, thirty?
▶ No.935685>>935708
>>852266
This is why k00lkids needs to purge the cuteposters
▶ No.935695
>>934605
Whatever the number is, there's probably tons more.
▶ No.935699>>935716 >>937777
Let's start asking the real questions
Do we know of a microprocessor that has EVERYTHING documented?
Do I have to build one with TTL?
▶ No.935708>>935709
>>935685
The purge is ongoing. If the vols & BO don't cooperate, we have other plans for the board.
▶ No.935709
▶ No.935715>>935717
>>925118
>Performance penalty turned out to be literally nothing
Not for specific virtualization tasks where you lose 90% performance.
>Intel still not dead
I wonder why a multi billion dollar company who has a monopoly thanks to unfair concurrency is still alive ? :emoji_thinking:
>Literally nobody cares
Yes the earth is still turning that was as expected as the sun rising.
>mfw /tech/ was wrong again
Can you glow even more than this ?
>>925335
>I see nothing wrong with selling weapons to a regime
It's a form of interventionism, any kind of interventionism is a mistake.
>>925122
>How long
It's already happening for what I witnessed (mostly badly made bots) but the news isn't talking about it for some reason.
▶ No.935716>>935720
>>935699
If you're worried use a freetard FPGA design or emulate said design.
There aren't very many excessively documented microcontrollers or microprocessors AFAIK, but low end embedded stuff could be up your alley. It shouldn't be hard to find extensive documentation on a 6502 or a Zilog Z80.
▶ No.935717
>>935715
>for some reason
I wonder if I could find that reason on your post :emoji_thinking:
▶ No.935718
▶ No.935720>>937435
>>935716
I only want a processor that works as a processor, one that doesn't waste my electricity on some secret triple nigger project to spy on everything
▶ No.937435
>>935720
There are plenty of options for that, but they're all old. PPC Macs are safe and run OpenBSD just fine.
▶ No.937777
▶ No.940095
>chink craps vs pajeet crap
no thanks.
▶ No.940097>>940112
Can they just leave my thinkpad alone. please?
▶ No.940112
>>940097
Time to get one of those Ryzen thinkpads.