VM and Microprocessor bug fixes incoming..
hopefully microcode quickly also.
Creating a better virtualization header that is:More efficient at isolating the contained OS with attributes in the OS's to contain secured data?
We find answers to improve efficiency and protect against VM>VM data transfer or to use this for a creative purpose!
We need answers! and science. : Microcode update
"First responder RS"
"Thank you for googles firm responses to the bug, faith in google is high..
The micro code be updated to flush & or contain the the speculative data in a data-cycle secure storage,
Within the framework of cache and ram/virtual-ram?
cycle efficiency would be at most two cycles and a flush Xor bit data overlay,
Bit Masking before and after pre-fetch presents & also uses data - this method would be fast! (c)Rupert S"
"Obviously in light of buffer exploitation we would suggest that buffers after password entry are cleared, This is not the whole solution because the spy program could be resident..
Buffer exploitation is a common practice in viruses and this type of attack is nothing new..
There is no doubt that buffers are a victim of flooding and exploitation; Over and over!
After all buffer exploitation is a logical consequence of their use on a computer or hardware.
Randomizing buffer allocation, Location and encryption algorithm is the most logical choice on hardware, However! how much effort must be made to protect buffers when an attack on them is predicable and logical? A lot we say.
Google systems have been updated for Meltdown bug https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
attack mitigation - https://support.google.com/faqs/answer/7622138#android
"Microsoft issued an emergency update today,
Amazon said it protected AWS customers running Amazon's tailored Linux version and will roll out the MSFT patch,
for other customers to day"
We need answers! and science. : Microcode : update
http://bit.ly/HPC-Dev - examination and findings direction of HPC Development
http://bit.ly/tRNG-Dev - will Random/Entropy drivers help - function examined and processed.
about the bug :https://www.theguardian.com/technology/2018/jan/04/meltdown-spectre-worst-cpu-bugs-ever-found-affect-computers-intel-processors-security-flaw
A detailed and interesting article with many details; Well written. (12 jan 2018)
report PDF on mitigation - (requires signing) : https://insidehpc.com/white-paper/meltdown-spectre-bugs-work-can-prevent-performance-plummet/
AMD's concern for security lead them to make cache work differently right from the start; Where as Intel chose to pre-fetch kernel & secure data on the presumption that this could rarely be used.(this was published in the past we read about it.) RS
As we can see AMD has a security focus & did also in 2005 when pre-fetch method came up for debate.
"Details of a problem have been gradually emerging, People with AMD Athlon-powered computers say that following the installation of the patch, it is impossible to boot into Windows leaving a full re-installation as the only option -- although some users report that even this does not fix the problem. "
(possibly related to the antivirus program incompatibility)(some AV's possibly! we need a list preferably now.)
Athlon PC patch is being re engineered so that it works on windows 10 - not related to newer AMD chips:
Intel information with sub-tabs (of interest)
On the front of the kernel patch 4.4.0-108 (Ubuntu) bricking some older Athlon models apparently ...
4.4.0-109 is the fixed version; Further information would be useful but is currently too hush hush for full disclosure. - google 4.4.0-109 for more information.
on the GPU front we can see that since cache pre-fetch is the issue that all classes of GPU/CPU & other processor class with cache may well face issues.
Crypto Keys need replacing due to meltdown bug - after patching!
due to system compromise. (c)RS
Meltdown and specter security Firmware update is more important to bitcoin, Crypto coin & block-chain than the price! read it now and Update
Firmware Updates and Initial Performance Data for Data Center Systems - information on intel,AMD & other componentshttps://newsroom.intel.com/news/firmware-updates-and-initial-performance-data-for-data-center-systems/
HPC View of Meltdown and a few patch updates
AMD affirmative patch inbound to secure lesser risk in conscientious market. - good update