Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Hardware
Hardware Troubleshooting
Shoud I Invest on new Cpu or Laptop??
Message
<blockquote data-quote="Digerati" data-source="post: 703723" data-attributes="member: 59833"><p>I totally agree!</p><p></p><p><u><strong><span style="font-size: 18px">BUT</span></strong></u> that does not mean the issue should be ignored. The problem is real, it just does not affect near as many people as many "wannabe" journalists and bloggers, and many in forums who automatically believe and repeat everything they read, made it out to be. </p><p></p><p>Personally, if you "need" a computer now, buy one. But if you can wait, I say wait a few months.</p><p></p><p>I feel this is a bit misleading. First, as you <u>correctly</u> noted, the situation "resized" and US CERT's advice was <u>quickly</u> taken down (like in less than 24 hours!). So I think the comment should be "<em>to give you an idea how the situation was initially blown way out of proportion and exaggerated...</em>". This is because, as it turns out, is it not near as bad as initially reported.</p><p></p><p>BTW, I recommend everyone interested in security <a href="https://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new" target="_blank">sign up</a> for US-CERT Advisories.</p><p></p><p>It is bad for those servers affected, but it is not nearly as widespread as first reported. To exploit this bug, the server needs to be running VM (virtual machines) and certain programs within those VM environments. Then the badguy must (somehow) get past all the security coming in and gain <u>root access</u> to the system. That is not necessarily hard for an experienced hacker, but it is not a like you see on TV either. </p><p></p><p>From there he/she has to run a program where he can then see data from another VM session running on that computer. But understand seeing data does mean you can read and understand it. Data in memory looks like a bunch of hexadecimal jumbled up gobbledygook from everything running in that memory environment. Seeing it and turning into readable, understandable, and usable/exploitable data are totally different things. </p><p></p><p>So can it be done? Yes. But there are a whole lot of big IFs in the way before a bad guy could actually get any usable data. Plus it is important to point out there is no evidence anywhere this flaw has ever been exploited.</p><p></p><p>So yeah, there's been way too much FUD and paranoia spread on this.</p><p></p><p>And not only FUD just on the vulnerabilities, but on the patches too with many reports claiming performance hits up to 30% once you apply the patches. I've update all my 6 systems here and have seen no performance degradation at all. Many others report the same. In fact, I have not seen anyone saying their system is running slower now.</p><p></p><p>That is incorrect and therefore not sound advice. The problem is NOT with Windows. It is with the hardware and Chromebooks still contain Intel devices. But, AMD processors <u>are</u> affected too! See <a href="https://www.theinquirer.net/inquirer/analysis/3023798/intel-arm-and-amd-all-affected-by-meltdown-and-spectre-security-bypassing-cpu-design-flaw" target="_blank">The Inquirer: Intel, ARM and AMD all affected by security-bypassing, kernel-bothering CPU bugs</a> and <a href="https://thehackernews.com/2018/01/meltdown-spectre-vulnerability.html" target="_blank">The Hacker News: Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors</a>. While the initial strain of Meltdown only affected certain Intel processors other variants of the same problem affect AMD as well.</p></blockquote><p></p>
[QUOTE="Digerati, post: 703723, member: 59833"] I totally agree! [U][B][SIZE=5]BUT[/SIZE][/B][/U] that does not mean the issue should be ignored. The problem is real, it just does not affect near as many people as many "wannabe" journalists and bloggers, and many in forums who automatically believe and repeat everything they read, made it out to be. Personally, if you "need" a computer now, buy one. But if you can wait, I say wait a few months. I feel this is a bit misleading. First, as you [U]correctly[/U] noted, the situation "resized" and US CERT's advice was [U]quickly[/U] taken down (like in less than 24 hours!). So I think the comment should be "[I]to give you an idea how the situation was initially blown way out of proportion and exaggerated...[/I]". This is because, as it turns out, is it not near as bad as initially reported. BTW, I recommend everyone interested in security [URL='https://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new']sign up[/URL] for US-CERT Advisories. It is bad for those servers affected, but it is not nearly as widespread as first reported. To exploit this bug, the server needs to be running VM (virtual machines) and certain programs within those VM environments. Then the badguy must (somehow) get past all the security coming in and gain [U]root access[/U] to the system. That is not necessarily hard for an experienced hacker, but it is not a like you see on TV either. From there he/she has to run a program where he can then see data from another VM session running on that computer. But understand seeing data does mean you can read and understand it. Data in memory looks like a bunch of hexadecimal jumbled up gobbledygook from everything running in that memory environment. Seeing it and turning into readable, understandable, and usable/exploitable data are totally different things. So can it be done? Yes. But there are a whole lot of big IFs in the way before a bad guy could actually get any usable data. Plus it is important to point out there is no evidence anywhere this flaw has ever been exploited. So yeah, there's been way too much FUD and paranoia spread on this. And not only FUD just on the vulnerabilities, but on the patches too with many reports claiming performance hits up to 30% once you apply the patches. I've update all my 6 systems here and have seen no performance degradation at all. Many others report the same. In fact, I have not seen anyone saying their system is running slower now. That is incorrect and therefore not sound advice. The problem is NOT with Windows. It is with the hardware and Chromebooks still contain Intel devices. But, AMD processors [U]are[/U] affected too! See [URL='https://www.theinquirer.net/inquirer/analysis/3023798/intel-arm-and-amd-all-affected-by-meltdown-and-spectre-security-bypassing-cpu-design-flaw']The Inquirer: Intel, ARM and AMD all affected by security-bypassing, kernel-bothering CPU bugs[/URL] and [URL='https://thehackernews.com/2018/01/meltdown-spectre-vulnerability.html']The Hacker News: Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors[/URL]. While the initial strain of Meltdown only affected certain Intel processors other variants of the same problem affect AMD as well. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
