+ Reply to Thread
Page 2 of 4 FirstFirst 1 2 4 LastLast
Results 21 to 40 of 66

Thread: CPU Security Holes affecting Intel and AMD CPUs

  1. Link to Post #21
    France On Sabbatical
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    16,763
    Thanks
    60,315
    Thanked 95,891 times in 15,481 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    The first mistake is to acquire a computer...

    The second mistake is to plug it in into the wall outlet...

    The third mistake is to switch it on...

    ... and one is done in to the hilt! Checkmated in three moves.

    Jim's Stone vindication:

    January 20 2018

    BLOCKBUSTER: THIS IS AMONG THE MOST IMPORTANT THINGS EVER POSTED TO THIS WEB SITE.

    You have heard this before on this web site (7 years ago to be exact) so why is it important?

    Because this post, by an Intel engineer, proves my background and credibility.

    This post, by an Intel engineer, proves that I am an order of magnitude past Snowden (and I am, I was way far above his position at the NSA.)

    It destroys every troll that ever posted sh*t against my credibility or this web site.

    Who else has ever had validation like this SEVEN WHOLE YEARS AFTER BEING THE FIRST TO SAY IT?

    Wired and others had somewhat similar posts five years AFTER I said it, and they probably simply re-worded what I posted because that is what happens when anyone is that far ahead.


    A few people were skeptical when I said this latest bug was corevpro related and nothing to do with what they claimed, and that it did not affect AMD. And I am right. and did not get it from anywhere other than my background. DEAR TROLLS, READ IT AND WEEP, This was posted to Intel's own web site, by a programmer gone rogue:



    I CAN RIGHTFULLY CLAIM FULL CREDIT FOR BEING THE VERY FIRST WHISTLEBLOWER ON THIS TOPIC. ANYONE WHO BACK STABS MY WORK, OR CLAIMS I AM NOT NSA IS FULL OF ****.

    HOW ELSE WOULD I KNOW THIS SO FAR AHEAD OF ANYONE ELSE?

    ANYONE WHO HAS KNOWN ABOUT THIS SITE FOR A WHILE HAS SEEN ME POST ABOUT THIS FOR ALL OF THIS DECADE.

    HOW THE HELL DID I KNOW?


    AND NOW THAT AN INTEL PROGRAMMER HAS SAID IT, LET THERE BE NO DOUBT:
    IF YOU HAVE AN I SERIES PROCESSOR, YOU BOUGHT A WEAPON INTENTIONALLY SET UP TO DESTROY YOU, IT BELONGS IN THE TRASH, NOWHERE ELSE, AND THERE IS NOT A SINGLE GOD DAMN OPERATING SYSTEM PATCH THAT WILL EVER, AND I MEAN EVER FIX IT.
    Furthermore, ALL Intel processors since Centrino have had their development managed from Israel, and many were developed entirely in Israel. Does that wash right with you?

    OK, LET ME GIVE YOU THE SMALL TEXT DETAILS: If you run a large corporation, and you have competitors that are Jewish, they have raped all data on all I series processors your business owns and stolen every last contact, secret, strategy, and tech development your company has ever sent across them.

    More importantly, this programmer that just blew the whistle does not know the problem extends to other Intel processors outside the I series (which he was cleared to know about), and includes anything that has Centrino tech that made it into everything, including the lowly Celeron and Core2.

    There is a cold hard reason why the Jews have suddenly taken it all over the last decade, and this is exactly it. It is not only the NSA that can rape you, all of the back doors were handed straight to all the Jews who became billionaires and trillionaires, and Israeli intelligence also.


    I really hate to tell people this, but if you have ANY Intel processor that is newer than Pentium 4, it is risky, and any Intel processor Core2 forward belongs straight in the trash. You are murdering your business if you use them and you are NOT JEWISH.

    This pyramid graphic, done in 2012 is DEAD ACCURATE, it was not just a joke!:


    [Odin's Eye]

    The damage Intel inflicted on you goes far beyond the value of the computers you purchased. It includes ALL the work you ever did on them.

    Intel needs to be disbanded for this, a class action lawsuit simply can't pay people back the damage done. And yes, now the Jews really do own it all - look it up! and it is NOT because they were "better".
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  2. The Following 10 Users Say Thank You to Hervé For This Post:

    Bill Ryan (21st January 2018), Ewan (21st January 2018), Foxie Loxie (22nd January 2018), KiwiElf (21st January 2018), Lettherebelight (5th October 2018), Michelle Marie (4th May 2018), petra (22nd January 2018), Sequoia (21st January 2018), ThePythonicCow (21st January 2018), wisky (21st January 2018)

  3. Link to Post #22
    Scotland Avalon Member Ewan's Avatar
    Join Date
    24th February 2015
    Location
    Ireland
    Age
    62
    Posts
    2,435
    Thanks
    51,899
    Thanked 18,953 times in 2,389 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Likes blowing his own trumpet, but that aside I fully believe it.
    Also easily dismissed as an anti-semetic rant by a huge swathe of casual grazers.

  4. The Following 5 Users Say Thank You to Ewan For This Post:

    Bill Ryan (22nd January 2018), Foxie Loxie (22nd January 2018), Hervé (21st January 2018), Lettherebelight (5th October 2018), Michelle Marie (4th May 2018)

  5. Link to Post #23
    France On Sabbatical
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    16,763
    Thanks
    60,315
    Thanked 95,891 times in 15,481 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Quote Posted by Ewan (here)
    Likes blowing his own trumpet, but that aside I fully believe it.
    [...]
    I guess it's a "pressure" release from all the trolling "Blitzkriegs" he suffered - and still is - for over 7 years from his former NSA "colleagues."

    Here is his update on that subject:
    I am now using a very old AMD laptop.

    Read the post about Intel and you'll understand why. I am still a little paranoid, but this laptop is a 2009 model and that is going to be better than anything new, even if it is AMD.

    With Knoppix I can't notice any performance issues. I picked it up "broken" for cheap. Knoppix automatically determines what is wrong and boots anyway, it seems to run perfect.
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  6. The Following 5 Users Say Thank You to Hervé For This Post:

    Bill Ryan (22nd January 2018), Ewan (22nd January 2018), Foxie Loxie (22nd January 2018), Michelle Marie (4th May 2018), petra (22nd January 2018)

  7. Link to Post #24
    France On Sabbatical
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    16,763
    Thanks
    60,315
    Thanked 95,891 times in 15,481 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Update from Jiim Stone:
    January 22 2018

    EFFECTIVE IMMEDIATELY: INTEL WARNS EVERYONE TO NOT INSTALL MELTDOWN FIXES

    Gee, I wonder why. Perhaps because there is no legit fix so why bother!

    I am not going to link the article because it ends with a hideous lie. However, the article at least reveals
    ALL PATCHES ARE FIRMWARE PATCHES, NOT SOFTWARE PATCHES, WHICH PROVES WITHOUT QUESTION I WAS RIGHT ALL ALONG - INTEL GOT BUSTED FOR VULNERABILITIES RELATED TO ITS VPRO CORE AND ANYTHING THAT HAD CENTRINO TECH ROLLED INTO IT, WHICH MEANS CORE2, I SERIES, AND ANYTHING ELSE (EVEN THE ATOM AND CELERON) RELEASED AFTER 2008. THIS BUG IS NOW IN PRACTICALLY EVERYTHING iNTEL.
    Software patch? MY ***!!!

    None of the fixes can possibly work, because they are like trying to attach a fifth piston in a 4 cylinder engine.

    Intel processors are designed to function fully subservient to the NSA and now that they got busted for it, there is nothing they can do to fix it!

    The "patch", which has now been revealed to try to fix the problem by tweaking the BIOS (and not the operating system, that was a lie all along and I said that all along because I knew it all along) causes the computers that get them to behave like they are drunk, with random crashes, reboots, and total general instability and for some reason, once the "patch" is applied, it cannot be undone because it screws the BIOS. CUTE.
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  8. The Following 3 Users Say Thank You to Hervé For This Post:

    Bill Ryan (29th January 2018), Michelle Marie (4th May 2018), petra (24th January 2018)

  9. Link to Post #25
    France On Sabbatical
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    16,763
    Thanks
    60,315
    Thanked 95,891 times in 15,481 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    To summarize, from Jim Stone:
    January 22/23 2018

    After this latest processor debacle, I backed up to using a 10 year old AMD laptop to do this web site. It works GREAT with Knoppix, I am not having any performance issues at all, not even with graphics creation. I never got any dirt on AMD but am being careful anyway.

    I am going to quickly go over the real reason Intel is having problems (again) for those who do not know.

    I have mentioned numerous times over the last 7 years how Intel intentionally put back doors, for the NSA, into all their processors.

    Problem:
    Someone inside the NSA did a job 500X worse than Snowden, and released all the hackware that exploits these back doors to the general public 8 months ago.

    I did a short report on it and left it at that. The media stayed predominantly silent because it was not any sort of snowden game, it was real damage. All the world's hackers have these tools now, and the "wrong people" are now getting hacked.

    So a huge stupid reason that blamed all processors for the "problem" was made up and a dream story about some idiot reading "thousands of pages of Intel processor manuals" and finding the bug was made up.

    But I knew that was a lie (intrinsically simply knew) because I knew about the prior enormous breach at the NSA and know how much American intelligence lies and back stabs. They'll drag AMD and ARM into this just to cover up a pet project they had going with Intel. I was waiting for this to happen, because it had to.

    Low and behold, through a screwed up press release, they admitted that the problem was not how the processors write to memory WHEN THEY STATED THE FIX MADE CHANGES TO THE BIOS THAT [is] NOW CAUSING ENORMOUS PROBLEMS WITH INTEL PROCESSORS THAT RECEIVED THE PATCH.

    If it was a memory caching issue, that would be handled by a patch to operating systems (as the original lie stated), NOT THE BIOS (which the "fix" actually ended up being for.)

    By modifying the bios they can instruct parts of the computer to not work, (thereby "fixing" the problem,) but the holes in the system are so huge that the processors can't properly cope with closing them.

    As it is beginning to turn out, the problem is not fixable, and any server, desktop or laptop anywhere can be raped on a whim.

    It will never be possible for me to secure the message window, Ebay can't secure their stuff, NOTHING can be secured and the world is now at the mercy of not only the intelligence agencies, but now also random hackers. Th[is] report explains how, and what the real solution to the problem is.

    The real solution to a permanent fix:
    BECAUSE I HAVE ALWAYS BEEN A STEP AHEAD WITH THIS, I WILL NOW, AHEAD OF EVERYONE ELSE, ON JANUARY 22 2018 ANNOUNCE A GENUINE FIX FOR INTEL'S PROBLEM:

    Obviously, you'll have your AMD machine ready with all your files before you implement the fix. I'd mothball the Intel or give it to the kids. You can still take parts out of it if you don't smash it.
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  10. The Following 3 Users Say Thank You to Hervé For This Post:

    Bill Ryan (29th January 2018), Michelle Marie (4th May 2018), petra (24th January 2018)

  11. Link to Post #26
    France On Sabbatical
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    16,763
    Thanks
    60,315
    Thanked 95,891 times in 15,481 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Now, for a little corroboration from Linus Torvalds:

    Linux creator blasts Intel over 'garbage' fix for critical CPU bug

    RT
    Tue, 23 Jan 2018 18:36 UTC


    © Ralf Hirschberger / Global Look Press

    Patches released by Intel Corp. to fix highly malicious Spectre and Meltdown vulnerabilities affecting its CPUs turned out to be faulty, the company admitted, urging customers to stop installing them until further notice.

    Earlier this month, security researchers at Google Project Zero disclosed that data processed by the majority of modern CPUs, be they desktop computers or smartphones, could be vulnerable to critical exploits they called 'Spectre' and 'Meltdown.' Tech companies reportedly had months to prepare, and since the public announcement of the vulnerabilities, Intel released at least three patches - before discovering that their fix led some PCs to reboot unexpectedly.

    On Monday, Intel announced that it "identified" the"root cause" of the problem and will soon send out another patch to fix the faulty fix. The technology giant also provided a list of Intel-based platforms that are impacted by the issue.

    "We have now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it," Intel Executive Vice President Navin Shenoy said in a blog post, adding that the company already provided the patch to its partners to check if the solution was found. "We will make a final release available once that testing has been completed."

    In the meantime, the company advised "OEMs, cloud service providers, system manufacturers, software vendors and end users" to stop using the available versions of the patch, "as they may introduce higher than expected reboots and other unpredictable system behavior."

    The inability to properly fix the problem for weeks after the security researchers released documentation of critical vulnerabilities in modern processors used in practically every computer and smartphone around the world, has sparked major criticism in the high tech industry. Linus Torvalds, who pioneered the Linux family of operating systems, could not contain his anger. He believes Intel has not done enough to shield its users from Meltdown and Spectre hardware-based bugs that could potentially allow hackers to steal any data, including passwords, personal photos, and emails.
    "As it is, the patches are COMPLETE AND UTTER GARBAGE," Torvalds said in a message posted to the Linux kernel mailing list on Sunday.
    "All of this is pure garbage. Is Intel really planning on making this sh*t architectural?" he asked. "Has anybody talked to them and told them they are f*cking insane? Please, any Intel engineers here - talk to your managers."
    Torvalds said that the best possible solutions for the company would be to recall two decades worth of products and to give everyone free CPUs. But instead, Intel is trying to avoid huge losses and further damage to its reputation, and intends to continue shipping flawed hardware with software protection which will be turned off by default, he explained.
    "The whole IBRS_ALL feature to me very clearly says 'Intel is not serious about this, we'll have a ugly hack that will be so expensive that we don't want to enable it by default, because that would look bad in benchmarks,'" Torvalds wrote.

    "So instead they try to push the garbage down to us. And they are doing it entirely wrong, even from a technical standpoint."
    Last edited by Hervé; 23rd January 2018 at 20:23.
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  12. The Following 6 Users Say Thank You to Hervé For This Post:

    Bill Ryan (29th January 2018), Foxie Loxie (23rd January 2018), Matthew (23rd January 2018), Navigator (24th January 2018), onevoice (24th January 2018), ThePythonicCow (24th January 2018)

  13. Link to Post #27
    France On Sabbatical
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    16,763
    Thanks
    60,315
    Thanked 95,891 times in 15,481 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Some fallouts from that Intel world invasion, from Jim Stone:

    Jan 24 2018

    We are probably all in much worse trouble than we think

    What happened yesterday was very strange

    I don't know if we can win.

    The breach in Intel processor security is so complete, and very evil people are exploiting it on countless servers everywhere.

    Here's what happened yesterday, probably as a result of the breach, and this is not a guess, it happened:
    Alex Jones got the real FISA memo, which would put Clinton & Co in jail.

    He tried posting it, and got more than one computer fried. I don't know exactly how many, I just know it was more than one. But he did manage to get it put up.

    Then I tried to access it, and this computer shut down.

    I got it started again and everything was scrambled - only parts of what the computer was supposed to do worked (for example, it booted but with system monitor I could not look at bandwidth, it was gone, I could not look at open processes, they were gone, and I could not do screen captures, that did not work . . . .


    And I tried to access the Fisa document again and BOOM, shut down.

    I tried a couple more times, and then something on the side of the computer burned me. I realized the flash drive with Knoppix on it was now getting so hot it could burn. If that was a real hard drive (from whatever they did to get it to get so hot) there's little question it would have fried.

    So finally, after about 40 minutes of getting shut down and rebooting I managed to get back to the Fisa memo again and it worked without a hitch, and was old outdated crap I saw the day before. Someone switched it. Alex probably does not have the real document anymore but it is a damn safe bet he did. Today, there's not jack squat out there, Fisa is not being discussed anywhere on social media. Obviously blown off the web by AI

    The flash drive survived, but ran hot the rest of the day yesterday. Today everything is normal.
    So it is obvious that even if the FISA memo does get released, the shadow state, which owns everything now, probably won't let it be read. I don't consider what happened to this computer yesterday to be any sort of actual breach, because when you hit things on the web you are at the mercy of whatever you bring in. There is no way to avoid that.
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  14. The Following 7 Users Say Thank You to Hervé For This Post:

    Bill Ryan (29th January 2018), Foxie Loxie (24th January 2018), KiwiElf (29th January 2018), Lettherebelight (5th October 2018), onevoice (24th January 2018), petra (24th January 2018), thunder24 (24th January 2018)

  15. Link to Post #28
    Canada Avalon Member
    Join Date
    7th July 2016
    Location
    Newfoundland, Canada
    Age
    44
    Posts
    1,549
    Thanks
    5,933
    Thanked 5,372 times in 1,413 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Wow... Linus Torvalds is actually swearing!

    I like the hammer solution. Who says violence doesn't solve anything? ;-)

  16. The Following 3 Users Say Thank You to petra For This Post:

    Foxie Loxie (24th January 2018), Hervé (24th January 2018), Lettherebelight (5th October 2018)

  17. Link to Post #29
    France On Sabbatical
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    16,763
    Thanks
    60,315
    Thanked 95,891 times in 15,481 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Recent AMD CPUs are apparently also wired to call home...

    From Jim Stone:
    About this old AMD laptop -

    This is actually important.

    It appears the older AMD cpu's use far less bandwidth online than the new ones do. This would strongly indicate that the newer ones are bugged, but I never got information to prove it.

    Here's the scenario:

    Since the Fukushima report, I worked on the same AMD A6 I bought in 2011 right when I discovered that the Fukushima report resulted in permanent disaster. I took the cash I had on hand and bought a decent laptop to get me through it. Finally, after almost 7 years of being an absolute battleship, it gave symptoms of instability so I figured I'd replace it.

    I bought an AMD A8 that was in the same quality range. I figured I'd give the Microsoft OS a chance, but quickly discovered it was eating 300+ megs a day.

    THAT was a problem.

    So I switched it over to Mint, and it still ate just as much bandwidth. The old A6 never ate that much bandwidth. So then I switched to Knoppix, and the bandwidth usage dropped by about 40 percent. I figured I probably solved the problem with Knoppix.

    Evidently I did not.


    Two weeks ago for some reason I walked into a pawn shop that had gotten ahold of the garbage totally non functioning computers a company abandoned, and they had a few old AMD laptops in the mix. I bought one for about $15 USD, and discovered that the mother board needed to be baked. That's iffy, so I figured I'd go back and get another one so I'd have two chances. The second one was alive, with no hard disc. So I put one of the Knoppix live flash drives in it and BOOM, IT WORKED PERFECT. So I have been using that.

    This is VERY IMPORTANT:
    This AMD laptop is from 2010, and with Knoppix on it, it is eating less than half the bandwidth as the new AMD laptop purchased in 2017, doing the exact same work.
    How important is that? All you need to do to get the answer is ask one simple question:
    For what possible reason would the EXACT SAME OS use twice as much bandwidth on one computer as it does on another, when there is absolutely no perceivable difference in performance?
    I am not using less "because the new one is slow," it is NOT slow. I can't tell the difference between the new one and this old one. Why would the old one be eating a lot less internet?

    Obviously the new AMD processors have back doors in them, and the NSA does not give a crap about how much they increase bandwidth usage because they are assuming things are so fast now anyway that no one will notice.

    PROBLEM:
    When you are like me, on a limited connection, having the expertise to actually monitor what the * is going on, it is PRETTY DAMN OBVIOUS.
    So I'll get a stack of those computers and start baking motherboards . . . . .
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  18. The Following 6 Users Say Thank You to Hervé For This Post:

    Bill Ryan (29th January 2018), Foxie Loxie (29th January 2018), KiwiElf (29th January 2018), Navigator (29th January 2018), onevoice (29th January 2018), ThePythonicCow (29th January 2018)

  19. Link to Post #30
    Canada Avalon Retired Member
    Join Date
    17th December 2017
    Age
    50
    Posts
    76
    Thanks
    236
    Thanked 341 times in 74 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    ^^ unfortunately that is not a very scientific test at all. "eating megs" isn't IT terminology at all for anything. and if he has the expertise he said he would be describing exactly what is happening. There's tools to monitor port activity, what processes are having activity, what they are accessing / controlling, etc, and can provide pretty good detail to exactly what would be going on ... I wish he could actually do this, as this is what is really needed to draw proper conclusions.

    All the "A" series APUs from AMD are at an end, they are now replaced by the Zen based mobile and desktop APUs which is a 100% completely different architecture - not even close to the same as the "bulldozer based" APUs (A-series - which appear to have been potentially susceptible to meltdown and var2, unlike the Zen processors). Did AMD give up their back door for the Zen based processors? Tune in next week for more!

  20. The Following 3 Users Say Thank You to Navigator For This Post:

    Bill Ryan (30th January 2018), Foxie Loxie (29th January 2018), Hervé (29th January 2018)

  21. Link to Post #31
    United States Administrator ThePythonicCow's Avatar
    Join Date
    4th January 2011
    Location
    North Texas
    Language
    English
    Age
    76
    Posts
    28,581
    Thanks
    30,501
    Thanked 138,435 times in 21,490 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Quote Posted by Navigator (here)
    ^^ unfortunately that is not a very scientific test at all. "eating megs" isn't IT terminology at all for anything.
    What Jim Stone wrote on this seemed clear enough to me. He's on a metered cell data plan, and pays close attention to how many bytes he downloads each month, in order to keep within his monthly data limits. Running the same software (Knoppix, a variant of Linux) on an older AMD platform ate up less of his data allotment than running it on newer hardware platforms.

    What I can't tell, nor can Jim tell, is whether that difference is due to some adaptive kernel or background service software in his Knoppix install, or due to covert backdoors in the underlying hardware on newer platforms. Certainly, there are select bits and pieces of software running in any such Linux, Windows or MacOS installation that are aware of the processor type and speed, and of the memory size and speed, and that may choose to adapt their running based on some of those details.

    If I didn't have other things to do with my time (a blatantly false premise) then I might connect a variety of such devices, new and old AMD and Intel systems, all running perhaps Knoppix or other such minimalist software through a separate configurable firewall system that I could setup to track and record the data traffic volumes, per IP and protocol. Then I could identify and track down what differences there might be.

    Personally, I'd prefer a lean Gentoo system over Knoppix, with the Gentoo configured to have no SystemD, and no Display Manager either. However, building such custom variants of Gentoo is rather like deciding you want to drive to work or to the store, but don't like any of the pre-built cars available, so first you build your own car, out of parts you have laying around, or buy at the car parts store, or machine yourself, or find at the junk yard. This is not for the faint of heart.

    Personally, and presently, I am at least as worried about the insidious nature of SystemD, which is in Knoppix, since Knoppix is Debian based, and Debian adapted SystemD some three to four years ago now.

    Knoppix is an operating system based on Debian designed to be run directly from a CD / DVD (Live CD) or a USB flash drive (Live USB) [Ref. Wikipedia for Knoppix].
    I've spent many, many hours rebuilding my home PC to not use SystemD. But at the same time, in the summer of 2017, an upgrade of CentOS, the operating system used on our Avalon Forum web server, forced SystemD on to ProjectAvalon.net. One step forward, one step backward.
    However my SystemD concerns probably don't explain what Jim Stone is observing, since he's running the same Knoppix, with I presume the same SystemD, on different hardware, and getting different results. I said "probably", because of the possibility, noted above, that (1) something in his Knoppix installation is adapting to running on older, slower, AMD hardware in a way that reduces network traffic, and (2) that something is dependent on or a part of SystemD.
    Last edited by ThePythonicCow; 29th January 2018 at 19:18.
    My quite dormant website: pauljackson.us

  22. The Following 5 Users Say Thank You to ThePythonicCow For This Post:

    Bill Ryan (30th January 2018), Foxie Loxie (29th January 2018), Hervé (29th January 2018), Navigator (30th January 2018), onevoice (29th January 2018)

  23. Link to Post #32
    Canada Avalon Retired Member
    Join Date
    17th December 2017
    Age
    50
    Posts
    76
    Thanks
    236
    Thanked 341 times in 74 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Quote Posted by Paul (here)
    Quote Posted by Navigator (here)
    ^^ unfortunately that is not a very scientific test at all. "eating megs" isn't IT terminology at all for anything.
    What Jim Stone wrote on this seemed clear enough to me. He's on a metered cell data plan, and pays close attention to how many bytes he downloads each month, in order to keep within his monthly data limits. Running the same software (Knoppix, a variant of Linux) on an older AMD platform ate up less of his data allotment than running it on newer hardware platforms.

    Thanks for the extra details. I would still prefer "scientific" over "clear". I would have liked to see the extra work that you indicated to parse out more of the variables. If there is something to this, at some where in the process we should be able to have good repeat-ability. If there really is a "back door" that just starts sending data out at will, with modern IT tools, it shouldn't be that hard to find, and consistently.
    Last edited by ThePythonicCow; 30th January 2018 at 01:09. Reason: trim quoted material

  24. The Following 3 Users Say Thank You to Navigator For This Post:

    Bill Ryan (30th January 2018), Foxie Loxie (30th January 2018), ThePythonicCow (30th January 2018)

  25. Link to Post #33
    France On Sabbatical
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    16,763
    Thanks
    60,315
    Thanked 95,891 times in 15,481 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Hmmm... what's not "scientific" about empirical data collected, a theory/hypothesis derived from the observed data and which can be verified/falsified by any experimenter the world round?

    That's different than all the technical data of the size and thread specifications of the nuts and bolts included in patent submissions.

    Addendum from Jim:
    [...]

    Obviously the new AMD processors have back doors in them, and the NSA does not give a crap about how much they increase bandwidth usage because they are assuming things are so fast now anyway that no one will notice.


    PROBLEM:
    When you are like me, on a limited connection, having the expertise to actually monitor what the * is going on, it is PRETTY DAMN OBVIOUS.

    So I'll get a stack of those computers and start baking motherboards . . . . .

    Here is my new computer recommendation:
    Though it appears the old A6 did not have back doors, due to the fact that it is quite obvious some A series computers are bugged, to keep it simple, here it is:

    Any AMD system produced prior to Amd's A series that at least has a 64 bit processor, 2 gigs of ram, and Knoppix.

    SECONDARY:
    Most likely, due to experience with this, any of the original A series computers that were produced up until definitely mid 2012, and probably through 2013.

    I have no information on when the bugs went into the AMD processors, but it is obvious that they are there with the newer processors because the bandwidth usage I am seeing with an up to date processor proves it.

    It took the perspective of using an identical OS with a new one and an old one to prove it.

    SAME FLASH DRIVE, SAME OS, DOUBLE THE BANDWIDTH USAGE WITH THE NEW PROCESSOR.


    Fortunately, since Knoppix has no stifleware (it does not get crippled with so called "updates",) old computers run extremely well with it, so well I can't tell the difference, not even with graphics production.
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  26. The Following 4 Users Say Thank You to Hervé For This Post:

    Bill Ryan (30th January 2018), Foxie Loxie (30th January 2018), Navigator (30th January 2018), ThePythonicCow (30th January 2018)

  27. Link to Post #34
    United States Administrator ThePythonicCow's Avatar
    Join Date
    4th January 2011
    Location
    North Texas
    Language
    English
    Age
    76
    Posts
    28,581
    Thanks
    30,501
    Thanked 138,435 times in 21,490 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Quote Posted by Navigator (here)
    Thanks for the extra details. I would still prefer "scientific" over "clear". I would have liked to see the extra work that you indicated to parse out more of the variables. If there is something to this, at some where in the process we should be able to have good repeat-ability. If there really is a "back door" that just starts sending data out at will, with modern IT tools, it shouldn't be that hard to find, and consistently.
    I would suggest that we not reject honest reports (which I take Jim's reports here to be) because they are not as complete, consistent and scientific as can be imagined.

    Do not ask others, nor yourself, to be silent unless they can be experts on whatever they report.

    Rather welcome honest reports of matters also of interest to ones self, and together we will improve our awareness and understanding.
    My quite dormant website: pauljackson.us

  28. The Following 4 Users Say Thank You to ThePythonicCow For This Post:

    Bill Ryan (30th January 2018), Foxie Loxie (30th January 2018), Hervé (30th January 2018), Navigator (30th January 2018)

  29. Link to Post #35
    UK Avalon Founder Bill Ryan's Avatar
    Join Date
    7th February 2010
    Location
    Ecuador
    Posts
    34,268
    Thanks
    208,995
    Thanked 457,534 times in 32,788 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    You know, I can understand what Navigator is saying. Jim's [honest!] report says he's suddenly incurring twice as much bandwidth. His hypothesis (his ONLY hypothesis) to explain this is that his processor is sending back a lot of data to the intel agencies.

    This is pretty important.
    1. How can this hypothesis be tested?
    2. Are there any other hypotheses?
    That would be scientific.

  30. The Following 3 Users Say Thank You to Bill Ryan For This Post:

    Foxie Loxie (30th January 2018), Navigator (30th January 2018), ThePythonicCow (30th January 2018)

  31. Link to Post #36
    France On Sabbatical
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    16,763
    Thanks
    60,315
    Thanked 95,891 times in 15,481 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    For a background of Jim's history with his struggle to keep his expensive bandwidth cost, low; check this thread:

    Tip For Computers Exhibiting Symptoms of Having a Mind of Their Own
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  32. The Following 4 Users Say Thank You to Hervé For This Post:

    Bill Ryan (30th January 2018), Foxie Loxie (30th January 2018), Navigator (30th January 2018), ThePythonicCow (30th January 2018)

  33. Link to Post #37
    United States Administrator ThePythonicCow's Avatar
    Join Date
    4th January 2011
    Location
    North Texas
    Language
    English
    Age
    76
    Posts
    28,581
    Thanks
    30,501
    Thanked 138,435 times in 21,490 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Quote Posted by Bill Ryan (here)
    You know, I can understand what Navigator is saying. Jim's [honest!] report says he's suddenly incurring twice as much bandwidth. His hypothesis (his ONLY hypothesis) to explain this is that his processor is sending back a lot of data to the intel agencies.

    This is pretty important.
    1. How can this hypothesis be tested?
    2. Are there any other hypotheses?
    That would be scientific.
    Those are of course legitimate questions. I don't believe I said anything to the contrary, rather I believe I pursued just such analysis in my earlier reply to Navigator.

    I try to accept observations from non-expert witnesses, so long as they are more or less coherent and honest in reporting, in their own terms, what they observed, and I sometimes consider as interesting (before sometimes dismissing as unlikely) their conjectures as to what was behind what they observed.

    In this case I further considered, in an earlier post of mine above, other possible explanations for what Stone observed, such as something in his Knoppix software installation that I could imagine could also account for what he observed.

    But I don't reject Stone's reported observations because his analysis of possible causes was likely incomplete or even incorrect. Navigator's comments that he found Stone's comments "unfortunate" and that he found Stone's "eating Megs" to not be "IT terminology at all for anything", seemed to me to be disparaging not only Stone's analysis, but even his observations. I disagreed, and continue to disagree, with that aspect of Navigator's criticism of Stone's observations.

    My best guess is that Stone's analysis ("the new AMD processors have back doors in them") is correct, but I also figured that there were other possible explanations, involving software behaving differently, depending on whether or not its running on some old, slow, AMD hardware.
    My quite dormant website: pauljackson.us

  34. The Following 4 Users Say Thank You to ThePythonicCow For This Post:

    Bill Ryan (30th January 2018), Foxie Loxie (30th January 2018), Hervé (30th January 2018), Navigator (30th January 2018)

  35. Link to Post #38
    United States On Sabbatical
    Join Date
    30th June 2011
    Location
    The Seat of Corruption
    Age
    44
    Posts
    9,177
    Thanks
    25,610
    Thanked 53,659 times in 8,694 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Quote Posted by Bill Ryan (here)
    You know, I can understand what Navigator is saying. Jim's [honest!] report says he's suddenly incurring twice as much bandwidth. His hypothesis (his ONLY hypothesis) to explain this is that his processor is sending back a lot of data to the intel agencies.

    This is pretty important.
    1. How can this hypothesis be tested?
    2. Are there any other hypotheses?
    That would be scientific.
    this is VERY easy to verify

    use wireshark, capture the ALL the traffic coming in and leaving... ridiculously easy to prove that his postulations are incorrect.

    This is a part of my work description (network forensics), nothing like what he says is happening; there's no way people like me would miss it during incident response cases..... it's low information/understanding paranoia with out solid evidence to back it up.

    I do not like it when people speak in absolutes about things they do not fully understand, it's a form of manipulation and dishonest..... rubs me the wrong way.

    Why does everyone have to be a corey goode these days? the master of everything always? I'm so tired of alt personalities....
    Last edited by TargeT; 30th January 2018 at 12:58.
    Hard times create strong men, Strong men create good times, Good times create weak men, Weak men create hard times.
    Where are you?

  36. The Following 6 Users Say Thank You to TargeT For This Post:

    Bill Ryan (30th January 2018), Foxie Loxie (30th January 2018), KiwiElf (4th May 2018), Navigator (30th January 2018), onevoice (30th January 2018), ThePythonicCow (30th January 2018)

  37. Link to Post #39
    Canada Avalon Retired Member
    Join Date
    17th December 2017
    Age
    50
    Posts
    76
    Thanks
    236
    Thanked 341 times in 74 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Quote Posted by Paul (here)
    I would suggest that we not reject honest reports (which I take Jim's reports here to be) because they are not as complete, consistent and scientific as can be imagined.
    ...
    I believe Jim to be honest about his speculation as well. Without further scientific method it is merely a very rough and very questionable speculation. Not good enough for me to agree with him that that "because X bandwidth is consumed in my anecdote without proper controls, therefore CPUs have backdoors". Especially when developing a protocol that is repeatable to prove this to be true would be so very easy for everyone to be able to test themselves and prove to everyone this, then watch the lawsuits fly.

    I'm just saying this rough speculation doesn't cut it for me. I didn't reject it, per se, I called it inadequate to derive any real conclusion - particularly the one he gave.
    Last edited by Navigator; 30th January 2018 at 17:29.

  38. The Following 3 Users Say Thank You to Navigator For This Post:

    Bill Ryan (30th January 2018), TargeT (30th January 2018), ThePythonicCow (30th January 2018)

  39. Link to Post #40
    France On Sabbatical
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    16,763
    Thanks
    60,315
    Thanked 95,891 times in 15,481 posts

    Default Re: CPU Security Holes affecting Intel and AMD CPUs

    Intel inside, from Jim Stone:

    8 NEW INTEL SECURITY HOLES FOUND

    My [Jim Stone's] pre-comment:

    Gee, if processor performance was reduced by 40 percent after patching the first two, after these 8 get patched, maybe everyone WILL be interested in a Nut-Yahoo TRS-80 seminar!

    Also, below this top feature, the real problem with Intel CPU's will be posted.

    The real problem is that all Intel processors ship with MINIX as a root operating system that always runs in the background and it is custom tailored to allow the NSA in, no matter what, and can be flashed with updates (not by the user) the WHOLE 9 YARDS.

    This problem is also in every cell phone CPU, and even in your microwave.

    The NSA data rape was total. As for the new Spectre and Meltdown type problems, The Germans have the report, and it is English.The following is just a small snip.

    "New flaws and even more patches "Spectre Next Generation" is just around the corner. According to information exclusively available to c't, researchers have already found eight new security holes in Intel processors.

    "The vulnerabilities known as Spectre and Meltdown shook the IT world to its foundations: researchers proved that there is a fundamental design flaw in all modern processors with serious repercussions for system security (see c't issue 3/2018). After several patches were released, it seemed everything would be fine after all, although some experts warned that more revelations could follow. But the hope remained that the manufacturers could solve the problem with a few security updates.

    "As it turns out, we can bury that hope. A total of eight new security flaws in Intel CPUs have already been reported to the manufacturer by several teams of researchers. For now, details on the flaws are being kept secret. All eight are essentially caused by the same design problem - you could say that they are Spectre Next Generation.

    "c't has exclusive information on Spectre-NG, which we have been able to verify in several ways - we double and triple checked all the facts. Nonetheless, we will not publish technical details as long as there is still a chance that manufacturers will get their security updates ready before the details of the flaws become public. However, we will use our information to report about future releases of patches and provide background information.

    "Eight new security flaws

    Each of the eight vulnerabilities has its own number in the Common Vulnerability Enumerator (CVE) directory and each requires its own patches. It is likely that each vulnerability will receive its own name. Until then, we will jointly call these flaws Spectre-NG in order to distinguish them from the previously uncovered issues.

    So far we only have concrete information on Intel's processors and their plans for patches. However, there is initial evidence that at least some ARM CPUs are also vulnerable. Further research is already underway on whether the closely related AMD processor architecture is also susceptible to the individual Spectre-NG gaps, and to what extent.

    "Intel is already working on its own patches for Spectre-NG and developing others in cooperation with the operating system manufacturers. According to our information, Intel is planning two waves of patches. The first is scheduled to start in May; a second is currently planned for August.

    "Knowing that Google Project Zero discovered one of the Spectre-NG flaws gives us an idea of when to expect the first patch. Googles elite hackers are scrupulous about observing the 90 day deadline that is meant to give companies time to address flaws after they have been notified - but they have no qualms about going public when the deadline ends, even if a patch has yet to be released. Time will run out on May 7 - the day before the next Windows patch day. Intel itself expects that information about a second flaw could be published any day now. Therefore, we can expect to see patches for these two vulnerabilities sooner rather than later."

    Here is the real problem with Intel CPU's

    Surprisingly, ZD Net had the guts to publish this

    Maybe you're not paranoid. Maybe they are out to get you. Ronald Minnich, a Google software engineer, who discovered a hidden MINIX operating system inside "kind of a billion machines" using Intel processors, might agree with this. Why? Let's start with what Matthew Garrett, the well-known Linux and security developer who works for Google, explained recently that:
    "Intel chipsets for some years have included a Management Engine [ME], a small microprocessor that runs independently of the main CPU and operating system. Various pieces of software run on the ME, ranging from code to handle media DRM to an implementation of a TPM. AMT [Active Management Technology] is another piece of software running on the ME."
    In May, we found out that AMT had a major security flaw, which had been in there for nine -- count 'em -- nine years.
    "Fixing this requires a system firmware update in order to provide new ME firmware (including an updated copy of the AMT code)," Garrett wrote. "Many of the affected machines are no longer receiving firmware updates from their manufacturers, and so will probably never get a fix," he said. "Anyone who ever enables AMT on one of these devices will be vulnerable."
    Quick! How many of you patched your PC or server's chip firmware? Right. Darn few of you. That's bad. It's not every processor, but if you or your hardware vendor has "explicitly enabled AMT", your machine is still vulnerable to attack.

    The Electronic Frontier Foundation (EFF) has called for Intel to provide a way for users to disable ME. Russian researchers have found a way to disable ME after the hardware has initialized, and the main processor has started. That doesn't really help much. ME is already running by then.

    But Minnich found that what's going on within the chip is even more troubling. At a presentation at Embedded Linux Conference Europe, he reported that systems using Intel chips that have AMT, are running MINIX.

    If you learned about operating systems in the late '80s and early '90s, you knew MINIX as Andrew S Tanenbaum's educational Unix-like operating system. It was used to teach operating system principles. Today, it's best known as the OS that inspired Linus Torvalds to create Linux.

    So, what's it doing in Intel chips? A lot. These processors are running a closed-source variation of the open-source MINIX 3. We don't know exactly what version or how it's been modified since we don't have the source code. We do know that with it there:

    MY
    [Jim Stone's] COMMENT:
    During the recent attacks on my hardware, this is what was affected. Permanent bugs were put in the systems, and I could not get rid of them because:
    "the exploits can persist, i.e. be written to FLASH, and you can't fix that"
    These are NSA exploits that got lost to the general public in 2016 when someone in the NSA walked right out of the facility with the exploit software, which was then put on the web. This has been reported on this site several times. The software was up long enough for hackers to get it, and is now sold in shady system hacking suites you can find on the web.

    The NSA is a total asshole for keeping the loss of their software secret, because they just can't give up their ability to totally transparently rape "over a billion cpu's". They'd prefer to have random Joe screwing everyone the way they can than give up their toy.
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  40. The Following 7 Users Say Thank You to Hervé For This Post:

    Bill Ryan (4th May 2018), Foxie Loxie (4th May 2018), KiwiElf (4th May 2018), Michelle Marie (4th May 2018), onevoice (6th May 2018), Star Tsar (5th May 2018), ThePythonicCow (4th May 2018)

+ Reply to Thread
Page 2 of 4 FirstFirst 1 2 4 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts