'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Someone could suggest me the best program to do this in Opera 12 ?

 

Can you specify?

 

BTW, I just tried this, and it says Firefox and Chrome are not vulnerable?

https://xlab.tencent.com/special/spectre/spectre_check.html
https://www.ghacks.net/2018/01/11/find-out-if-your-browser-is-vulnerable-to-spectre-attacks/

 

I assume this is the equivalent of IE11's tabbed browser processing. Also Google might have already rolled out the Chrome patches that were originally scheduled for 1/23.

 

@itman

Better then look for the characteristics of the processor:

My PC W.10 (2005)

https://ark.intel.com/en/products/2...rocessor-E6700-4M-Cache-2_66-GHz-1066-MHz-FSB

is safe.

I could even disable the Meltdown patch !!!
It seems too simple.

 

I didn't bother to go through the effort to ID them all. I just used Eset's System Cleaner to reset all back to default.

 

I'm not following, are you saying that you are vulnerable? I was running an old version of both Firefox and Chrome, protected with Sandboxie.

 

I know you're trying awfully hard to convince yourself you are not vulnerable .......... Your processor has an internal 4MB L2 cache which indeed would make it vulnerable.

The original Pentium processor only had a small L1 16K cache that was only used internally: https://en.wikipedia.org/wiki/P5_(microarchitecture). Anything after that point had a L2 cache therefore making them vulnerable.

 

If neither are patched, then you are vulnerable. Sandboxie is not going to protect you against these vulnerabilities.

 

But also the wyxchari processor has L2:

https://ark.intel.com/en/products/36331/Intel-Atom-Processor-N270-512K-Cache-1_60-GHz-533-MHz-FSB

and he says it's safe.

 

I assume he has one of the Atom processors listed here:

https://forum.level1techs.com/t/list-of-cpus-most-likely-immune-to-spectre/123128

Assumed is they didn't employ the branch prediction technology all other Intel processors use.

 

Using an old browser that isn't updated anymore isn't a safe approach for combating new and unknown threats?

News at 11, this is brand new information....

 

Yes, I know ( it's not the only browser that I use ). Here in the Forum some users go on to use Opera 12.
I trust my multi layer defense.

 

Like @itman said, sbie will not protect against Spectre. I don't know how or why your outdated browsers would pass the test unless it's flawed. It's best to use an up-to-date browser, and with Chrome enabling site-isolation flag, although not necessarily 100% effective because there could be cache data remaining in memory, will help a great deal. ASLR which helps mitigate browser vulnerabilities can be bypassed by Spectre, so that's especially a good reason to keep it updated.

EDIT

It's also being advised to clear browser data when finished and really important to log off so your session token is destroyed.

 

My HP ProBook 6460b was meant to be receiving a BIOS update on the 19th. HP now say it will be released on the 24th.
https://support.hp.com/us-en/document/c05869091

 

Sigh... I can't see my 12 month old HP Desktop machine listed there either, so I guess it won't get a patch.

 

That's a shame, that they are not supporting such a recent model.

 

Strange, because I've received a heap of 'Optional' driver updates since it ran out of warranty on the 27th December.

 

What about Bios?
https://support.hp.com/au-en/driver...100-desktop-pc-series/12079675/model/14183327

 

The BIOS updates on that page were released last year.

 

Thanks anon.

I was offered F.31 toward the end of last year but after your post I checked and F.34 was available. Sadly though, as @roger_m said, it doesn't help with these vulnerabilities, and worse, this tool shows it is still vulnerable to another earlier bug too.

#22

 

To clarify, I know that Sandboxie won't protect against this, but I wanted to give info about my config. I also think it's weird that both FF and Chrome were not vulnerable, but it might be because of the method that this test uses to exploit the browser, who knows.

 

@itman

The comments below are clear:

https://www.techarp.com/guides/complete-meltdown-spectre-cpu-list/5/#comments

TH.


https://www.techarp.com/articles/intel-amd-arm-cpu-bug-4/

__________________________________________________________________________________________

It is also possible to verify that every CPU in the list has no FSB.
So FSB could be the parameter that lets you know if your CPU is safe.

 

I’ve never heard of Techarp. How trustworthy are they?

Reason for asking: my PC also has a Core 2 Duo and I’m still under the impression it is vulnerable.

 

https://www.intel.com/content/www/u...side-channel-analysis-and-intel-products.html