Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Freeware Forum > Linux

Reply
 
Thread Tools Display Modes
Old 21. Nov 2017, 02:45 PM   #51 (permalink)
Senior Member
 
danielson's Avatar
 
Join Date: Jun 2012
Posts: 1,116
Default

MX-17 b2 is pretty good too!
danielson is offline   Reply With Quote
Old 22. Dec 2017, 10:33 AM   #52 (permalink)
Editor
 
Join Date: Jan 2012
Posts: 686
Default

https://mxlinux.org/mx-17-released-december-15-2017
Panzer is offline   Reply With Quote
Old 13. Jan 2018, 01:53 PM   #53 (permalink)
Copy Editor
 
torres-no-tan-magnifico's Avatar
 
Join Date: Sep 2009
Posts: 1,118
Default

I recently downloaded a patch from Intel re the M & S debacle: https://downloadcenter.intel.com/dow...code-Data-File

After failing to run the patch I noticed today that there was an update for the above-mentioned. I updated the microcode and rebooted my PC.

For peace of mind I would like to run the Spectre & Meltdown Checker, which I have downloaded from here: https://github.com/speed47/spectre-meltdown-checker

Unfortunately, my command line skills aren't great and I have failed to run the .sh script.
I keep getting the 'directory not found' despite running sudo.

Any Linux whizz kids out there that can solve this problem for me?
__________________
(Mx16 + Cx1 + Lx2) + (Tx5 + Nx2 + Bx33)
torres-no-tan-magnifico is offline   Reply With Quote
Old 13. Jan 2018, 05:48 PM   #54 (permalink)
Senior Member
 
danielson's Avatar
 
Join Date: Jun 2012
Posts: 1,116
Default

Hope this tip from GHacks can be of assistance:

Here is how it works:

Open Terminal on the Linux system you want to check.
Type cd /tmp/
Type wget https://raw.githubusercontent.com/sp...own-checker.sh. This downloads the script from the GitHub server.
Type sudo sh spectre-meltdown-checker.sh. This runs the script with elevated privileges.
Type the password.

The script checks each variant individually and lists its finding. If you get “status: vulnerable,” the system is vulnerable to the variant. The checks for Spectre variant 2 and Meltdown reveal additional information.

A system that is vulnerable needs a kernel update to protect against potential attacks exploiting these vulnerabilities.

How you get the kernel update depends on the Linux distribution. You select Menu > Administration > Update Manager in Linux Mint to check for available updates. The kernel is not available yet, however.

Once you run the update, rerun the script to verify that the system is no longer vulnerable.

The Spectre & Meltdown Checker supports the scanning of offline kernels as well. Use the parameter −−kernel vmlinux_file for that and if available −−config kernel_config and −−map kernel_map_file as well
danielson is offline   Reply With Quote
Old 13. Jan 2018, 08:30 PM   #55 (permalink)
Copy Editor
 
torres-no-tan-magnifico's Avatar
 
Join Date: Sep 2009
Posts: 1,118
Default

Many thanks danielson for your reply and link. I managed to get the checker to work, but the result wasn't very good:

CPU is Intel(R) Core(TM)2 Quad CPU Q8400 @ 2.66GHz

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Checking count of LFENCE opcodes in kernel: NO
> STATUS: VULNERABLE (only 23 opcodes found, should be >= 70, heuristic to be improved when official patches become available)

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigation 1
* Hardware (CPU microcode) support for mitigation: NO
* Kernel support for IBRS: NO
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* Mitigation 2
* Kernel compiled with retpoline option: NO
* Kernel compiled with a retpoline-aware compiler: NO
> STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Kernel supports Page Table Isolation (PTI): NO
* PTI enabled and active: NO
> STATUS: VULNERABLE (PTI is needed to mitigate the vulnerability)

A false sense of security is worse than no security at all, see --disclaimer

I'm surprised, as I have installed the latest microcode update and rebooted my PC. I guess I will have to wait for an update for the kernel.

Once again, many thanks.

A vulnerable Torres!
__________________
(Mx16 + Cx1 + Lx2) + (Tx5 + Nx2 + Bx33)
torres-no-tan-magnifico is offline   Reply With Quote
Old 13. Jan 2018, 10:49 PM   #56 (permalink)
Senior Member
 
danielson's Avatar
 
Join Date: Jun 2012
Posts: 1,116
Default

Not good, but hey! The whole world is in this mess!

You might want to read over what MX had this to say about those security issues:
https://mxlinux.org/meltdown-spectre-news
danielson is offline   Reply With Quote
Old 13. Jan 2018, 11:07 PM   #57 (permalink)
Senior Member
 
danielson's Avatar
 
Join Date: Jun 2012
Posts: 1,116
Default

At least check if your browser is safe:
http://xlab.tencent.com/special/spec...tre_check.html

Firefox is good but Chrome based not so sure.
danielson is offline   Reply With Quote
Old 14. Jan 2018, 02:16 PM   #58 (permalink)
Copy Editor
 
torres-no-tan-magnifico's Avatar
 
Join Date: Sep 2009
Posts: 1,118
Default

Thanks for the links: my browser is FF and everything appears ticketyboo with that. Unfortunately, the only patches for MX-16 are 64 bit versions and mine ,of course, is 32 bit.
I'm a tad confused over whether I can use the antiX kernels and if so which one? The only antiX kernel in MX Package Installer is 4.10 32 bit no pae, but the blog link only mentions lower kernel numbering eg 4.9.75, 4.4.109 etc.
Also, for the life of me I can't remember if I have no pae or pae installed!
__________________
(Mx16 + Cx1 + Lx2) + (Tx5 + Nx2 + Bx33)
torres-no-tan-magnifico is offline   Reply With Quote
Old 14. Jan 2018, 03:21 PM   #59 (permalink)
Senior Member
 
danielson's Avatar
 
Join Date: Jun 2012
Posts: 1,116
Default

Search for it my man!
https://askubuntu.com/questions/1283...achine-has-pae

Seems like the intel version of my laptop won't get any updates.
A sign that countless "third world" computers will be at risk for ever?

One way or the other, today it's Sceptre or Meltdown, and tomorrow?
danielson is offline   Reply With Quote
Old 14. Jan 2018, 03:50 PM   #60 (permalink)
Copy Editor
 
torres-no-tan-magnifico's Avatar
 
Join Date: Sep 2009
Posts: 1,118
Default

It appears to be PAE.
__________________
(Mx16 + Cx1 + Lx2) + (Tx5 + Nx2 + Bx33)
torres-no-tan-magnifico is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 11:30 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.