The General Technology Thread

[jamil]

How to keep your data safe from attackers.

Ha! Seagate used to be pretty reliable.

 

[T.Lex]

^^^ Gotta love tech humor.

 

[wtburnette]

Ha! Seagate used to be pretty reliable.

I can remember back in the day when Western Digital had to replace a few batches of hard drives due to contamination. Filters in the clean room were compromised for something similar. Had a ton of drives that Dell had to replace where I worked. All kinds of fun. I can't remember any of the drive manufacturers who have been free of problems of some sort or another through the years.

 

[ArcadiaGP]

Apple admits it slows older iPhones, confirming Geekbench report

 

[WebSnyper]

Apple admits it slows older iPhones, confirming Geekbench report

Seems like they would offer that as something you could turn off if you start having the issue, etc, but seems kind of interesting to "force" the slowdown unless I misread something in that article. They mention the battery replacement in the article, but not sure that then reverses the slow down bit they flipped in the OS based on the model of the phone or not.

 

[ArcadiaGP]

Yeah... be up-front about it, offer it as an option. Doing it like this is shady as ****, and accomplishes exactly what they wanted: People to buy more phones.

And now being sued.

Apple Being Sued for 'Purposefully Slowing Down Older iPhone Models'

 

[ArcadiaGP]

HTC and Motorola say they don’t slow old phones like Apple does

A lawsuit against Apple is launched in France, one of the only countries where planned obsolescence is explicitly illegal

 

[ArcadiaGP]

Apple apologizes for iPhone slowdown drama, will offer $29 battery replacements for a year.

 

[T.Lex]

Scientists Find Alzheimer?s Treatment While Trying To Cure Diabetes « CBS New York

Wasn't sure where else to put this one.

Almost sounds like the Flowers for Algernon drug.

 

[KLB]

Scientists Find Alzheimer?s Treatment While Trying To Cure Diabetes « CBS New York

Wasn't sure where else to put this one.

Almost sounds like the Flowers for Algernon drug.

I hope that pans out. Alzheimer's is one scary disease.

 

[ArcadiaGP]

Potential performance loss for all Intel CPU's from the last decade+, including coffee lake, due to design flaw that must be patched. New buyers beware.

 

[BugI02]

Unfortunately, too late to short INTC

Maybe its a plot to alibi ISP throttling?

 

[WebSnyper]

Potential performance loss for all Intel CPU's from the last decade+, including coffee lake, due to design flaw that must be patched. New buyers beware.

Is it just me or does this URL go to newegg with a list of processors to buy?

Here's another URL with some info: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

 

[ArcadiaGP]

Is it just me or does this URL go to newegg with a list of processors to buy?

Here's another URL with some info: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

yeah sorry, wrong link embedded. The Register has the story

 

[ArcadiaGP]

From NYT's Nicole Perlroth on Twitter.

It's not an Intel problem but an entire chipmaker design problem that affects virtually all processors on the market. The critical flaw allows attackers to dump the entire memory contents off of a machine/mobile device/PC/cloud server/etc.

Two serious threats. The first is isolated to Intel chips, dubbed "meltdown", and affects virtually all Intel microprocessors. The patch, called KAISER, will slow performance speeds by as much as 30%.

The second issue is a fundamental flaw in processor design approach, dubbed Spectre, which is harder to exploit but affects nearly all processors on the market, and has no fix.

Spectre will require a complete re-architecture of the way processors are designed and the threats posed will be with us for an entire hardware lifecycle, likely the next decade.

The basic issue is the age old security dilemma: Speed vs Security. For the past decade, processors were designed to gain every performance advantage. In the process, chipmakers failed to ask basic questions about whether their design was secure.

Meltdown and Spectre show that it is possible for attackers to exploit these design flaws to access the entire memory contents of a machine. The most visceral attack scenario is an attacker who rents 5 minutes of time from an Amazon/Google/Microsoft cloud server and steals data from other customers renting space on that same Amazon/Google/Microsoft cloud server, then marches onto another cloud server to repeat the attack, stealing untold volumes of data (SSL keys, passwords, logins, files etc) in the process..

Meltdown can be exploited by any script kiddie with attack code. Spectre is harder to exploit, but nearly impossible to fix, short of shipping out new processors/hardware. The economic implications are not clear, but these are serious threats and chipmakers like Intel will have to do a full recall-- unclear if there's even manufacturing capacity for this-- OR customers will have to wait for secure processors to reach the market, and do their own risk analysis as to whether they need to swap out all affected hardware.

Intel is not surprisingly trying to downplay the threat of these attacks, but proof-of-concept attacks are already popping up online today, and the timeline for a full rollout of the patch is not clear. And that's just for the Meltdown threat. Spectre affects AMD and ARM too. But judging by stock moves today (Intel down, AMD up), investors didn't know that, taken together, Spectre and Meltdown affect all modern microprocessors

 

[ArcadiaGP]

Oh.

Intel was aware of the chip vulnerability when its CEO sold off $24 million in company stock - Business Insider

 

[ArcadiaGP]

If you're using Chrome go to chrome://flags#enable-site-per-process and enable Strict site isolation

Source: Site Isolation - The Chromium Projects

Some are reporting the Meltdown patch is having very minimal effect, others noticing no slowdowns.

 

[jamil]

https://www.google.com/amp/s/www.cn...ogle-respond-to-intel-chip-vulnerability.html

 

[WebSnyper]

Microsoft security advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

 

[WebSnyper]

Oh.

Intel was aware of the chip vulnerability when its CEO sold off $24 million in company stock - Business Insider

Be interesting to see if that draws any SEC attention. Since he put the "planned selloff" plan in effect on Oct 30, but they knew about the issue since at least June.