from the damned-if-you-do-and-damned-if-you-don't dept.
Computerworld has just posted a story warning that you should immediately hold off installing any of Intel's Meltdown/Spectre microcode fixes.
From Belay That Order: Intel Says you Should NOT Install its Meltdown Firmware Fixes:
The warning, which encompasses just about every Intel processor out there, from all PC manufacturers, takes effect immediately. And there's no indication when it will get fixed.
You know how you're supposed to flash the BIOS or update the UEFI on all of your Intel machines, to guard against Meltdown/Spectre? Well, belay that order, private! Intel just announced that you need to hold off on all of its new patches. No, you can't uninstall them. To use the technical term, if you ran out and applied your Intel PC's latest firmware patch, you're hosed.
In what appears to be a catastrophic curtain call to the "oops" moment that I discussed ten days ago, it now seems that the bright, new firmware versions — which Intel has had six months to patch — have a nasty habit of causing "higher system reboots."
According to executive vice president Navin Shenoy, on the Intel Newsroom site, the current advice is:
We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior.
And that covers just about everybody in the sentient non-ARM universe.
While the affected products site[*] doesn't list individual chips, the breadth of the recall is breathtaking — second-, third-, fourth-, fifth-, sixth-, seventh- and eighth-generation Core processors, Xeon, Atom, and lesser Core i3, i5 and i7 processors — they're all in the bin.
From Intel Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners:
As we start the week, I want to provide an update on the reboot issues we reported Jan. 11. We have now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it. Over the weekend, we began rolling out an early version of the updated solution to industry partners for testing, and we will make a final release available once that testing has been completed.
Based on this, we are updating our guidance for customers and partners:
- We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior. For the full list of platforms, see the Intel.com Security Center site.
- We ask that our industry partners focus efforts on testing early versions of the updated solution so we can accelerate its release. We expect to share more details on timing later this week.
- We continue to urge all customers to vigilantly maintain security best practice and for consumers to keep systems up-to-date.
[*] Intel's updated security advisory lists the affected processors:
The following Intel-based platforms are impacted by this issue. Intel may modify this list at a later time. Please check with your system vendor or equipment manufacturer for more information regarding updates for your system.
- Intel® Core™ i3 processor (45nm and 32nm)
- Intel® Core™ i5 processor (45nm and 32nm)
- Intel® Core™ i7 processor (45nm and 32nm)
- Intel® Core™ M processor family (45nm and 32nm)
- 2nd generation Intel® Core™ processors
- 3rd generation Intel® Core™ processors
- 4th generation Intel® Core™ processors
- 5th generation Intel® Core™ processors
- 6th generation Intel® Core™ processors
- 7th generation Intel® Core™ processors
- 8th generation Intel® Core™ processors
- Intel® Core™ X-series Processor Family for Intel® X99 platforms
- Intel® Core™ X-series Processor Family for Intel® X299 platforms
- Intel® Xeon® processor 3400 series
- Intel® Xeon® processor 3600 series
- Intel® Xeon® processor 5500 series
- Intel® Xeon® processor 5600 series
- Intel® Xeon® processor 6500 series
- Intel® Xeon® processor 7500 series
- Intel® Xeon® Processor E3 Family
- Intel® Xeon® Processor E3 v2 Family
- Intel® Xeon® Processor E3 v3 Family
- Intel® Xeon® Processor E3 v4 Family
- Intel® Xeon® Processor E3 v5 Family
- Intel® Xeon® Processor E3 v6 Family
- Intel® Xeon® Processor E5 Family
- Intel® Xeon® Processor E5 v2 Family
- Intel® Xeon® Processor E5 v3 Family
- Intel® Xeon® Processor E5 v4 Family
- Intel® Xeon® Processor E7 Family
- Intel® Xeon® Processor E7 v2 Family
- Intel® Xeon® Processor E7 v3 Family
- Intel® Xeon® Processor E7 v4 Family
- Intel® Xeon® Processor Scalable Family
- Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
- Intel® Atom™ Processor C Series
- Intel® Atom™ Processor E Series
- Intel® Atom™ Processor A Series
- Intel® Atom™ Processor x3 Series
- Intel® Atom™ Processor Z Series
- Intel® Celeron® Processor J Series
- Intel® Celeron® Processor N Series
- Intel® Pentium® Processor J Series
- Intel® Pentium® Processor N Series
(Score: 4, Insightful) by tftp on Monday January 22 2018, @09:36PM (3 children)
But how would they know? The professionally built malware will not announce its presence, waving a black flag with skull and bones. The exploit could have been in heavy use for years!
(Score: 5, Interesting) by DECbot on Monday January 22 2018, @09:57PM
Thanks for stating the obvious. The skull and crossbones is reserved for WAREZ and amateurs. The professional stuff flies the Windows logo.
cats~$ sudo chown -R us /home/base
(Score: 0) by Anonymous Coward on Tuesday January 23 2018, @01:26AM
Surely, they wouldn't dare violate RFC 3514!
(Score: 4, Funny) by frojack on Tuesday January 23 2018, @02:17AM
There are several reports of extreme slowdowns if these exploits are being used, because its almost impossible to ex-filtrate much data without taking up a bunch of cpu cycles.
Besides, we are all behind firewalls, right? We don't run random software, read random emails, click on click-baity links, so we are all perf__-__e-__c sj!aejt lkd934* 💩 💩 💩
No, you are mistaken. I've always had this sig.
(Score: 4, Funny) by takyon on Monday January 22 2018, @09:43PM (8 children)
https://lkml.org/lkml/2018/1/21/192 [lkml.org]
By the way, could these "higher system reboots" be classified as a new security issue (now on millions of the patched machines)?
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 5, Interesting) by Freeman on Monday January 22 2018, @10:05PM
No, I would say, "bug" is a perfectly legitimate definition. They just had you update your system to install the bug specifically to fix a bug that hasn't been proven to be exploited, yet.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 4, Funny) by ilsa on Monday January 22 2018, @10:11PM (5 children)
Not really. I think they would be at best classified as "Denial of Service", seeing as how your whole computer will reboot spontaneously, just for funsies. But as it's not specifically triggerable, it's not really a security issue. Just a bug, like the "Don't Divide, Intel Inside" bug from way back when.
(Score: 5, Interesting) by Spamalope on Monday January 22 2018, @11:44PM
as it's not specifically triggerable
We don't know that. A proof of concept hasn't been demonstrated/disclosed publicly. That's all we know. Intel's been vague, which may mean they don't know or that they do know an think there is an exploit risk.
(Score: 3, Insightful) by Anonymous Coward on Tuesday January 23 2018, @12:29AM (3 children)
Computers don't just crash for no reason. It only seems random at the moment because we don't know the cause yet; but there will be a certain sequence of actions which can reliably trigger the crash/reboot.
And as anyone who knows security knows, a crash is very often the first step to finding an exploit.
(Score: 2, Touché) by Anonymous Coward on Tuesday January 23 2018, @10:43AM (2 children)
Um, have you met Windows? Have you used Windows?
(Score: 0) by Anonymous Coward on Tuesday January 23 2018, @12:17PM (1 child)
Windows is not a computer.
(Score: 2) by Freeman on Tuesday January 23 2018, @03:50PM
You're right, but computers don't crash in that sense, either. It's the software on the computer that's crashing. Possibly due to hardware malfunction, but as is generally more likely a software bug.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 0) by Anonymous Coward on Monday January 22 2018, @10:12PM
Can you see another cuckoo's egg rising from this?
(Score: 2, Insightful) by Freeman on Monday January 22 2018, @09:46PM (1 child)
I don't think it means what you think it means. Fix: "To restore to proper condition or working order; repair: fix a broken machine." https://www.thefreedictionary.com/fix [thefreedictionary.com] When it makes matters worse and doesn't protect you from anything currently in circulation. I'm thinking that's more of a Bug. "Computers A defect in the code or routine of a program." https://www.thefreedictionary.com/bug [thefreedictionary.com]
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 5, Insightful) by Anonymous Coward on Monday January 22 2018, @09:55PM
"Clusterfuck"
(Score: 3, Informative) by Anonymous Coward on Monday January 22 2018, @10:03PM (14 children)
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr [intel.com]
Ampersand needed between 00088 and languageid.
The Intel Core i3, i5 and i7 (45nm and 32nm) are the first after Core 2 Duo, etc. https://en.wikipedia.org/wiki/List_of_Intel_Core_2_microprocessors [wikipedia.org] You probably remember the i7-920, i7-860, and such, from around 2009 (pfft, Nov 2008 launch of first chips makes them 2009). https://en.wikipedia.org/wiki/Nehalem_(microarchitecture) [wikipedia.org] Next generations are also use the i3, i5 and i7 names (and i9 in some later ones). Nehalem and newer have the Meltdown issue. Basically everything after Nov 2008 https://en.wikipedia.org/wiki/Intel_Core [wikipedia.org]
But where does Intel say that all those products are recalled? Affected, yes, but recalled? No "recall" in the page.
(Score: 3, Touché) by bob_super on Monday January 22 2018, @10:14PM (9 children)
Fuck it, where's my abacus?
(Score: 3, Funny) by Gaaark on Monday January 22 2018, @10:36PM (7 children)
It's been recalled: too easy for hackers with local access to start flicking beads back and forth.
A fix is in the works. Please use fingers.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 2, Funny) by Anonymous Coward on Monday January 22 2018, @10:42PM
My finger is too busy waving at Intel. At least one of them...
(Score: 5, Funny) by DECbot on Monday January 22 2018, @11:03PM (3 children)
I'd like to report a bug with your finger counting system. I understand and accept the limitation of the 10 register (finger) system. However, I have an issue obtaining reliable, repeatable results. Whenever subtracting and removing a register (finger) it is impossible to reliably store a value on that register again. Attempting to add the value back to that register results in the finger temporarily holding value, but with even the slightest of bumps, the register falls back on the table, and rests the value of the register to zero. Attempts have been made to apply patches and tape, but these have only been a bandaid solution and not a real fix. While I'd like to say this bug is persistent with all the registers, it has become hard to hold the knife with my left hand, so I've been unable to thoroughly test this on all the registers on my right hand. Please inform me when there is a fix available.
PS:
Feature suggestion: make register subtraction invoke less pain and blood loss. Also, I'd like to request a hexadecimal product variant as it would make it easier to execute my software without having to convert all my integers to a 10-bit equivalent.
cats~$ sudo chown -R us /home/base
(Score: 2) by Gaaark on Monday January 22 2018, @11:39PM (1 child)
Ummmm....yesssss.....
....we have recalled your fingers, please detach them by any way possible and return them to ACME FINGER-BANG.
We will send you replacements. In the meantime, please use your toes. Your penis or clitoris can be used to "carry the one".
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 3, Funny) by bob_super on Tuesday January 23 2018, @12:12AM
> Your penis or clitoris can be used to "carry the one".
There's gonna be a lot of math errors in obese America.
(Score: 0) by Anonymous Coward on Tuesday January 23 2018, @08:56AM
333 ty!
(Score: 2) by edIII on Tuesday January 23 2018, @01:31AM (1 child)
That's incredibly inefficient. If you add toes, you can go twice as fast.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 0) by Anonymous Coward on Tuesday January 23 2018, @09:36AM
> If you add toes, you can go twice as fast.
Argh! That compounded the problem! At first it worked and I was adding and subtracting with toes, but I rebooted - it happens daily, I use doors and windows - and entirely lost access to toes! And I cannot repatch - one of the toe-subtractions worked to remove the problematic right-hand finger digits which wouldn't flip off, and post-boot I have no toe access, so I now have access to NO digits, not even toe digits!
At least my laptop is still running with Dragon NaturallySpeaking(tm). As long as the power doesn't go out...
(Score: 2) by c0lo on Monday January 22 2018, @11:43PM
Melted down long ago, it is just a spectre lingering in your memory now.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 3, Interesting) by martyb on Monday January 22 2018, @10:15PM
Yup, we've got a Heisenbug [wikipedia.org] with the editor interface on the site... sometimes eats ampersands; thanks for calling it out... Fixed! (I hope!)
Wit is intellect, dancing.
(Score: 5, Insightful) by tftp on Monday January 22 2018, @10:27PM (2 children)
First, there is no recall because there is nothing to replace the bad processors with. Second, there is no recall because it will bankrupt Intel. In other words, citizen, eat what you are given and don't forget to pay for it.
(Score: 1, Informative) by Anonymous Coward on Tuesday January 23 2018, @12:31AM (1 child)
Ryzen
(Score: 4, Touché) by requerdanos on Tuesday January 23 2018, @01:53AM
Of course, over in that camp, AMD will replace your spontaneously-segfaulting first-batch Ryzen [phoronix.com]
if you jump through enough hoops.
(Score: 0) by Anonymous Coward on Monday January 22 2018, @10:15PM (1 child)
Um, the Marines are not supposed to touch anything pertinent to the sailing of the craft. This is how we got into this pickle in the first place. Private! Indeed. Back to PT for you!
(Score: 5, Funny) by Anonymous Coward on Monday January 22 2018, @10:43PM
In general, you don't want the Marines touching anything that can possibly break. As they say, you can lock a Marine in a padded room with two ball bearings and he'd end up losing one and breaking the other.
(Score: 5, Funny) by Anonymous Coward on Monday January 22 2018, @10:31PM (6 children)
This is why those of us in the know still stick to 6502.
(Score: 3, Insightful) by anubi on Tuesday January 23 2018, @08:20AM (2 children)
Laugh if you want, but if the Iranians had been using a 6502 on their centrifuge controllers, someone would have had a helluva challenge to get Stuxnet to work on it...
Same with our stuff too. We are adopting way too powerful of technology to do simple things... technology that can no longer be trusted.
Why would I want to hire a corporation to clean my house, and have to deal with all their "hold harmless" businesstalk, and all their "rights management" which locks me out of seeing just what they do.... just get an electrolux and do it yourself.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by Freeman on Tuesday January 23 2018, @04:01PM (1 child)
They could have just had them on a Linux, FreeBSD, or other thing that wasn't connected to a network. The only other way to protect something like that would be to have special built hardware / software and keep it off the network. It would probably just be easier to go with a standard OS without network connectivity, and make sure you're not plugging infected things into the computer.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 1) by anubi on Wednesday January 24 2018, @05:42AM
For something like a centrifuge controller, I would be sorely tempted to program the whole thing into a Parallax Propeller... mostly because the control loop is time critical, and I need something watching it that has nothing else to do... i.e. a "cog". You know, no missing chunks of attention because some interrupt routine has been initiated.
If I wanted to be super flexible, then I link an Arduino to the Propeller, as a "liason", talking to the Propeller on an I2C port,.br>
And do my supervisory stuff in the Arduino, controller stuff in the Propeller.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by maxwell demon on Tuesday January 23 2018, @09:15AM (2 children)
The 6502? The Z80 is clearly superior!
The Tao of math: The numbers you can count are not the real numbers.
(Score: 3, Informative) by choose another one on Tuesday January 23 2018, @11:28AM (1 child)
Both were too constraining though - even when new the limitations of 8bit architecture were obvious and painful.
Z8000 was much more enjoyable, 16bit was very liberating. 6502 had 16 bit variants as well.
Neither got much traction and the mass markets switched to 68000 and x86, (apart from Acorn who had this wacky idea of going off and designing their own CPU, which gave us ARM) but both Z8000 and 65Cwhatever are still around in one form or another, mostly due to being used in applications which folk can't talk about [quickly checks over shoulder for black helicopters... ]
(Score: 1) by anubi on Wednesday January 24 2018, @05:56AM
Personally, I liked the 68HC000. It was all CMOS. Huge improvement over the 65C02 I was previously addicted to.
Then my dream... the 68SEC000... static. I could drop the clock down to the Hz when I wanted to "sleep", and the chip would draw almost an immeasurably small current, just waiting for me to toggle some I/O port pin to wake it up, when it would gate itself to a much faster clock.
Now, my love is with those ATMEL chips. From the ATMEGA328 up. And the Parallax Propeller, mostly because I can get eight things going at once, and they don't "see" each other. Like a programmable I/O chip. So if I want a Manchester UART, no problem! I get enough room on one of these things for 2 VGA text-screen drivers and I2C and my Manchester UART, and then some...
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 4, Insightful) by insanumingenium on Monday January 22 2018, @10:38PM (5 children)
I have seen the spoiler tag used a couple times where a submission has a large list appended to the end. How hard would it be to add a "Boring Details" tag with the exact same mechanics, but with a less confusing name?
(Score: 1) by tftp on Monday January 22 2018, @10:42PM
(Score: 4, Informative) by takyon on Monday January 22 2018, @11:24PM (3 children)
The current syntax is <spoiler>Stuff you want to hide</spoiler>
I could write a feature request proposing <spoiler title="Boring Stuff">Stuff you want to hide</spoiler> as a way to replace the default text.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 2) by insanumingenium on Tuesday January 23 2018, @12:40AM
I wouldn't call it a high priority, but that seems more indicative than sticking with the title spoiler for all uses. For all I knew the functionality already existed and was unused/unknown. Thanks for the clarification.
(Score: 2) by bob_super on Tuesday January 23 2018, @01:39AM (1 child)
No need for something complex. Just change "spoiler" with "Would you like to know more?"
(Score: 3, Funny) by looorg on Tuesday January 23 2018, @01:56AM
... but I don't want to enlist in the Mobile Infantry. The smart bugs might be offensive but who needs enemies like that when you have your friends at Intel.
(Score: 4, Insightful) by DannyB on Monday January 22 2018, @10:48PM (16 children)
What is the number of Unexpected Reboots that I am supposed to consider NORMAL when using Intel processors?
How much higher is "higher than normal"? 25%? 50%? 100%? 500%? 1000%?
What a fustercluck.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 2) by bob_super on Monday January 22 2018, @10:51PM (15 children)
> What is the number of Unexpected Reboots that I am supposed to consider NORMAL when using Intel processors?
Intel hopes that you have used Windows 9x/ME a lot.
(Score: 2) by Freeman on Monday January 22 2018, @11:22PM (9 children)
I definitely did, but have come to expect better. Who am I kidding, Windows is always screwed up. Repeat after me, The Blue Screen of Death is your friend.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 0) by Anonymous Coward on Monday January 22 2018, @11:34PM
Wintel strikes back, now with 73% more Micro$oft Windows on any operating system.
(Score: 3, Funny) by MostCynical on Monday January 22 2018, @11:37PM (7 children)
Not *that* long ago, one place I worked referred to it as "the blue screen of coffee time"
I doubt that the local coffee place realised how much it owed windows.
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 4, Funny) by c0lo on Monday January 22 2018, @11:47PM (6 children)
Lucky them, that was long before IoT, they didn't use an internet-connected coffee machine, much less one running windows.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 4, Informative) by MostCynical on Tuesday January 23 2018, @12:19AM (5 children)
Looks like intel do supply affected chips for IoT devices, so some poor coffee shop may be unhappy..
https://www.intel.com/content/www/us/en/internet-of-things/building-blocks-things.html [intel.com]
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 2) by c0lo on Tuesday January 23 2018, @12:40AM (4 children)
Nitpicking: BSoD was over (in the original incarnation) before IoT became, well, a thing.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by MostCynical on Tuesday January 23 2018, @01:03AM (3 children)
Hey, I was back on-topic* referring to Specte/Meltdown/firmware-borked IoT devices.
*has to happen somtimes!
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 2) by c0lo on Tuesday January 23 2018, @01:16AM (2 children)
How boring; better later than sooner.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 3, Informative) by MostCynical on Tuesday January 23 2018, @01:31AM (1 child)
https://qz.com/901823/the-easy-way-your-smart-coffee-machine-could-get-hacked-and-ruin-your-life/ [qz.com]
https://www.gemalto.com/m2m/customer-cases/iot-cloud--coffee-machine [gemalto.com]
https://getpiper.com/nespresso-joins-the-iot-with-a-connected-coffee-machine/ [getpiper.com]
Wonder if a smart cup can talk to a smart coffee machine? Add drone delivery and remove all human inteaction from your morning caffeine hit.
(Sounds horrible, but I'm sure it will appeal to some)
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 2) by c0lo on Tuesday January 23 2018, @01:49AM
Oh, so last season.
You forgot the blockchain, quantum key distribution and in-vivo CRISPR realtime editing functionalities.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by Spamalope on Monday January 22 2018, @11:46PM (1 child)
Linux users are likely to notice new reliability problems... (not to mention VMware etc)
(Score: 4, Funny) by DannyB on Tuesday January 23 2018, @02:31PM
So Intel is simply trying to even the playing field so that Linux users can experience the unexpected reboots that Windows users take for granted.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 1, Interesting) by Anonymous Coward on Tuesday January 23 2018, @12:18AM (2 children)
Based on my experience here, the figure for normal 'unexpected reboots' of my servers would be at worst once in 200 days, as I've had Intel based servers with uptimes measured in years in the past, I'd say the normal figure would be one unexpected reboot per 700 days.
My current primary server uptimes are 38 and 42 days (new hardware installed), as one server is 'sort of 'critical (it handles offsite backups, I think that's critical, the PHB thinks backups are a waste of money...) until this clusterfuck is resolved I'll be a wee bit more paranoid wrt applying system updates to these boxes, so rather than my usual 'apply changes to the VM image of the system and see what breaks' I think it's time to clone the disk, case up one of the spare populated replacement motherboards and fire it up as a 'live' guinea pig.
As to the Win9x reference...I know what you're getting at, but I never experienced this, and I used to run both DAW and CAD software on 95 and then 98 machines and never had any BSODs or 'unexpected reboots' on them, I won't deny I've seen them happen on other 95/98 systems, but my boxes were rock-solid. Now, if we're talking unexpected reboots on Win2k, NT, Win7...(only three days ago, one Win7 box fell over and died for no good reason...other than maybe Coreldraw, the memory and CPU guzzling ass it usually is, doing something really stupid...)
ME...I've heard tell of such an OS, one so rare and shrouded in myth and legend that I've never seen a live system running it (and I've been futzing about with computers in one form or another since 1978..) mind you, it was June last year when I first actually used a real live Vista system...for 10 minutes before I trashed the disk and installed Linux on it.
(Score: 2) by bob_super on Tuesday January 23 2018, @01:36AM (1 child)
I used to fix my very frequent 95 crashes using dual boot to OS2 Warp (3, then 4). OS2 was rock solid on the same HW.
Win "97" (we also had NT5.0), then Win98, were not difficult to crash at all.
It was in a home/school environment, so uptimes never exceeded a couple days (even had to power-cycle the box before burning CDs, to limit the risk of coasters).
(Score: 0) by Anonymous Coward on Tuesday January 23 2018, @08:11AM
Oh, that's a given, once you actually got it to work 100% with your hardware that was..(it was the favoured OS for running a number of experimental rigs in the labs I worked in for a while, replaced mainly with Linux boxes eventually).
I suppose the difference was that my CAD and DAW boxes were, more or less, single function boxes..longest uptime I can recall for a recording session was three days, the last incarnation of the Win98 DAW box is probably still functional (it was working about 9 months ago..I fired it up for 'nostalgia') and is gathering dust up in the loft, c/w multiple milled slots in the case to allow the breakout of various cables.
My current DAW boxes are XP systems, I'm not changing that anytime soon...
(Score: 3, Funny) by chromas on Tuesday January 23 2018, @12:12AM (1 child)
Well that's dumb. Have they seen Wargames? Don't press Lockout Changes unless you need to force the plot.
(Score: 3, Funny) by DannyB on Tuesday January 23 2018, @02:33PM
It's okay if you lockout changes. The password (launch code) can be guessed one digit at a time.
Computer 1: Try this password: 12345
Computer 2: Nope, but you got the 2nd digit correct!
Computer 1: Try this password: 82571
Computer 2: Nope, but you got the 2nd and 5th digit correct!
Etc.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 2, Funny) by Sulla on Tuesday January 23 2018, @12:24AM (3 children)
CTRL+F Core2Duo not found
Sucks to be you, guess my lack of initiative in ever upgrading my PC finally worked out.
If I am wrong please read as: "We are all in this together brothers, make sure the problem is fixed in all processors and not just the new ones #StrongerTogether"
Ceterum censeo Sinae esse delendam
(Score: 4, Informative) by Anonymous Coward on Tuesday January 23 2018, @12:33AM
Or just use AMD
(Score: 2, Funny) by Anonymous Coward on Tuesday January 23 2018, @01:52AM
> behold, rowhammer
er i have DDR2, does it work?
> NO, PLEBEIAN
> behold, meltdown
er I have core 2 duo, does it work?
this is becoming a nightmare, I feel left out.
(Score: 0) by Anonymous Coward on Tuesday January 23 2018, @09:06AM
You are wrong.
You're affected, though there might not be js exploits, and they might never go public, or they might be veerrry slow.
There are other side channels that cannot be avoided in 300 cycle long trains. Things like L1-L2 cache latency. Those will include cache misses sometimes, which will start cache pulls sometimes, which will have side effects some times.
And your processor does speculatively execute.
You're just going to be able to patch over it without randocrashes... if the next core2duo patches aren't trojanned to make up for not being thus so far.
The much scarier thing is: there are other, worse bugs in the microcode and in the hardware. Bugs that eyes might find, or analyzing software might detect. Only Intel, AMD, ARM, their closest friends and most successfully prying foes have those glimpses. But - this isn't war, they won't release armament like that.
Unless... war comes?
(Score: 3, Insightful) by looorg on Tuesday January 23 2018, @01:09AM
Surprise! The emergency patch you applied to fix a horrible problems are causing other horrible problems and there is no undo. They only had six months or so to come up with a fix and it turns out it was a bit complicated, but not complicated enough for a recall.
(Score: 5, Insightful) by requerdanos on Tuesday January 23 2018, @01:59AM (1 child)
and
You can't have both at the same time. Keeping a system up to date is a process accomplished by deployment of the current versions of the things of which the system is composed.
(Score: 0) by Anonymous Coward on Tuesday January 23 2018, @08:07AM
What, never heard of the Copenhagen interpretation of quantum updates?
(Score: 2) by pdfernhout on Tuesday January 23 2018, @02:10AM (3 children)
... as people replace generations of buggy processors.
Not much accountability when you are essentially a de-facto monopoly (even given AMD and ARM).
In other news, everyone seems to have forgotten about Equifax's breach already...
May this Saturday Night Live skip applies to more than presidential politics but any big power center, sigh?
"What Even Matters Anymore - SNL"
https://www.youtube.com/watch?v=ZJkc_C5-Cd8 [youtube.com]
The biggest challenge of the 21st century: the irony of technologies of abundance used by scarcity-minded people.
(Score: 2) by choose another one on Tuesday January 23 2018, @10:56AM (2 children)
> ... as people replace generations of buggy processors.
With what?
Correct me if I'm wrong, but aren't Intels very latest processors still listed vulnerable, and even the status of the upcoming 9th Gen isn't clear (probably vulnerable given dev timescales).
So the only current "replace" option would appear to be "replace processor with non-intel" which means at least a new motherboard and very possibly a new box, and non-intel so no sales bump in it for them.
(Score: 2) by pdfernhout on Wednesday January 24 2018, @05:38AM
I mean replace in a year or two once Intel has new offerings they claim are fixed. In a couple years, Intel will likely be pushing "high security" processors and everyone will flock to them.
Until then, for good or bad, most people will probably just bumble along as best they can with Intel and hope they won't get hit -- same as people now live with the massive Equifax identity breach without doing much about it.
Have companies even fixed Row Hammer yet? https://en.wikipedia.org/wiki/Row_hammer [wikipedia.org]
Of course, likely the same processes that made the current flawed social processes that made today's Intel processors (including lack of accountability for a de-facto monopoly) will lead to a next generation of flawed processors to then eventually be discovered which drives more even more Intel sales in five or six years times -- and so on. The wages of sin are... more wages?
==== Some tangential late night rambles:
A lot of these computer breach issues ultimately are social issues and need to get solved by social means (including social codes embodied in computer software) -- which is difficult because breaches cross lots of borders.
Related: http://shirky.com/writings/group_enemy.html [shirky.com]
"Writing social software is hard. And, as I said, the act of writing social software is more like the work of an economist or a political scientist. And the act of hosting social software, the relationship of someone who hosts it is more like a relationship of landlords to tenants than owners to boxes in a warehouse."
Without widespread social consensus and follow through on appropriate behavior, there is a high cost to society of lack of trust. As others have pointed out, our physical infrastructure depends heavily on trust to be cost-effective. For example, most power lines are not defended 24X7 against copper thieves. People have breakable glass windows in their homes left open when they go out instead of security shutters and armed sentries. Our food supply and medicine supply assumes lack of widespread malicious intent. Highway driving assumes very few motorists are going to intentionally create trouble. And so on.
Contrast with, say, countries where social trust and the rule of law has broken down and vast amount of effort go into preventing crime -- like by having armed guards everywhere, metal bars on all windows, armed cars, everyone carries a weapon, no one can talk casually to a random stranger without great risk, and so on.
Eventually a society and its technical infrastructure in crisis will probably reshape itself to re-balance issues of cost versus trust. Some of old thinking on that rebalancing (from the 1980s): http://pdfernhout.net/princeton-graduate-school-plans.html [pdfernhout.net]
Of course, most people will probably just ignore the issue.
Until maybe slaughterbots show up? https://sciencealert.com/chilling-drone-video-shows-a-disturbing-vision-of-an-ai-controlled-future [sciencealert.com]
Two old quotes:
From 1946 by George Orwell: http://orwell.ru/library/articles/nose/english/e_nose [orwell.ru]
"The point is that we are all capable of believing things which we know to be untrue, and then, when we are finally proved wrong, impudently twisting the facts so as to show that we were right. Intellectually, it is possible to carry on this process for an indefinite time: the only check on it is that sooner or later a false belief bumps up against solid reality, usually on a battlefield."
From 1908 from GK CHesterton: http://www.ccel.org/ccel/chesterton/orthodoxy.x.html [ccel.org]
"We have remarked that one reason offered for being a progressive is that things naturally tend to grow better. But the only real reason for being a progressive is that things naturally tend to grow worse. The corruption in things is not only the best argument for being progressive; it is also the only argument against being conservative. The conservative theory would really be quite sweeping and unanswerable if it were not for this one fact. But all conservatism is based upon the idea that if you leave things alone you leave them as they are. But you do not. If you leave a thing alone you leave it to a torrent of change. If you leave a white post alone it will soon be a black post. If you particularly want it to be white you must be always painting it again; that is, you must be always having a revolution. Briefly, if you want the old white post you must have a new white post. But this which is true even of inanimate things is in a quite special and terrible sense true of all human things. An almost unnatural vigilance is really required of the citizen because of the horrible rapidity with which human institutions grow old. It is the custom in passing romance and journalism to talk of men suffering under old tyrannies. But, as a fact, men have almost always suffered under new tyrannies; under tyrannies that had been public liberties hardly twenty years before. Thus England went mad with joy over the patriotic monarchy of Elizabeth; and then (almost immediately afterwards) went mad with rage in the trap of the tyranny of Charles the First. So, again, in France the monarchy became intolerable, not just after it had been tolerated, but just after it had been adored. The son of Louis the well-beloved was Louis the guillotined. So in the same way in England in the nineteenth century the Radical manufacturer was entirely trusted as a mere tribune of the people, until suddenly we heard the cry of the Socialist that he was a tyrant eating the people like bread. So again, we have almost up to the last instant trusted the newspapers as organs of public opinion. Just recently some of us have seen (not slowly, but with a start) that they are obviously nothing of the kind. They are, by the nature of the case, the hobbies of a few rich men. We have not any need to rebel against antiquity; we have to rebel against novelty. It is the new rulers, the capitalist or the editor, who really hold up the modern world. There is no fear that a modern king will attempt to override the constitution; it is more likely that he will ignore the constitution and work behind its back; he will take no advantage of his kingly power; it is more likely that he will take advantage of his kingly powerlessness, of the fact that he is free from criticism and publicity. For the king is the most private person of our time. It will not be necessary for any one to fight again against the proposal of a censorship of the press. We do not need a censorship of the press. We have a censorship by the press.
This startling swiftness with which popular systems turn oppressive is the third fact for which we shall ask our perfect theory of progress to allow. ..."
See also: https://en.wikipedia.org/wiki/Societal_collapse#Theories [wikipedia.org]
And maybe even see also (for its historical examples of people walking away from collapsing societies back to hunter/gather roots -- although with nukes and other WMDs that may not be feasible anymore): https://en.wikipedia.org/wiki/New_Tribal_Revolution [wikipedia.org]
And something I put together recently on how to build healthier organizations: https://github.com/pdfernhout/High-Performance-Organizations-Reading-List [github.com]
The biggest challenge of the 21st century: the irony of technologies of abundance used by scarcity-minded people.
(Score: 2) by pdfernhout on Friday January 26 2018, @02:32AM
Kind of predictable story in the news today about Intel not being affected by the chip flaws -- just like the Equifax situation, where a monopoly's value is unaffected by major incompetence:
https://www.reuters.com/article/us-intel-results/intel-data-center-sales-surge-warns-of-potential-security-flaw-fallout-idUSKBN1FE307 [reuters.com]
"In an interview ahead of Intel’s earnings call with investors, Chief Financial Officer Bob Swan said the company sees no “meaningful impact” on corporate earnings from the vulnerabilities."
He's probably too good at PR to admit they probably expect a massive revenue increase soon from chip replacements?
That said -- every person and every company makes mistakes. Dealing with mistakes could be arguably said to be baked into the cost of a product. It's up to the consumer (and government) to decide how they feel about various mistakes.
The biggest challenge of the 21st century: the irony of technologies of abundance used by scarcity-minded people.
(Score: 2) by inertnet on Tuesday January 23 2018, @02:35AM (1 child)
I just clicked install right before I saw this news item. So I guess I'll just keep my system running without rebooting and hope there won't be a power outage in the coming days.
(Score: 3, Touché) by kazzie on Tuesday January 23 2018, @05:35AM
In other words, you're hoping you don't get any unexpected reboots?
(Score: 5, Funny) by Bot on Tuesday January 23 2018, @02:37AM (4 children)
Intel HQ, interior afternoon, #CLASSIFIED!#
oh sorry, wrong intel
Intel HQ, interior afternoon, a top management meeting in the sauna, as everywhere else the chinks get to hear everything. Nervous voices come out of the fog.
- "People are buying ARMs left and right..."
- "We should force people to upgrade..."
- "We can't do that anymore using windows bugs, folks. People are flocking to the cloud and unplugging desktops so that they can edit their pics using win7 and photoshop in peace. Bill won't help us, he's afraid."
- "OK, maybe... do we have any hardware bug?"
- "Are you kidding, of course we do."
- "So... we could use them to force people to upgrade!"
- "People don't care about bugs, son, they used windows for two decades."
- "What about a hardware security problem, then?"
- "Oh, you mean a backdoor? why burn one of those?"
- "What about one that is about to be burned anyway, is nobody after one?"
- "Yes there is one, a side channel attack..."
- "Sounds perfect! side channel, sounds sneaky..."
- "I don't think this is enough, people don't care about security either, they used..."
- "...windows for two decades, OK. You are right, one thing is updating software, another is dumping hardware. People will wait until their porn folders get public and their bitcoins wallets go empty, it could take years..."
- "What if the bug leaks, intel offers a firmware update, and the firmware borks the machine so bad they HAVE to dump it?"
- "You, sir, you are an evil genius! I'll double your bonus!"
- "I have none sir, I am the janitor. But I worked at Uber, overheard their bathroom talk, this is nothing in comparison..."
And they all lived happily ever after.
Account abandoned.
(Score: 1) by anubi on Tuesday January 23 2018, @08:33AM (2 children)
Now this was tricky to moderate... funny as hell, but also sounds just like the way the tie-people think. I've been around that type, and they don't think at all like an engineer.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 0) by Anonymous Coward on Tuesday January 23 2018, @09:28AM
What?
This is good engineering thinking. "What's the worst that could happen?" is question #2, so that it can be avoided. (Question #1 hopefully is "What outcome is desired?")
(Score: 1) by redneckmother on Tuesday January 23 2018, @03:48PM
You used an incomplete term: "engineer".
It should read "fscking engineer".
Relax, it's just a JOKE :-)
Mas cerveza por favor.
(Score: 2) by bzipitidoo on Tuesday January 23 2018, @09:27AM
Reality went one better with the Capacitor Plague in the early 2000s. Older motherboards failing like mad, and Intel and MS were totally innocent!