Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday January 19 2018, @01:39PM   Printer-friendly
from the tell-us-how-you-REALLY-think dept.

SoylentNews first reported the vulnerabilities on January 3. Since then, we have had a few stories addressing different reports about these vulnerabilities. Now that it is over two weeks later and we are *still* dealing with reboots, I am curious as to what our community's experience has been.

What steps have you taken, if any, to deal with these reports? Be utterly proactive and install every next thing that comes along? Do a constrained roll out to test a system or two before pushing out to other systems? Wait for the dust to settle before taking any steps?

What providers (system/os/motherboard/chip) have been especially helpful... or non-helpful? How has their response affected your view of that company?

What resources have you been using to check on the status of fixes for your systems? Have you found a site that stands above the others in timeliness and accuracy?

How has this affected your purchasing plans... and your expectations on what you could get for selling your old system? Are you now holding off on purchasing something new?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Saturday January 20 2018, @12:38AM

    by Anonymous Coward on Saturday January 20 2018, @12:38AM (#624990)

    Continuing with grep:
    # dmesg | grep "isolation"
    It should report something like "Kernel/User page tables isolation: enabled" if the patch is in use. It can be disabled by boot param "nopti".

    https://pastebin.com/5qacGA17 [pastebin.com] has a small test that can be compiled with g++ -o foo foo.cpp.
    It opens and closes a file. For me that takes ~4x times with PTI vs the same kernel with "nopti". Luckly programs don't do that only, they also compute things, but it's clear this CPU (first or second generation of i7) gets a bad hit when calling the kernel. Maybe future changes to KPTI will improve that, but not holding my breath.