Thursday, January 4, 2018

Microprocessor bug Meltdown

VM and Microprocessor bug fixes incoming..
hopefully microcode quickly also.

Creating a better virtualization header that is:
More efficient at isolating the contained OS with attributes in the OS's to contain secured data?
We find answers to improve efficiency and protect against VM>VM data transfer or to use this for a creative purpose!

We need answers! and science. : Microcode update

"First responder RS"

"Thank you for googles firm responses to the bug, faith in google is high..
The micro code be updated to flush & or contain the the speculative data in a data-cycle secure storage,
Within the framework of cache and ram/virtual-ram?
cycle efficiency would be at most two cycles and a flush Xor bit data overlay,

Bit Masking before and after pre-fetch presents & also uses data - this method would be fast! (c)Rupert S"

"Obviously in light of buffer exploitation we would suggest that buffers after password entry are cleared, This is not the whole solution because the spy program could be resident..

Buffer exploitation is a common practice in viruses and this type of attack is nothing new..
There is no doubt that buffers are a victim of flooding and exploitation; Over and over!
After all buffer exploitation is a logical consequence of their use on a computer or hardware.

Randomizing buffer allocation, Location and encryption algorithm is the most logical choice on hardware, However! how much effort must be made to protect buffers when an attack on them is predicable and logical? A lot we say.

(c)Rupert S"

Google systems have been updated for Meltdown bug

attack mitigation -

"Microsoft issued an emergency update today,
Amazon said it protected AWS customers running Amazon's tailored Linux version and will roll out the MSFT patch,

for other customers to day"

We need answers! and science. : Microcode : update

(c)RS - examination and findings direction of HPC Development - will Random/Entropy drivers help - function examined and processed.

about the bug :,36219.html


A detailed and interesting article with many details; Well written. (12 jan 2018)

Gaming performance:

Gaming performance:

report PDF on mitigation - (requires signing) :

AMD's concern for security lead them to make cache work differently right from the start; Where as Intel chose to pre-fetch kernel & secure data on the presumption that this could rarely be used.(this was published in the past we read about it.) RS

As we can see AMD has a security focus & did also in 2005 when pre-fetch method came up for debate.


"Details of a problem have been gradually emerging, People with AMD Athlon-powered computers say that following the installation of the patch, it is impossible to boot into Windows leaving a full re-installation as the only option -- although some users report that even this does not fix the problem. "

(possibly related to the antivirus program incompatibility)(some AV's possibly! we need a list preferably now.)

Athlon PC patch is being re engineered so that it works on windows 10 - not related to newer AMD chips:

Intel information with sub-tabs (of interest)

On the front of the kernel patch 4.4.0-108 (Ubuntu) bricking some older Athlon models apparently ...
4.4.0-109 is the fixed version; Further information would be useful but is currently too hush hush for full disclosure. - google 4.4.0-109 for more information.


on the GPU front we can see that since cache pre-fetch is the issue that all classes of GPU/CPU & other processor class with cache may well face issues.

Crypto Keys need replacing due to meltdown bug - after patching!
due to system compromise. (c)RS

Meltdown and specter security Firmware update is more important to bitcoin, Crypto coin / Crypto coin wallets & block-chain than the price! read it now and Update

Firmware Updates and Initial Performance Data for Data Center Systems - information on intel,AMD & other components

HPC View of Meltdown and a few patch updates
AMD affirmative patch inbound to secure lesser risk in conscientious market. - good update

As of 23/01/2018 Intel patch to CPU has as yet failed to be fully effective against system instability caused by unexpected side effects :
Further improvements sought, One suggests a better cohesive response between Low Level OS companies like Redhat Linux, Microsoft, apple and android with Hardware developers - interactive people, RS

Power 7/8/9 update :

01/02/2018 - additional AMD patch - Windows 10 Build 16299.214 :,36440.html
15/02/2018 - fixed patch - Top Applications speed test of patches on Stamped - Texas University - Linux


Looks like the Israeli company is asking us to suspect firmware ....
Frankly no #hardware could avoid #firmware issues!,
If AMD/INTEL is really being asked to call fake firmware an AMD & INTEL/GPU Manufacturers security flaw.. when this is in the BIOS & not randomly downloaded!

(c)Rupert Summerskill

No comments: