News:

Willkommen im Notebookcheck.com Forum! Hier können sie über alle unsere Artikel und allgemein über Notebook relevante Dinge disuktieren. Viel Spass!

Main Menu

How to check if your PC is protected from Meltdown and Spectre

Started by Redaktion, February 13, 2018, 04:02:48

Previous topic - Next topic

Redaktion

The Meltdown and Spectre vulnerabilities exposed inherent flaws in hardware and software design, which we've been using for many years. Chip vendors and developers alike are scrambling to quickly release fixes to prevent any damage to customer data. Intel, AMD along with motherboard partners and Microsoft have released security patches over the past month to cover the necessary mitigation. This tutorial will help you in determining whether your PC has received the required mitigation to prevent any abuse of these vulnerabilities.

https://www.notebookcheck.net/How-to-check-if-your-PC-is-protected-from-Meltdown-and-Spectre.281990.0.html

Robert J Backlund

I found this article as well as most of the other similar articles that have been written ever since the Meltdown and Spectre exploits being made public to be both helpful but also amusing at the same time.  In every article as well as YouTube video that talks about this issue it seems that everyone is calling this a flaw in both software and hardware design that has been present in probably every CPU and mother board chip set for the past 20 years as well as closed source operating systems.  I have to admit that I am not a software developer or hardware designer and am just an average computer user and perhaps many will label me a conspiracy foil hat wearer but to term this issue as just a flaw to me is a joke.  Maybe if it only affected say Intel this might possibly be true but it seems that this problem transcends multiple companies as well as types of chips.  Though it was not mentioned here I have read that this so called flaw also exists in most CPUs that are used in all mobile devices.  Most computers today use the X86 or the X86 64bit architecture where mobile is using ARM processors.  I find it impossible to believe that everyone who designs hardware uses the same methodology and designs and the same can be said for software development.  Something else must be at play here and is something that I personally find to be much more likely as well as scary and very sinister.  What is it that I think has been going on?  I am convinced that all of these companies were approached quite some time ago by the CIA as well as the NSA to build in back doors for for hardware as well as most widely used software such as closed source OS's as well as social media such as Facebook and Twitter and Youtube. I have seen reports that estimate that these spy agencies can gain direct access to probably 95% of all computing devices on the planet that are connected to the internet regardless if they are desktop systems or mobile devices.  I am convinced that these tech companies most if not all are US based companies  agreed to design in these so called flaws/backdoors into their chips and software in exchange for payments of millions of US tax payer dollars that these companies probably get paid each year.  It does not matter what software tools you use for security, firewalls or anti virus cannot and will not protect you from  someone who has direct hardware access to your computer, I doubt that even hardware based firewall solutions will work either due to the apparent panic among many companies who operate data bases etc who are facing massive performance decreases in their servers once all of the band aid patches are applied in the OSs and I doubt that even these will not really work and are nothing more than to make us feel good because someone is trying to fix the problem.  I think that everyone who is affected which is much more than just here in the USA should be seriously concerned about this and we all need to be up in arms about the implications of this and demanding that our governments take action.  I really do not think this will happen here in the US but if a lot of pressure is applied world wide demanding that these things get fixed the US politicians regardless of how corrupt that they are will have to agree to do something or face lynching.  What do I think should happen?  Well they are pretty radical, a good starting point would be the complete and immediate shut down of the NSA and CIA with the vast majority if not all of their agents being imprisoned for the blatant violation of the 4th Amendment of the US Constitution which is and I quote

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

Along with this punitive action the immediate destruction of all of the NSA/CIA server farms that have been storing all of the data that they have been collecting.  Few today know about or believe that the NSA collects and stores every phone call, text message email etc for every device not just on US Citizens but EVERYONE, they have multi-billion dollar secret server farms that hold all of this data. The next is these chip manufactures need to have all of their assets along with patents and deigns seized  as well as many of their personnel starting with the CEOs also being charged with direct violation of the 4th Amendment.  These assets should then be given over to new companies that would work on hardware designs using the open hardware model so that there can be adequate peer review so these abuses can never be done again.  In exchange for this info and patents etc these companies would have to produce new chips without back doors built into them and freely exchange everyone of the affected chips.  I do not know about you but I am tired of big brother whether it is a corporate tech giant like Microsoft, Apple, Google, Amazon, Facebook, Twitter, Intel, AMD, Qualcomm or some US Government spy agency spying on me and conducting massive data mining.  It is high time that WE THE PEOPLE and I do not just mean here in the US stand up and demand change.

Vaidyanathan

Hi Robert,

Thank you for taking the time to read the article. I'm writing this comment in my personal capacity and not necessarily projecting NBC's views here. While conspiracy theories abound, one also cannot dismiss them as you rightly point out. Every socket inbound and outbound can be intercepted and Government agencies could very well know you inside-out by now.

If you remember, I had written a piece on disabling the Intel AMT module (https www notebookcheck net/Eureka-The-Intel-Management-Engine-can-finally-be-disabled-thanks-to-the-NSA.245922.0.html) (add the needed punctuation to access the link) and that was possible due to a requirement put in by the NSA. So you could be right. The design itself was warranted in such a way, perhaps. No one can definitely say. However, according to me, what is more imperative at this point is users should be ever vigilant and protect their systems diligently. While software and hardware are becoming resilient, so are the geniuses of those who perpetuate these attacks. Ensuring end-to-end security is not just the prerogative of ISPs and sysadmins any more. It is a collective responsibility. So while we might have to deal with the 'assumed spying' for the foreseeable future, a more urgent need of the hour is to be up to date in securing our devices.

Magello

Did you update your Apollo Lake (N4200) notebook BIOS?
I don't know why after doing so I've got Meltdown protection disabled and only Spectre on.

Martin Gorbush

Quote from: Magello on May 10, 2018, 13:47:33
Did you update your Apollo Lake (N4200) notebook BIOS?
I don't know why after doing so I've got Meltdown protection disabled and only Spectre on.
It seems that those CPU aren't affected by Meltdown vulerability.

freebsd.1045724.x6.nabble.com/FreeBSD-Security-Advisory-FreeBSD-SA-18-03-speculative-execution-tp6244729p6246044.html

Quick Reply

Warning: this topic has not been posted in for at least 120 days.
Unless you're sure you want to reply, please consider starting a new topic.

Name:
Email:
Verification:
Please leave this box empty:

Shortcuts: ALT+S post or ALT+P preview