@Pete-S said in laptop slow after installing Spectre/Meltdown mitigations: Wasn't the bios also involved in these mitigations? In so much as a micro-code patches for the processors are concerned - yes. My processor is updated to the most current, Oct 2019. Doesn't matter - performance still sucks! I applied these reg changes, rebooted - then applied a script I've done many times before. It was amazing how slow the script ran compared to other machines. I took a video, I'll see about posting it later.

@kelly said in Eight new Spectre Variant Vulnerabilities for Intel Discovered - four of them critical: @tim_g said in Eight new Spectre Variant Vulnerabilities for Intel Discovered - four of them critical: Wow.... But how practical is it to not only first exploit the Spectre vulnerability, but then to get any useful data from most likely other unknown shared VMs on the same box? (really, only on a shared hosting provider host is where 99.9% of the threat is) This stuff is discarded speculative cached data... maybe a thumbnail you won't be viewing (if it goes that big), or maybe a few bits leading in that direction... maybe credentials (that are encrypted anyways)... It seems like all you can do is "fish" for unknown discarded speculative data... it doesn't really sound like a huge practical threat, however, I do see the severity and horrible potential of it, just not the practicality. Here is how I see it playing out in the larger world. Bad actors will be spinning up VMs on hosting providers' hardware, and then trolling for data of cohosted VMs. It isn't a large problem in a secure environment where the list of people who can spin up VMs also have the credentials necessary to make a Spectre-ng attack a waste of time and energy. Also worth noting, in a cloud environment the data that can be caught this way is essentially random and ephemeral. What works today won't work tomorrow, and whose data you are getting is normally unknown. The scale and anonymity of cloud computing makes these attacks more possible, but less effective, almost to the point of useless.

FFS that is when I was planning to tag all my old threads.

You see! This is why you shouldn't patch!

@black3dynamite said in Meltdown Shows Why to Avoid LTS Releases: What makes Red Hat and SUSE exempt compare to CentOS and OpenSUSE leap? Because we are paying for the support? Nothing makes them exempt, they ARE CentOS and Leap, just paid for instead of free. They suffer just the same.

@scottalanmiller said in Basics of Spectre and Meltdown Video: or not on Intel, Spectre is everyone. So my point still stands here.