clifff @clifff

1 post1 participant0 posts today

Ian Brown 👨🏻‍💻In fact, governments probably should only EVER deploy executables they have built themselves, using their own compilers (see the classic computer science paper Reflections on Trusting Trust). You’d also need chip <a href="https://eupolicy.social/tags/microcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microcode</a> auditing and verification for security-critical systems. And some level of chip assurance. And 🇬🇧 Cell-like audits… Details to be determined 😉<a href="https://eupolicy.social/tags/ReproducibleBuilds" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReproducibleBuilds</a> <a href="https://eupolicy.social/tags/StrategicAutonomy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#StrategicAutonomy</a> <a href="https://eupolicy.social/tags/audit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#audit</a> <a href="https://eupolicy.social/tags/escrow" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#escrow</a>

boredsquirrel<a href="https://mastodon.social/@nixCraft" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@nixCraft</a> <a href="https://tux.social/tags/NixOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NixOS</a> is interesting. Pretty reliable (not as much as <a href="https://tux.social/tags/AtomicDesktops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AtomicDesktops</a> in my noob tests) while also performantNote that such old hardware will have <a href="https://tux.social/tags/microcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microcode</a> vulnerabilities and locking it down will further slow it down. At least thinking of <a href="https://tux.social/tags/spectre" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#spectre</a> or <a href="https://tux.social/tags/meltdown" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#meltdown</a> (not sure if hyperthreading was even thought of back then)

SpaceLifeFormOld man yells at clouds 4, 4, 4, 4, ...<a href="https://m.slashdot.org/story/438589" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://m.slashdot.org/story/438589</a><a href="https://infosec.exchange/tags/MicroCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MicroCode</a>

SpaceLifeForm<a href="https://hachyderm.io/@chandlerc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@chandlerc</a> So, does this imply that it is a failure by the software to not realize that the hardware and microcode have made a mistake?There is a lot that can be done at the software level, but to do that still requires that the machine code instructions still function as expected.It is turtles all of the way down.<a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/microcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microcode</a> <a href="https://infosec.exchange/tags/leak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#leak</a>

SpaceLifeForm<a href="https://hachyderm.io/@chandlerc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@chandlerc</a> The domain name is accurate.<a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Microcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microcode</a> <a href="https://infosec.exchange/tags/Leak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Leak</a>

SpaceLifeForm<a href="https://hachyderm.io/@chandlerc" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@chandlerc</a> Speculative Executation is not your friend.<a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Microcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microcode</a> <a href="https://infosec.exchange/tags/Leak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Leak</a>

SpaceLifeForm<a href="https://mastodon.scot/@kim_harding" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@kim_harding</a> Speculative Executation again. See Spectre, et al.If only I could run a modern browser on a Pentium.<a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Microcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microcode</a> <a href="https://infosec.exchange/tags/Leak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Leak</a>

IT NewsThis Week in Security: ClamAV, The AMD Leak, and The Unencrypted Power Grid - Cisco’s ClamAV has a heap-based buffer overflow in its OLE2 file scanning. That’s ... - <a href="https://hackaday.com/2025/01/24/this-week-in-security-clamav-the-amd-leak-and-the-unencrypted-power-grid/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/01/24/this-week-in-security-clamav-the-amd-leak-and-the-unencrypted-power-grid/</a> <a href="https://schleuss.online/tags/thisweekinsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#thisweekinsecurity</a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackadaycolumns</a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityhacks</a> <a href="https://schleuss.online/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentesting</a> <a href="https://schleuss.online/tags/microcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microcode</a> <a href="https://schleuss.online/tags/clamav" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#clamav</a> <a href="https://schleuss.online/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

Kevin Karhan :verified:Yes. <a href="https://www.tomshardware.com/pc-components/cpus/intel-engineers-linux-patch-would-alert-users-of-outdated-microcode-flagging-the-system-as-vulnerable" rel="nofollow noopener noreferrer" target="_blank">this</a> is a good thing for <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITsec</a> to let end-users know if their system runs <a href="https://infosec.space/tags/outdated" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#outdated</a> / <a href="https://infosec.space/tags/vulnerable" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerable</a> <a href="https://infosec.space/tags/Microcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microcode</a> and have <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> update it.<ul><li>OFC this can't fix the systemic issues <a href="https://infosec.space/tags/ix86" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ix86</a> & <a href="https://infosec.space/tags/amd64" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#amd64</a> have, but I do think this is such a vital thing that I do want to integrate it into <a href="https://infosec.space/@OS1337" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@OS1337</a> as having some low-level diagnostics and means to fix things is literally the point of said distro!</li></ul>Consider it a more streamlined "Rescue Linux" which is intended to be <a href="https://infosec.space/tags/reprpduceable" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reprpduceable</a>, <a href="https://infosec.space/tags/auditable" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#auditable</a> and small enough to fit on a <a href="https://infosec.space/tags/BootROM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BootROM</a>! <a href="https://infosec.space/tags/Intel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Intel</a> <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITsec</a> <a href="https://infosec.space/tags/Updates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Updates</a>

IT NewsCustom Microcode Compiler, Made in Google Sheets - When homebrewing a CPU, one has to deal with microcode. Microcode is the low-level... - <a href="https://hackaday.com/2024/07/07/custom-microcode-compiler-made-in-google-sheets/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2024/07/07/custom-microcode-compiler-made-in-google-sheets/</a> <a href="https://schleuss.online/tags/classiccomputing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#classiccomputing</a> <a href="https://schleuss.online/tags/retrocomputing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#retrocomputing</a> <a href="https://schleuss.online/tags/softwarehacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#softwarehacks</a> <a href="https://schleuss.online/tags/homebrewcpu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#homebrewcpu</a> <a href="https://schleuss.online/tags/microcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microcode</a> <a href="https://schleuss.online/tags/cpu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cpu</a>

**IT News** @itnewsbot@schleuss.online · Nov 14, 2023

Nov 14, 2023

IT News @itnewsbot@schleuss.online

Intel fixes high-severity CPU bug that causes “very strange behavior” - Enlarge

On Tuesday, Intel pushed microcode updates to fix a h... - https://arstechnica.com/?p=1983867 #centralprocessingunits #virtualmachines #uncategorized #microcode #security #biz⁢ #cloud #intel #cpu

Ars Technica · Nov 14, 2023Intel fixes high-severity CPU bug that causes “very strange behavior”Among other things, bug allows code running inside a VM to crash hypervisors.

**IT News** @itnewsbot@schleuss.online · Nov 7, 2023

Nov 7, 2023

IT News @itnewsbot@schleuss.online

Intel v. NEC : The Case of the V20’s Microcode - Back in the last century, Intel saw itself faced with a need to have ‘second sourc... - https://hackaday.com/2023/11/07/intel-v-nec-the-case-of-the-v20s-microcode/ #reverseengineering #computerhacks #intel8086 #intel8088 #microcode #necv20

Hackaday · Nov 7, 2023Intel V. NEC : The Case Of The V20’s MicrocodeBack in the last century, Intel saw itself faced with a need to have ‘second source’ suppliers of its 8088 and 8086 processors, which saw NEC being roped in to be one of those alternati…

**Mufasa** @ne1for23@betweenthelions.link · May 14, 2023

May 14, 2023

Mufasa @ne1for23@betweenthelions.link

#Intel Deploys Undisclosed #Microcode Security Update For CPUs Going Back To Coffee Lake (2017 launched CPUs)

Intel released CPU microcode updates for processors all the way back to Coffee Lake on Friday afternoon. Unfortunately, the changelog doesn't delve into details other than that the new microcode fixes an undisclosed security issue.

#InfoSec
https://www.tomshardware.com/news/intel-microcode-security-update

Tom's HardwareIntel Deploys Undisclosed Microcode Security Update For CPUs Going Back To Coffee LakeBy Zhiye Liu

**LisPi** @lispi314@mastodon.top · Apr 23, 2023

Apr 23, 2023

LisPi @lispi314@mastodon.top

Regarding #hardware #reuse, I'm wondering about the #security consequences of using CPUs that no longer receive #microcode updates.

Does #Linux (and #QubesOS) have the ability to apply security mitigations even when upstream stops supporting those CPUs actively?

I was thinking of setting up a new server and some older used/refurbished hardware gets pretty cheap.

#Infosec #Question

Recent searches

Search options

Administered by:

Server stats:

#microcode