Approve the Cookies
This website uses cookies to improve your user experience. By using this site, you agree to our use of cookies. Read More.
OK
Index  •   • New posts  •   • RTAT  •   • 'Best of'  •   • Gallery  •   • Gear  •   • Reviews
New posts  •   • RTAT  •   • 'Best of'  •   • Gallery  •   • Gear  •   • Reviews
Register to forums    Log in

 
FORUMS General Gear Talk Computers
Thread started 05 Jan 2018 (Friday) 11:16
Prev/next
sponsored links
(this ad will go away when you log in as registered member)

Computer Meltdown Apocalypse?

 
Pinto
Goldmember
Pinto's Avatar
Joined Jan 2005
Idaho
Post has been edited 15 days ago by Pinto.
Jan 05, 2018 11:16 |  #1

Do any of you knowledge folks have inside information about what the current computer crisis means to us mere mortals?
I'm about to pull the trigger on a new system but this obviously puts the brakes on.

I'm surprised the major manufactures haven't issued statement trying to save their business.

In case some haven't seen the news:

COMPANIES WARNED TO REPLACE ALL COMPUTER HARDWARE OR RISK 'SPECTRE' ATTACK...
Rush to Contain Fallout...

http://money.cnn.com ...-flaw-security/index.html (external link)




LOG IN TO REPLY
sponsored links
(this ad will go away when you log in as registered member)
davesrose
Title Fairy still hasn't visited me!
3,034 posts
Joined Apr 2007
Atlanta, GA
Jan 05, 2018 12:38 |  #2

Every so often, news sources latch on to findings of a "major" OS or hardware vulnerability (that are found from computer analysts, usually submitting for a prize in computer security competitions) . This vulnerability is present in many devices, since it exploits processors that do out of order execution (circa 1995): so it's not an evident vulnerability. Also, since it's a possible processor exploitation, computer brands, then, aren't responsible. News sources like CNN will sensationalize computer vulnerabilities: big ones like this making it appear we're all under attack already. At this point, there hasn't been a confirmed instance of a meltdown or spectre virus, and usually news sources are responsible enough that they won't give away so much description as to let malicious hackers know how to write viruses. It seems a bit early to know how patches will work: if they're guessing software patches may slow processes anywhere from 0-30%.

Meltdown and Spectre (external link)


Canon 5D mk III , 7D mk II
EF 135mm 2.0L, EF 70-200mm 2.8L IS II, EF 24-70 2.8L II, EF 50mm 1.4, EF 100mm 2.8L Macro, EF 16-35mm 4L IS, Sigma 150-600mm C, 580EX, 600EX-RT, MeFoto Globetrotter tripod, grips, Black Rapid RS-7, CAMS plate and strap system, Lowepro Flipside 500 AW, and a few other things...
smugmug (external link)

LOG IN TO REPLY
Pinto
THREAD ­ STARTER
Goldmember
Pinto's Avatar
Joined Jan 2005
Idaho
Jan 05, 2018 12:51 |  #3

davesrose wrote in post #18534128 (external link)
Every so often, news sources latch on to findings of a "major" OS or hardware vulnerability (that are found from computer analysts, usually submitting for a prize in computer security competitions) . This vulnerability is present in many devices, since it exploits processors that do out of order execution (circa 1995): so it's not an evident vulnerability. Also, since it's a possible processor exploitation, computer brands, then, aren't responsible. News sources like CNN will sensationalize computer vulnerabilities: big ones like this making it appear we're all under attack already. At this point, there hasn't been a confirmed instance of a meltdown or spectre virus, and usually news sources are responsible enough that they won't give away so much description as to let malicious hackers know how to write viruses. It seems a bit early to know how patches will work: if they're guessing software patches may slow processes anywhere from 0-30%.

Meltdown and Spectre (external link)

So I guess we just wait and see what happens. Would you agree that any new system purchases should be put on hold until this gets sorted out?




LOG IN TO REPLY
joedlh
Cream of the Crop
joedlh's Avatar
Joined Dec 2007
Long Island, NY, N. America, Sol III, Orion Spur, Milky Way, Local Group, Virgo Cluster, Laniakea.
Jan 05, 2018 14:04 |  #4

Pinto wrote in post #18534145 (external link)
So I guess we just wait and see what happens. Would you agree that any new system purchases should be put on hold until this gets sorted out?

Well, you see the problem is already present in the computer that you own. One of the faults is extremely difficult to exploit. The other has its most serious impact on cloud servers. It might be wise to keep critical data out of that. Your personal PC is vulnerable, but offers little bang for the buck to malicious hackers. Plus they have to get into it in the normal way: by downloading malicious code onto it. If you're careful about where you click you're protecting yourself. As for waiting for a safe CPU, I don't think that's going to happen too quickly. The hardware needs to be redesigned. That takes time. The vulnerability goes back to day 1; it's intrinsic to the design of all CPUs.


Joe
Gear: Kodak Instamatic, Polaroid Swinger. Oh you meant gear now. :rolleyes:
http://photo.joedlh.ne​texternal link
Editing ok

LOG IN TO REPLY
davesrose
Title Fairy still hasn't visited me!
3,034 posts
Joined Apr 2007
Atlanta, GA
Post has been last edited 15 days ago by davesrose. 2 edits done in total.
Jan 05, 2018 14:11 as a reply to Pinto's post |  #5

There are already software patches being developed for internet browsers, operating systems, and malware scanners. Looks like Apple is getting the most backlash and has issued statements that they're already working on fixes with Safari (Google and Mozilla are working on patches for their software in iOS). Apple Watch is apparently already immune. Microsoft has stated they will be including patches for PC Windows (and the latest Linux has already been patched). Things will happen in stages for closing all the vulnerabilities: but the odds of getting a virus on your PC are getting smaller. There's some indication that there's more concern with cloud servers (Amazon has announced their resolution in addressing these exploits). Intel hasn't announced any plans for changing their hardware, so it's uncertain if there will be hardware fixes or if this is purely going to be handled with software. Other vulnerabilities the news has covered tended to have a big wave of doom and gloom over millions of computers being vulnerable (with no knowledge of how many had actually been exploited), and then there's no coverage over which software upgrades address those vulnerabilities. If you have found a particular deal on a computer, I would go ahead and get it. Indications are that patches will be software based and since these vulnerabilities effect most computer devices, there's impetuous to have patches.


Canon 5D mk III , 7D mk II
EF 135mm 2.0L, EF 70-200mm 2.8L IS II, EF 24-70 2.8L II, EF 50mm 1.4, EF 100mm 2.8L Macro, EF 16-35mm 4L IS, Sigma 150-600mm C, 580EX, 600EX-RT, MeFoto Globetrotter tripod, grips, Black Rapid RS-7, CAMS plate and strap system, Lowepro Flipside 500 AW, and a few other things...
smugmug (external link)

LOG IN TO REPLY
Pinto
THREAD ­ STARTER
Goldmember
Pinto's Avatar
Joined Jan 2005
Idaho
Jan 05, 2018 14:34 |  #6

Thank you. Now I feel a little better about going ahead. It will be an editing machine and not on-line much so I guess that helps minimize risk.




LOG IN TO REPLY
virre
Member
Joined Mar 2011
Tensta, Stockholm, Sweden
Jan 06, 2018 15:32 |  #7

Why the overall information provided here seems good. One of the issues with some of the patches for this problem is that it might have some impact of performance. (I seen quite a few different numbers but those where for servers).

It is important to apply security patches too whatever operating system you are using, so you are not running old unpatched software.


Photoblog closed, photos now on flickr http://www.flickr.com/​photos/virreexternal link
Lenstag verified gearexternal link

LOG IN TO REPLY
MalVeauX
"Looks rough and well used"
MalVeauX's Avatar
Joined Feb 2013
Florida
Jan 06, 2018 16:37 |  #8

Don't install social-media-app-games.
Don't click links in emails, at all.
Don't install "free" software that doesn't come from an extremely reputable source.
Don't follow junk links on the web or click ads and have your browser security cranked up a little to avoid auto-accept stuff (like cookies).

That will solve 99% of any issue before it even begins.

If using Windows, just using their Essentials and keeping updates on your OS up to date will take care of most obvious exploits.

As for an EMP-like attack from a solar CME, the last modern recorded one that was serious happened in 1989 and knocked out a big part of Canada. Today, using a physical hard drive, your power would go out, but the case and the shell around your HDD would actually protect it for the most part from even a serious pulse. Your SSD if exposed would probably lose information. If something like this truly seriously happened and was powerful enough to go through the case & HDD cage to destroy data on a physical HDD, you have bigger problems.

Very best,


My Flickr (external link) :: My Astrobin (external link)

LOG IN TO REPLY
davinci953
Member
191 posts
Joined Dec 2011
Jan 06, 2018 17:47 as a reply to MalVeauX's post |  #9

Martin is absolutely correct. Keeping any malware off the system in the first place is a best practice. From what I've read about the chip flaws, it doesn't sound like the flaws are easy to exploit, but I'm sure there are going to be attempts to do so. I'm holding off on any of the recent Windows OS patches that mitigate the flaw. There are too many reports of BSODs after the patch is installed. This patch is a kernel level patch and usually not for the faint of heart. ;-)a




LOG IN TO REPLY
ETS
Senior Member
ETS's Avatar
Joined Jan 2008
Cocoa, Florida
Jan 06, 2018 20:20 |  #10

I disagree. They are misleading people in reporting the problem as chip flaws. They are flaws in human nature. People who get an ego boost by hacking into computers and destroying or stealing other peoples data. Re-designing the chips would just lead hackers to find new ways.


Fuji X-T2,5D MKII,Rebel XTi
17-40L, 70-200 F4L, 400mm F5.6L, 100mm F2.8L, Sigma 35mm f1.4 Art
580 EX II

LOG IN TO REPLY
davesrose
Title Fairy still hasn't visited me!
3,034 posts
Joined Apr 2007
Atlanta, GA
Jan 07, 2018 10:12 |  #11

A note about Windows updates. The last widespread reports of blue screen of deaths from a Windows update was early October of last year (KB4041676 and 4041691). To prevent BSODs of current meltdown/spectre updates, Windows won't install the update if your 3rd party anti-virus program doesn't have a particular registry key (so as not to cause conflicts). Many of the 3rd party anti-virus companies have already enabled the key, and have meltdown/spectre patches of their own.

How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws (external link)

How to check if your AV is blocking Microsoft patch (external link)


Canon 5D mk III , 7D mk II
EF 135mm 2.0L, EF 70-200mm 2.8L IS II, EF 24-70 2.8L II, EF 50mm 1.4, EF 100mm 2.8L Macro, EF 16-35mm 4L IS, Sigma 150-600mm C, 580EX, 600EX-RT, MeFoto Globetrotter tripod, grips, Black Rapid RS-7, CAMS plate and strap system, Lowepro Flipside 500 AW, and a few other things...
smugmug (external link)

LOG IN TO REPLY
superclarkey
Member
208 posts
Joined Apr 2012
United Kingdom
Jan 07, 2018 12:04 |  #12

I've been watching this memory kernel thing closely and I'm a bit worried myself about the slow down aspect, I mean I didn't spend money to upgrade to the latest iMac fully spec'ed to take a hit on performance. They say Apple already addressed the issue with the security update in December, however some others are saying its in the update 10.13.2, my question is my editing computer is offline (i.e not connected to the network or internet) should I just not update the system to 10.13.2 and leave it running the current version to keep some performance in the computer?

The CEO of intel dumped his stocks last year, you have to wonder how long they have actually known about the issue and not mentioned it...


Canon EOS 5D mk IV
Canon 24-70mm ƒ/2.8L USM mk II
Canon 70-200mm ƒ/2.8L USM IS mk II

LOG IN TO REPLY
davesrose
Title Fairy still hasn't visited me!
3,034 posts
Joined Apr 2007
Atlanta, GA
Jan 07, 2018 12:41 |  #13

It was Google that found the vulnerabilities last year. The vulnerabilities also are in other brand processors (such as AMD and ARM), and from processors manufactured after 1995. Publicity of this vulnerability was trying to be kept under wraps so that malicious hackers wouldn't know of these vulnerabilities. Google and other companies were hoping publicity would come out later then it has, so that there'd be full patch implementations across the board. But companies are now focusing on developing software patches. I've kept my PCs up to date, and don't see any slow downs. The word is that newer computers are less likely to have slowdowns with the latest OS updates, but full fixes may require chip-set and bios updates. I keep my editing workstations online to stay up to date and have the most recent anti-virus tables. If your computer is offline, your computer is still vulnerable if there's a stray virus that's on whatever removable storage. I've also read people saying they have to re-install Windows every few years. Since Windows XP, I've never had to re-install Windows because of slow-downs. I regularly do anti-virus and malware scans, as well as checking for any bloatware.


Canon 5D mk III , 7D mk II
EF 135mm 2.0L, EF 70-200mm 2.8L IS II, EF 24-70 2.8L II, EF 50mm 1.4, EF 100mm 2.8L Macro, EF 16-35mm 4L IS, Sigma 150-600mm C, 580EX, 600EX-RT, MeFoto Globetrotter tripod, grips, Black Rapid RS-7, CAMS plate and strap system, Lowepro Flipside 500 AW, and a few other things...
smugmug (external link)

LOG IN TO REPLY
davinci953
Member
191 posts
Joined Dec 2011
Jan 07, 2018 12:43 |  #14

davesrose wrote in post #18535534 (external link)
A note about Windows updates. The last widespread reports of blue screen of deaths from a Windows update was early October of last year (KB4041676 and 4041691).

The latest BSOD reports are from a couple days ago after installing the Meltdown patch.

https://social.technet​.microsoft.com ...ue-screen-after-kb4056894 (external link)

https://answers.micros​oft.com ...-9cef-727fcdd4cd56?auth=1 (external link)




LOG IN TO REPLY
davesrose
Title Fairy still hasn't visited me!
3,034 posts
Joined Apr 2007
Atlanta, GA
Jan 07, 2018 12:51 as a reply to davinci953's post |  #15

Those are only a few isolated incidents. The latest patches to reach the news has been October 2017 (KB4041676 and 4041691). My own anecdotal evidence is that I've had no issues with the latest Microsoft updates.


Canon 5D mk III , 7D mk II
EF 135mm 2.0L, EF 70-200mm 2.8L IS II, EF 24-70 2.8L II, EF 50mm 1.4, EF 100mm 2.8L Macro, EF 16-35mm 4L IS, Sigma 150-600mm C, 580EX, 600EX-RT, MeFoto Globetrotter tripod, grips, Black Rapid RS-7, CAMS plate and strap system, Lowepro Flipside 500 AW, and a few other things...
smugmug (external link)

LOG IN TO REPLY
sponsored links
(this ad will go away when you log in as registered member)

623 views & 3 likes for this thread
Computer Meltdown Apocalypse?
FORUMS General Gear Talk Computers


Not a member yet? Click here to register to the forums.
Registered members get all the features: search, following threads, own gear list and ratings, likes, more forums, private messaging, thread follow, notifications, own gallery, settings, view hosted photos, own reviews and more...


AAA

Send feedback to staff    •   Jump to forum...    •   Rules    •   Index    •   New posts    •   RTAT    •   'Best of'    •   Gallery    •   Gear    •   Reviews    •   Polls

COOKIES DISCLAIMER: This website uses cookies to improve your user experience. By using this site, you agree to our use of cookies. Privacy policy and cookie usage info.

POWERED BY AMASS 1.4version 1.4
made in Finland
by Pekka Saarinen
for photography-on-the.net
Spent 0.00086 for 4 database queries.
PAGE COMPLETED IN 0.03s
Latest registered member is Pbarrow
808 guests, 390 members online
Simultaneous users record so far is 6430, that happened on Dec 03, 2017