Approve the Cookies
This website uses cookies to improve your user experience. By using this site, you agree to our use of cookies. Read More.
OK
Index  •   • New posts  •   • RTAT  •   • 'Best of'  •   • Gallery  •   • Gear  •   • Reviews
Guest
New posts  •   • RTAT  •   • 'Best of'  •   • Gallery  •   • Gear  •   • Reviews
Register to forums    Log in

 
FORUMS General Gear Talk Computers 
Thread started 05 Jan 2018 (Friday) 11:16
Search threadPrev/next
sponsored links
(this ad will go away when you log in as a registered member)

Computer Meltdown Apocalypse?

 
Pinto
Goldmember
Avatar
3,067 posts
Gallery: 2 photos
Likes: 237
Joined Jan 2005
Location: Idaho
Post edited 3 months ago by Pinto.
     
Jan 05, 2018 11:16 |  #1

Do any of you knowledge folks have inside information about what the current computer crisis means to us mere mortals?
I'm about to pull the trigger on a new system but this obviously puts the brakes on.

I'm surprised the major manufactures haven't issued statement trying to save their business.

In case some haven't seen the news:

COMPANIES WARNED TO REPLACE ALL COMPUTER HARDWARE OR RISK 'SPECTRE' ATTACK...
Rush to Contain Fallout...

http://money.cnn.com …-flaw-security/index.html (external link)




  
  LOG IN TO REPLY
sponsored links
(this ad will go away when you log in as a registered member)
davesrose
Title Fairy still hasn't visited me!
3,216 posts
Likes: 355
Joined Apr 2007
Location: Atlanta, GA
     
Jan 05, 2018 12:38 |  #2

Every so often, news sources latch on to findings of a "major" OS or hardware vulnerability (that are found from computer analysts, usually submitting for a prize in computer security competitions) . This vulnerability is present in many devices, since it exploits processors that do out of order execution (circa 1995): so it's not an evident vulnerability. Also, since it's a possible processor exploitation, computer brands, then, aren't responsible. News sources like CNN will sensationalize computer vulnerabilities: big ones like this making it appear we're all under attack already. At this point, there hasn't been a confirmed instance of a meltdown or spectre virus, and usually news sources are responsible enough that they won't give away so much description as to let malicious hackers know how to write viruses. It seems a bit early to know how patches will work: if they're guessing software patches may slow processes anywhere from 0-30%.

Meltdown and Spectre (external link)


Canon 5D mk III , 7D mk II
EF 135mm 2.0L, EF 70-200mm 2.8L IS II, EF 24-70 2.8L II, EF 50mm 1.4, EF 100mm 2.8L Macro, EF 16-35mm 4L IS, Sigma 150-600mm C, 580EX, 600EX-RT, MeFoto Globetrotter tripod, grips, Black Rapid RS-7, CAMS plate and strap system, Lowepro Flipside 500 AW, and a few other things...
smugmug (external link)

  
  LOG IN TO REPLY
Pinto
THREAD ­ STARTER
Goldmember
Avatar
3,067 posts
Gallery: 2 photos
Likes: 237
Joined Jan 2005
Location: Idaho
     
Jan 05, 2018 12:51 |  #3

davesrose wrote in post #18534128 (external link)
Every so often, news sources latch on to findings of a "major" OS or hardware vulnerability (that are found from computer analysts, usually submitting for a prize in computer security competitions) . This vulnerability is present in many devices, since it exploits processors that do out of order execution (circa 1995): so it's not an evident vulnerability. Also, since it's a possible processor exploitation, computer brands, then, aren't responsible. News sources like CNN will sensationalize computer vulnerabilities: big ones like this making it appear we're all under attack already. At this point, there hasn't been a confirmed instance of a meltdown or spectre virus, and usually news sources are responsible enough that they won't give away so much description as to let malicious hackers know how to write viruses. It seems a bit early to know how patches will work: if they're guessing software patches may slow processes anywhere from 0-30%.

Meltdown and Spectre (external link)

So I guess we just wait and see what happens. Would you agree that any new system purchases should be put on hold until this gets sorted out?




  
  LOG IN TO REPLY
joedlh
Cream of the Crop
Avatar
5,224 posts
Gallery: 30 photos
Likes: 373
Joined Dec 2007
Location: Long Island, NY, N. America, Sol III, Orion Spur, Milky Way, Local Group, Virgo Cluster, Laniakea.
     
Jan 05, 2018 14:04 |  #4

Pinto wrote in post #18534145 (external link)
So I guess we just wait and see what happens. Would you agree that any new system purchases should be put on hold until this gets sorted out?

Well, you see the problem is already present in the computer that you own. One of the faults is extremely difficult to exploit. The other has its most serious impact on cloud servers. It might be wise to keep critical data out of that. Your personal PC is vulnerable, but offers little bang for the buck to malicious hackers. Plus they have to get into it in the normal way: by downloading malicious code onto it. If you're careful about where you click you're protecting yourself. As for waiting for a safe CPU, I don't think that's going to happen too quickly. The hardware needs to be redesigned. That takes time. The vulnerability goes back to day 1; it's intrinsic to the design of all CPUs.


Joe
Gear: Kodak Instamatic, Polaroid Swinger. Oh you meant gear now. :rolleyes:
http://photo.joedlh.ne​t (external link)
Editing ok

  
  LOG IN TO REPLY
davesrose
Title Fairy still hasn't visited me!
3,216 posts
Likes: 355
Joined Apr 2007
Location: Atlanta, GA
Post edited 3 months ago by davesrose. (2 edits in all)
     
Jan 05, 2018 14:11 as a reply to  @ Pinto's post |  #5

There are already software patches being developed for internet browsers, operating systems, and malware scanners. Looks like Apple is getting the most backlash and has issued statements that they're already working on fixes with Safari (Google and Mozilla are working on patches for their software in iOS). Apple Watch is apparently already immune. Microsoft has stated they will be including patches for PC Windows (and the latest Linux has already been patched). Things will happen in stages for closing all the vulnerabilities: but the odds of getting a virus on your PC are getting smaller. There's some indication that there's more concern with cloud servers (Amazon has announced their resolution in addressing these exploits). Intel hasn't announced any plans for changing their hardware, so it's uncertain if there will be hardware fixes or if this is purely going to be handled with software. Other vulnerabilities the news has covered tended to have a big wave of doom and gloom over millions of computers being vulnerable (with no knowledge of how many had actually been exploited), and then there's no coverage over which software upgrades address those vulnerabilities. If you have found a particular deal on a computer, I would go ahead and get it. Indications are that patches will be software based and since these vulnerabilities effect most computer devices, there's impetuous to have patches.


Canon 5D mk III , 7D mk II
EF 135mm 2.0L, EF 70-200mm 2.8L IS II, EF 24-70 2.8L II, EF 50mm 1.4, EF 100mm 2.8L Macro, EF 16-35mm 4L IS, Sigma 150-600mm C, 580EX, 600EX-RT, MeFoto Globetrotter tripod, grips, Black Rapid RS-7, CAMS plate and strap system, Lowepro Flipside 500 AW, and a few other things...
smugmug (external link)

  
  LOG IN TO REPLY
Pinto
THREAD ­ STARTER
Goldmember
Avatar
3,067 posts
Gallery: 2 photos
Likes: 237
Joined Jan 2005
Location: Idaho
     
Jan 05, 2018 14:34 |  #6

Thank you. Now I feel a little better about going ahead. It will be an editing machine and not on-line much so I guess that helps minimize risk.




  
  LOG IN TO REPLY
virre
Member
98 posts
Gallery: 5 photos
Likes: 30
Joined Mar 2011
Location: Tensta, Stockholm, Sweden
     
Jan 06, 2018 15:32 |  #7

Why the overall information provided here seems good. One of the issues with some of the patches for this problem is that it might have some impact of performance. (I seen quite a few different numbers but those where for servers).

It is important to apply security patches too whatever operating system you are using, so you are not running old unpatched software.


Photoblog closed, photos now on flickr http://www.flickr.com/​photos/virre (external link)
Lenstag verified gear (external link)

  
  LOG IN TO REPLY
MalVeauX
"Looks rough and well used"
Avatar
12,595 posts
Gallery: 1063 photos
Best ofs: 2
Likes: 7733
Joined Feb 2013
Location: Florida
     
Jan 06, 2018 16:37 |  #8

Don't install social-media-app-games.
Don't click links in emails, at all.
Don't install "free" software that doesn't come from an extremely reputable source.
Don't follow junk links on the web or click ads and have your browser security cranked up a little to avoid auto-accept stuff (like cookies).

That will solve 99% of any issue before it even begins.

If using Windows, just using their Essentials and keeping updates on your OS up to date will take care of most obvious exploits.

As for an EMP-like attack from a solar CME, the last modern recorded one that was serious happened in 1989 and knocked out a big part of Canada. Today, using a physical hard drive, your power would go out, but the case and the shell around your HDD would actually protect it for the most part from even a serious pulse. Your SSD if exposed would probably lose information. If something like this truly seriously happened and was powerful enough to go through the case & HDD cage to destroy data on a physical HDD, you have bigger problems.

Very best,


My Flickr (external link) :: My Astrobin (external link)

  
  LOG IN TO REPLY
davinci953
Member
195 posts
Likes: 44
Joined Dec 2011
     
Jan 06, 2018 17:47 as a reply to  @ MalVeauX's post |  #9

Martin is absolutely correct. Keeping any malware off the system in the first place is a best practice. From what I've read about the chip flaws, it doesn't sound like the flaws are easy to exploit, but I'm sure there are going to be attempts to do so. I'm holding off on any of the recent Windows OS patches that mitigate the flaw. There are too many reports of BSODs after the patch is installed. This patch is a kernel level patch and usually not for the faint of heart. ;-)a




  
  LOG IN TO REPLY
ETS
Senior Member
Avatar
660 posts
Gallery: 18 photos
Best ofs: 1
Likes: 226
Joined Jan 2008
Location: Cocoa, Florida
     
Jan 06, 2018 20:20 |  #10

I disagree. They are misleading people in reporting the problem as chip flaws. They are flaws in human nature. People who get an ego boost by hacking into computers and destroying or stealing other peoples data. Re-designing the chips would just lead hackers to find new ways.


Fuji X-T2,5D MKII,Rebel XTi
17-40L, 70-200 F4L, 400mm F5.6L, 100mm F2.8L, Sigma 35mm f1.4 Art
580 EX II

  
  LOG IN TO REPLY
davesrose
Title Fairy still hasn't visited me!
3,216 posts
Likes: 355
Joined Apr 2007
Location: Atlanta, GA
     
Jan 07, 2018 10:12 |  #11

A note about Windows updates. The last widespread reports of blue screen of deaths from a Windows update was early October of last year (KB4041676 and 4041691). To prevent BSODs of current meltdown/spectre updates, Windows won't install the update if your 3rd party anti-virus program doesn't have a particular registry key (so as not to cause conflicts). Many of the 3rd party anti-virus companies have already enabled the key, and have meltdown/spectre patches of their own.

How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws (external link)

How to check if your AV is blocking Microsoft patch (external link)


Canon 5D mk III , 7D mk II
EF 135mm 2.0L, EF 70-200mm 2.8L IS II, EF 24-70 2.8L II, EF 50mm 1.4, EF 100mm 2.8L Macro, EF 16-35mm 4L IS, Sigma 150-600mm C, 580EX, 600EX-RT, MeFoto Globetrotter tripod, grips, Black Rapid RS-7, CAMS plate and strap system, Lowepro Flipside 500 AW, and a few other things...
smugmug (external link)

  
  LOG IN TO REPLY
superclarkey
Member
208 posts
Likes: 5
Joined Apr 2012
Location: United Kingdom
     
Jan 07, 2018 12:04 |  #12

I've been watching this memory kernel thing closely and I'm a bit worried myself about the slow down aspect, I mean I didn't spend money to upgrade to the latest iMac fully spec'ed to take a hit on performance. They say Apple already addressed the issue with the security update in December, however some others are saying its in the update 10.13.2, my question is my editing computer is offline (i.e not connected to the network or internet) should I just not update the system to 10.13.2 and leave it running the current version to keep some performance in the computer?

The CEO of intel dumped his stocks last year, you have to wonder how long they have actually known about the issue and not mentioned it...


Canon EOS 5D mk IV
Canon 24-70mm ƒ/2.8L USM mk II
Canon 70-200mm ƒ/2.8L USM IS mk II

  
  LOG IN TO REPLY
davesrose
Title Fairy still hasn't visited me!
3,216 posts
Likes: 355
Joined Apr 2007
Location: Atlanta, GA
     
Jan 07, 2018 12:41 |  #13

It was Google that found the vulnerabilities last year. The vulnerabilities also are in other brand processors (such as AMD and ARM), and from processors manufactured after 1995. Publicity of this vulnerability was trying to be kept under wraps so that malicious hackers wouldn't know of these vulnerabilities. Google and other companies were hoping publicity would come out later then it has, so that there'd be full patch implementations across the board. But companies are now focusing on developing software patches. I've kept my PCs up to date, and don't see any slow downs. The word is that newer computers are less likely to have slowdowns with the latest OS updates, but full fixes may require chip-set and bios updates. I keep my editing workstations online to stay up to date and have the most recent anti-virus tables. If your computer is offline, your computer is still vulnerable if there's a stray virus that's on whatever removable storage. I've also read people saying they have to re-install Windows every few years. Since Windows XP, I've never had to re-install Windows because of slow-downs. I regularly do anti-virus and malware scans, as well as checking for any bloatware.


Canon 5D mk III , 7D mk II
EF 135mm 2.0L, EF 70-200mm 2.8L IS II, EF 24-70 2.8L II, EF 50mm 1.4, EF 100mm 2.8L Macro, EF 16-35mm 4L IS, Sigma 150-600mm C, 580EX, 600EX-RT, MeFoto Globetrotter tripod, grips, Black Rapid RS-7, CAMS plate and strap system, Lowepro Flipside 500 AW, and a few other things...
smugmug (external link)

  
  LOG IN TO REPLY
davinci953
Member
195 posts
Likes: 44
Joined Dec 2011
     
Jan 07, 2018 12:43 |  #14

davesrose wrote in post #18535534 (external link)
A note about Windows updates. The last widespread reports of blue screen of deaths from a Windows update was early October of last year (KB4041676 and 4041691).

The latest BSOD reports are from a couple days ago after installing the Meltdown patch.

https://social.technet​.microsoft.com …ue-screen-after-kb4056894 (external link)

https://answers.micros​oft.com …-9cef-727fcdd4cd56?auth=1 (external link)




  
  LOG IN TO REPLY
davesrose
Title Fairy still hasn't visited me!
3,216 posts
Likes: 355
Joined Apr 2007
Location: Atlanta, GA
     
Jan 07, 2018 12:51 as a reply to  @ davinci953's post |  #15

Those are only a few isolated incidents. The latest patches to reach the news has been October 2017 (KB4041676 and 4041691). My own anecdotal evidence is that I've had no issues with the latest Microsoft updates.


Canon 5D mk III , 7D mk II
EF 135mm 2.0L, EF 70-200mm 2.8L IS II, EF 24-70 2.8L II, EF 50mm 1.4, EF 100mm 2.8L Macro, EF 16-35mm 4L IS, Sigma 150-600mm C, 580EX, 600EX-RT, MeFoto Globetrotter tripod, grips, Black Rapid RS-7, CAMS plate and strap system, Lowepro Flipside 500 AW, and a few other things...
smugmug (external link)

  
  LOG IN TO REPLY
sponsored links
(this ad will go away when you log in as a registered member)

1,070 views & 3 likes for this thread
Computer Meltdown Apocalypse?
FORUMS General Gear Talk Computers 
AAA
x 1600
y 1600

Jump to forum...   •  Rules   •  Index   •  New posts   •  RTAT   •  'Best of'   •  Gallery   •  Gear   •  Reviews   •  Member list   •  Polls   •  Image rules   •  Search   •  Password reset

Not a member yet?
Registered members may log in to forums and access all the features: full search, image upload, follow forums, own gear list and ratings, likes, more forums, private messaging, thread follow, notifications, own gallery, all settings, view hosted photos, own reviews, see more and do more... and all is free. Don't be a stranger - register now and start posting!


COOKIES DISCLAIMER: This website uses cookies to improve your user experience. By using this site, you agree to our use of cookies and to our privacy policy.
Privacy policy and cookie usage info.


POWERED BY AMASS forum software 2.0forum software
version 2.0 /
code and design
by Pekka Saarinen ©
for photography-on-the.net

Latest registered member is mason.snipes
593 guests, 328 members online
Simultaneous users record so far is 6430, that happened on Dec 03, 2017

Photography-on-the.net Digital Photography Forums is the website for photographers and all who love great photos, camera and post processing techniques, gear talk, discussion and sharing. Professionals, hobbyists, newbies and those who don't even own a camera -- all are welcome regardless of skill, favourite brand, gear, gender or age. Registering and usage is free.