Turn mitigations off. It's all FUD

Not one. single. attack. has been reported in the wild ever. You can't just get owned, you need to stage the entire attack and know a ton of background info.

Attached: 1557874293060.jpg (728x380, 40K)

Other urls found in this thread:

make-linux-fast-again.com/
twitter.com/NSFWRedditGif

make-linux-fast-again.com/

I added everything on this list and noticed 20% improvement on benchmarks on a core2 duo.
Mitigations are a scam.

If it doesn't matter then Intel wouldn't have pushed these performance reducing patches when they pride themselves on single digit percent gains over amd.

so intel scammed itself from a scam?

LMAO

Really? Imagine running someone's code only to have it steal your credit card information from another process.

OP works for Intel.

can you please show us anywhere that has happened that wasn't proof of concept work?

>why patch a serious exploitable bug preemptively when you can wait for it to be exploited and cause actual serious harm

Reminder for Winfags that after using InSpectre to disable mitigations make sure to downgrade your microcode too (download an older version of mcupdate_GenuineIntel.dll), the microcode patches are just as bad for performance as the mitigations.

Attached: screenshot.png (492x387, 13K)

AMD didn't patch thier processors because they know stealing credit card/banking details of AMD product owners is worthless.

Deja vu. I could swear I've seen this exact to the letter thread before.

Elaborate.

Then why not just buy a pentium II which doesn't have intel ME or similar?

any software not cancer has patched against any exploits known via scripting or the attacker needs physical access to the machine.
amd's attitude toward security is more of a farce than how intel handles it but they learnt a lot from intel. both companies will sit on known exploits for ages until they're exposed to the public.

that faggot can't provide any proof. imagine asking for proof from street shitting communists? lmao. these faggots still use windows 98 on pentium 4s.

>linux
>known for security
>op wants security disabled
kek

> intel - has management engine
> amd - has platform security processor (same shit as intel's, slightly different smell)
wow. you have a lot of choices there, faggot.

Because I am a corporation who needs a modern cpu with remote management capabilities.

>You can't just get owned, you need to stage the entire attack and know a ton of background info.
And now? What's your point?
Also you haven't even provided a source for this.

I'm waiting for a RISC-V CPU.

Do you even know how these exploits work? have you read a single publication? Or do you blindly gimp you CPU because some AMD fearmongers said so?

t. glows in the dark

t. schizo

Protip: Companies and governments that get attacked keep that shit QUIET.

Besides, you don't understand cloud computing at all.

Are you a cloud provider? No? Then shut the fuck up.

Good luck being a cloud provider and leaving them off. A client gets owned because they're dumb and they fucking sue you for leaving your server's ass hanging in the wind. And you can't prove it wasn't so you get fucked and your entire business dies. Great, thanks.

>no attacks today
>disable mitigations they don't do anything
>get pwned tomorrow
>how is this happening!?

there's certainly no reason for PCs to use the mitigations

See
Just use lawyerspeak in the EULA to make clients waiver their expectations of flawless privacy.

By reading this post you agree to my EULA:
EULA: By not killing yourself you are breaking the EULA.

>By reading this post you agree
Stopped reading right there.

vulnerabilities are vulnerabilities
but it's true, this was only an issue for *aaS and not an issue for consumers to have to worry about

it's still extremely valid in the infrastructure space though

Theoretically these types of vulnerabilities can be exploited through javascript payloads. Realistically though nobody is going to spend time randomly looking for secret keys on your uncle's pornhub cruisin' machine when there's much more worthwhile targets.

and the sky is blue

Well of course. This kind of retardation happens all the time on Jow Forums. I can't fathom why in the everloving fuck would people even go through these hoops just for a slight bump in fps when they can't even tell shit past a certain point.

Attached: Screenshot from 2019-08-28 17-00-49.png (1113x1331, 379K)

I knew it, second top to bottom, that's me. 10th august.

Actually, he's a cracker who wants to clown punk motherfuckers into making it easier for him to steal all their personal info. He knows Jow Forums is full of gaming retards who don't understand why these patches were issued in the first place.

the last CPU w/o a ME/PSP is the AMD FX line, so the best thing you can do is get a 8350 and surf the web /work on that thing (wich it can do just fine)

Intel's architecture is full of holes. It doesn't matter how little performance is lost or how many reported attacks. Intel CPU's are fundamentally flawed and exploitation and performance losses will keep piling up. I would not buy anything but Zen or ARM CPU it's not worth the constant headache everytime a new vuln is found on Intel.

Oh yes, it's all FUD, Intel just likes decreasing performance on their entire product stack for no reason. They just want fewer people to buy their stuff, makes sense. For sure.

First, it isn't just the NSA and Intel that I'm worried about, but to also protect credit cards and other payment/legal shit from fucking criminals. I don't want to panhandle. Security fixes on a Intel ME-infested mess is still better than no security fixes on a Intel-ME infested mess.

Second, you forgot Core 2 and Piledriver. You don't need a fucking pentium 2.

And don't realize that these fixes won't affect their precious gaems unless they're a fucking peasant like me where they have a quad-core pre-Coffee i7. :(

You're just baiting poor fuckers into your ruse. Why would Intel shoot themselves in the foot with performance loss? I'd rather install gentoo then even turn on smt on my Void install.

noibrs noibpb nopti nospectre_v2 nospectre_v1 l1tf=off nospec_store_bypass_disable no_stf_barrier mds=off mitigations=off
where do i put this?

Attached: glowing.png (778x773, 587K)

On by default is the safe route for Intel. You can't say they didn't provide a fix for their securify flaw. They've put a trigger lock on your proverbial gun and handed you the key. Not their fault if you take the lock off and wind up shooting yourself in the face.

My company evaluated the risks of keeping the mitigations enabled and decided to turn them all off.

It works to leak kernel memory from neighbor VMs, so don't disable spectre mitig if you're VPS host. On desktop, executing spectre from strandard JS jits to leak kernel memory is not practical - you can relatively easily leak the sandbox process memory, but there's nothing interesting in there.

How's the weather in Tel Aviv, Intel user?

It's like you're trying to clown some fools, glowie. I don't think it will work at all, even the Jow Forumsdditor tourists aren't that stupid.

just use a real architecture like powerpc
-this was posted on a powermac g4

>mentioning a powerpc computer
>in Jow Forums
i hope the spamautist doesn't find this thread

Your company is going to get buttfucked by chinks and russkies once they get their hands on/develop tools to exploit these vulns.

ITODDLER

Nope, you need local access to exploit these vulns. We turned the mitigations off on our servers. If anyone has local access to those we're already fucked anyway.

in the trash, with your processor.

niggerniggerniggerniggerniggerniggerniggerniggerniggerniggerniggerniggerniggerniggerniggerniggerniggerniggerniggernigger

amd processors aren't vulnerable

Like a simple local account?

Also servers get data too, not just send it.

Yes, any simple local account will work for carrying out one of these types of attacks. Root privs are not needed. Access to our servers is highly restricted and audited.

Sure, servers get data. They don't execute arbitrary data they receive though. It's not like they're open to the world eager to execute an attack you've sent them. These attacks cannot be performed by simply talking to network services either.

I turned these off day one after they were introduced into the kernel. Enjoying my cozy 22600 geekbench on my lappy

As if "good" performance was ever enough for Jow Forumstards

Imagine thinking grub parameters are executable code

kernel commandline, probably in grub.

Attached: file.png (699x400, 448K)

>criminals
So why has no police force on the planet ever discovered a ME-based exploit? No government agency, no private researcher.....
>Core 2
>Piledriver
Naaahhh man those have secret alpha version vulnerabilities, you need the real deal. Plus, you don't know if they haven't retrofitted PSP in latest FX batches.

Zen has the same spectre/meltdown vulnerabilities, and more which haven't been discovered but theorized. It's a fundamental flaw in x86 and x86-64 architecture - to do literally anything to be fast. We wouldn't have this problem on serial SISD CPUs.

/g has gone down the drain

nothing to protect at home pc anyway
everything wide open on hard drive

Mitigations are mostly pointless. Even Linus thinks it’s bullshit. The most likely attack vector, your browser, already has built-in mitigations independent of OS. Even now we’re seeing those hastily thrown together patches be reworked or replaced because of how shit they are. Wait until retpoline-based patches come out.

>what are use cases
Nice straw man, faggot.

You glow way too much for this thread to work. Nice try, tho.

HAHAHAHA
OP BTFO

Go away NSA shill.

nOoOoOOoOOo goyim

Attached: 1527629778452.jpg (679x758, 54K)