Dobrodošli na FOSS Srbija

Free and Opensource Srbija je skup entuzijasta i ljubitelja slobodnog i otvorenog koda. Cilj nam je okupiti sve istomišljenike na jednom mestu i stvoriti najveći globalni OpenSource projekat u Srbiji i šire!

  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Zanimljivi klipovi, linkovi, tekstovi, slike...

Discussion in 'Opšte diskusije' started by Vladimir, 20.01.2012.

  1. Dragan

    Staff Member

    Joined:
    13.01.2012
    Messages:
    6,469
    Likes Received:
    3,844
    Location:
    jóhonaaʼéí
    Okruženje:
    Xfce
    Sistem:
    TRIOS
  2. Vlad

    Korisnik

    Joined:
    13.02.2012
    Messages:
    1,893
    Likes Received:
    789
    Okruženje:
    Gnome3
    Sistem:
    Fedora
    "Meltdown and Spectre" (bugs)

    To nam je tako kada "(neozbiljni) ljubitelji Džems Bonda i drugih filmova i TV serija" imenuju bagove. ;)
     
    Ladislav likes this.
  3. 1443

    Korisnik

    Joined:
    15.02.2016
    Messages:
    135
    Likes Received:
    85
    Okruženje:
    Cinnamon
    Sistem:
    Mint
  4. Misko_2083

    Saradnik

    Joined:
    15.03.2015
    Messages:
    273
    Likes Received:
    553
    Sistem:
    Ostalo
    Video sam ranije taj skript i isprobao na TRIOS-u.
    Code:
    Spectre and Meltdown mitigation detection tool v0.27
    
    Checking for vulnerabilities against live running kernel Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.51-3 (2017-12-13) x86_64
    
    CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
    * Checking count of LFENCE opcodes in kernel:  NO
    > STATUS:  VULNERABLE  (only 23 opcodes found, should be >= 70, heuristic to be improved when official patches become available)
    
    CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
    * Mitigation 1
    *  Hardware (CPU microcode) support for mitigation:  NO
    *  Kernel support for IBRS:  NO
    *  IBRS enabled for Kernel space:  NO
    *  IBRS enabled for User space:  NO
    * Mitigation 2
    *  Kernel compiled with retpoline option:  NO
    *  Kernel compiled with a retpoline-aware compiler:  NO
    > STATUS:  VULNERABLE  (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)
    
    CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
    * Kernel supports Page Table Isolation (PTI):  NO
    * PTI enabled and active:  NO
    > STATUS:  VULNERABLE  (PTI is needed to mitigate the vulnerability)
    
    A false sense of security is worse than no security at all, see --disclaimer
    
     
    Ladislav and Dragan like this.
  5. Dragan

    Staff Member

    Joined:
    13.01.2012
    Messages:
    6,469
    Likes Received:
    3,844
    Location:
    jóhonaaʼéí
    Okruženje:
    Xfce
    Sistem:
    TRIOS
    TRIOS koristi standardni debian kernel...usput, malo je drugačiji rezultat za AMD procesor:

    Screenshot - 01112018 - 10:28:23 PM.png
     
    Ladislav likes this.
  6. 1443

    Korisnik

    Joined:
    15.02.2016
    Messages:
    135
    Likes Received:
    85
    Okruženje:
    Cinnamon
    Sistem:
    Mint
  7. МарестРПЦ

    Korisnik

    Joined:
    16.10.2015
    Messages:
    240
    Likes Received:
    152
    Okruženje:
    Mate
    Sistem:
    Mint


    Колко сам схватио, ово је виртуални оперативни систем који се инсталира преко Виндовса, дакле дође као нека тема, да Виндовс више сличи Линуксу. Немам Виндовс на овом лаптопу па нисам пробао али кад одем кући, пробаћу. Нема неку конкретну намену осим да улепша Виндовс, а разлог зашто сам поделио клип са вама је тај што ми се изглед ове, ако могу да кажем, теме невероватно допао, па сад, ако већ морам да имам Виндовс да рачунару, онда нека изгледа овако, а не онако како изгледа :)
     
  8. Misko_2083

    Saradnik

    Joined:
    15.03.2015
    Messages:
    273
    Likes Received:
    553
    Sistem:
    Ostalo
    Isprobao i 4.14.13 na triosu
    Code:
    Spectre and Meltdown mitigation detection tool v0.27
    
    Checking for vulnerabilities against live running kernel Linux 4.14.13 #1 SMP Mon Jan 15 15:01:54 CET 2018 x86_64
    
    CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
    * Checking count of LFENCE opcodes in kernel:  NO
    > STATUS:  VULNERABLE  (only 22 opcodes found, should be >= 70, heuristic to be improved when official patches become available)
    
    CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
    * Mitigation 1
    *  Hardware (CPU microcode) support for mitigation:  NO
    *  Kernel support for IBRS:  NO
    *  IBRS enabled for Kernel space:  NO
    *  IBRS enabled for User space:  NO
    * Mitigation 2
    *  Kernel compiled with retpoline option:  NO
    *  Kernel compiled with a retpoline-aware compiler:  NO
    > STATUS:  VULNERABLE  (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)
    
    CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
    * Kernel supports Page Table Isolation (PTI):  YES
    * PTI enabled and active:  YES
    > STATUS:  NOT VULNERABLE  (PTI mitigates the vulnerability)
    
    A false sense of security is worse than no security at all, see --disclaimer
    
    Radi brže na mojoj mašini (FireFox leti) i nema Meltdown-a. :)
     
    Dragan likes this.
  9. Dragan

    Staff Member

    Joined:
    13.01.2012
    Messages:
    6,469
    Likes Received:
    3,844
    Location:
    jóhonaaʼéí
    Okruženje:
    Xfce
    Sistem:
    TRIOS
    Ovo nisam baš razumeo...šta radi bolje i brže? TRIOS sa novijim kernelom u odnosu na stari, ili...?
    Koje su specifikacije mašine?
     
  10. Ladislav

    Korisnik

    Joined:
    30.06.2015
    Messages:
    408
    Likes Received:
    416
    Location:
    Sombor
    Okruženje:
    Xfce
    Sistem:
    TRIOS
    izvinjavam se što upadam...
    ...jel treba da sam zabrinut, ne razumem se, moji rezultati su malo drugačiji Debian-Stretch?

    Code:
    root@deb-pc:/home/fish105/Downloads/spectre-meltdown-checker-master# inxi -Cxxx
    CPU:       Quad core Intel Core2 Quad Q6600 (-MCP-) cache: 4096 KB
               flags: (lm nx sse sse2 sse3 ssse3 vmx) bmips: 19243
               clock speeds: min/max: 1596/2394 MHz 1: 1596 MHz 2: 1596 MHz
               3: 1596 MHz 4: 1596 MHz
    root@deb-pc:/home/fish105/Downloads/spectre-meltdown-checker-master# ./spectre-meltdown-checker.sh
    Spectre and Meltdown mitigation detection tool v0.31
    
    Checking for vulnerabilities against running kernel Linux 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04) x86_64
    CPU is Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
    
    CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
    * Checking count of LFENCE opcodes in kernel:  NO
    > STATUS:  VULNERABLE  (only 25 opcodes found, should be >= 70, heuristic to be improved when official patches become available)
    
    CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
    * Mitigation 1
    *   Hardware (CPU microcode) support for mitigation
    *     The SPEC_CTRL MSR is available:  NO
    *     The SPEC_CTRL CPUID feature bit is set:  NO
    *   Kernel support for IBRS:  NO
    *   IBRS enabled for Kernel space:  NO
    *   IBRS enabled for User space:  NO
    * Mitigation 2
    *   Kernel compiled with retpoline option:  NO
    *   Kernel compiled with a retpoline-aware compiler:  NO
    > STATUS:  VULNERABLE  (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)
    
    CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
    * Kernel supports Page Table Isolation (PTI):  YES
    * PTI enabled and active:  YES
    * Checking if we're running under Xen PV (64 bits):  NO
    > STATUS:  NOT VULNERABLE  (PTI mitigates the vulnerability)
    
    A false sense of security is worse than no security at all, see --disclaimer
    root@deb-pc:/home/fish105/Downloads/spectre-meltdown-checker-master#
    
    ... a ovo je izveštaj od TRIOS:

    Screenshot - 01152018 - 08:59:36 PM.png.jpg
     
    #2410 Ladislav, 15.01.2018 at 19:40
    Last edited: 15.01.2018 at 20:03
  11. Vladimir

    Staff Member

    Joined:
    12.01.2012
    Messages:
    9,297
    Likes Received:
    4,010
    Location:
    /home
    Okruženje:
    Xfce
    Sistem:
    FreeBSD
    Nema oko čega da brineš, pre će te ajkula ujestu za nogu nego što će te neko hakovati na ovaj sigurnosni propust ;)
     
    Collapse Signature Expand Signature
    Vlad and Ladislav like this.
SSL Certificate Biblioteka++ Tor anonimnost Cyberghost vyprvpn