On Tue, April 24, 2018 11:31 pm, Nico Huber wrote:
On 25.04.2018 00:18, Taiidan@gmx.com wrote:
I can't believe everyone else is so nonchalant about all this considering how important it is I still haven't figured out how to update the microcode on any of my computers - no guides I have found actually work and no distros have the new microcode for intel or amd despite it having been months.
I'm not nonchalant, but I'm not entirely sure what to do with those patch files and was hoping to see a new amd microcode 15h bin with them incorporated.
I can't believe everybody is so nonchalant about Rowhammer but many people make a big thing out of the comparatively tiny Spectre problem.
For the best security one should have both the new microcode and the lfence msr?
Not for the best but for any security, you have to understand first that both options only change something if your software is prepared to uti- lize them. First update your software, then check what it needs / what the developers expect (the new microcode I'd guess).
If I remember the earlier discussion right on that lfence msr, the OS can also set it so although it would be nice if coreboot did as well, it's not required?