Mikorist Napisano Januar 12, 2018 Autor Share #111 Napisano Januar 12, 2018 http://coen.boisestate.edu/ece/files/2013/05/Creating.a.Raspberry.Pi-Based.Beowulf.Cluster_v2.pdf Evo rešenja . Koliko sam spucao para na Intel mogap sam komotno da napravim Raspberry Pi-based supercomputer. Link to comment Podeli na ovim sajtovima More sharing options...
Mikorist Napisano Januar 13, 2018 Autor Share #112 Napisano Januar 13, 2018 summa summarum Spectre PoC daje čarobni rezultat iz sopstvenog adresnog prostora. Aplikacije se mogu kompajlirati sa opcijom LFENCE opcode ili Retpoline, što sprečava krađu podataka. Tako će aplikacije (kao što su vaš pretraživač, Skype, Steam itd.) Biti zaštićene (eventualno). Ako želite da testirate operativni sistem koji koristi Retpoline, probajte Clear Linux. Napravljen od Intela https://clearlinux.org/https://clearlinux.org/documentation/clear-linux/get-started/virtual-machine-install/virtualboxhttps://clearlinux.org/documentation/clear-linux/get-started/virtual-machine-install/vmware-playerhttps://clearlinux.org/blogs/clarity-desktop (after it's downloaded launch the gui by typing "startx") Instalacija gcc input "sudo wsupd bundle-add c-basic" http://www.phoronix.com/vr.php?view=25821 Pod njim uopšte ne radi Spectre PoC. I prva i druga varijanta. Ostaje nejasno kako će Cloud servisi da se zaštite i specifični sistemi i okruženja (emulatori i virtuelne mašine) . Ovde je pun tekst koji je izdat 3. januara https://dl.packetstormsecurity.net/papers/attack/spectre-attacks-exploiting-sepculative-execution.pdf Na stranici 15 i 16 je originalni source code koji kopiraju i prepravljaju na Github. A Spectre Example Implementation Ono što su oni ovde objavili je bezalen primer Spectre PoC . Koji je bilo i moguće objaviti javno bez većih posledica . Jedina posledica jeste širenje bespotrebne panike. I opomena proizvođačima CPU. Ali u istom pdf-u se navode i drugi primeri koji nisu objavljeni van laboratorije. Do sad koliko vidim (na svu sreću) niko nije objavio radni primer Spectre napada van memorije. Odnosno direktno na aplikaciju - što bi bilo pogubno kroz konzolu. Takav PoC pretpostavlja prihvaćanje složenijih komandnih argumenata (sem da ispisuje magičnu reč iz sopstvene memorije) - ali niko nije uspeo da napravi tako nešto ili pokazao jedan radni primer, za koji znam ... A nadam se i da neće. Ipak naučnici imaju kodekse ponašanja na zavidnom nivou. Link to comment Podeli na ovim sajtovima More sharing options...
Zen Mod Napisano Januar 13, 2018 Share #113 Napisano Januar 13, 2018 ma Bladerunner sinko .......... Mikorist je reagovao/la na ovo 1 Link to comment Podeli na ovim sajtovima More sharing options...
Mikorist Napisano Januar 14, 2018 Autor Share #114 Napisano Januar 14, 2018 Link to comment Podeli na ovim sajtovima More sharing options...
Mikorist Napisano Januar 23, 2018 Autor Share #115 Napisano Januar 23, 2018 Ovo je luda kuća. Evo šta kaže majstor koji radi direktno na ovome - David Woodhouse Quote I think we've covered the technical part of this now, not that you like it — not that any of us *like* it. But since the peanut gallery is paying lots of attention it's probably worth explaining it a little more for their benefit. This is all about Spectre variant 2, where the CPU can be tricked into mispredicting the target of an indirect branch. And I'm specifically looking at what we can do on *current* hardware, where we're limited to the hacks they can manage to add in the microcode. The new microcode from Intel and AMD adds three new features. One new feature (IBPB) is a complete barrier for branch prediction. After frobbing this, no branch targets learned earlier are going to be used. It's kind of expensive (order of magnitude ~4000 cycles). The second (STIBP) protects a hyperthread sibling from following branch predictions which were learned on another sibling. You *might* want this when running unrelated processes in userspace, for example. Or different VM guests running on HT siblings. The third feature (IBRS) is more complicated. It's designed to be set when you enter a more privileged execution mode (i.e. the kernel). It prevents branch targets learned in a less-privileged execution mode, BEFORE IT WAS MOST RECENTLY SET, from taking effect. But it's not just a 'set-and-forget' feature, it also has barrier-like semantics and needs to be set on *each* entry into the kernel (from userspace or a VM guest). It's *also* expensive. And a vile hack, but for a while it was the only option we had. Even with IBRS, the CPU cannot tell the difference between different userspace processes, and between different VM guests. So in addition to IBRS to protect the kernel, we need the full IBPB barrier on context switch and vmexit. And maybe STIBP while they're running. Then along came Paul with the cunning plan of "oh, indirect branches can be exploited? Screw it, let's not have any of *those* then", which is retpoline. And it's a *lot* faster than frobbing IBRS on every entry into the kernel. It's a massive performance win. So now we *mostly* don't need IBRS. We build with retpoline, use IBPB on context switches/vmexit (which is in the first part of this patch series before IBRS is added), and we're safe. We even refactored the patch series to put retpoline first. But wait, why did I say "mostly"? Well, not everyone has a retpoline compiler yet... but OK, screw them; they need to update. Then there's Skylake, and that generation of CPU cores. For complicated reasons they actually end up being vulnerable not just on indirect branches, but also on a 'ret' in some circumstances (such as 16+ CALLs in a deep chain). The IBRS solution, ugly though it is, did address that. Retpoline doesn't. There are patches being floated to detect and prevent deep stacks, and deal with some of the other special cases that bite on SKL, but those are icky too. And in fact IBRS performance isn't anywhere near as bad on this generation of CPUs as it is on earlier CPUs *anyway*, which makes it not quite so insane to *contemplate* using it as Intel proposed. That's why my initial idea, as implemented in this RFC patchset, was to stick with IBRS on Skylake, and use retpoline everywhere else. I'll give you "garbage patches", but they weren't being "just mindlessly sent around". If we're going to drop IBRS support and accept the caveats, then let's do it as a conscious decision having seen what it would look like, not just drop it quietly because poor Davey is too scared that Linus might shout at him again. :) I have seen *hand-wavy* analyses of the Skylake thing that mean I'm not actually lying awake at night fretting about it, but nothing concrete that really says it's OK. If you view retpoline as a performance optimisation, which is how it first arrived, then it's rather unconventional to say "well, it only opens a *little* bit of a security hole but it does go nice and fast so let's do it". But fine, I'm content with ditching the use of IBRS to protect the kernel, and I'm not even surprised. There's a *reason* we put it last in the series, as both the most contentious and most dispensable part. I'd be *happier* with a coherent analysis showing Skylake is still OK, but hey-ho, screw Skylake. The early part of the series adds the new feature bits and detects when it can turn KPTI off on non-Meltdown-vulnerable Intel CPUs, and also supports the IBPB barrier that we need to make retpoline complete. That much I think we definitely *do* want. There have been a bunch of us working on this behind the scenes; one of us will probably post that bit in the next day or so. I think we also want to expose IBRS to VM guests, even if we don't use it ourselves. Because Windows guests (and RHEL guests; yay!) do use it. If we can be done with the shouty part, I'd actually quite like to have a sensible discussion about when, if ever, we do IBPB on context switch (ptraceability and dumpable have both been suggested) and when, if ever, we set STIPB in userspace. https://lkml.org/lkml/2018/1/22/598 Link to comment Podeli na ovim sajtovima More sharing options...
Mikorist Napisano Januar 23, 2018 Autor Share #116 Napisano Januar 23, 2018 Odgovor Linusa na ovo http://lkml.iu.edu/hypermail/linux/kernel/1801.2/04628.html Link to comment Podeli na ovim sajtovima More sharing options...
Mikorist Napisano Januar 23, 2018 Autor Share #117 Napisano Januar 23, 2018 Btw. Ako ste već ažurirali BIOS, kako biste izbegli nepredvidljivo ponašanje sistema, možete se vratiti na prethodnu verziju BIOS-a. https://usn.ubuntu.com/usn/usn-3531-2/ Link to comment Podeli na ovim sajtovima More sharing options...
shonne Napisano Januar 29, 2018 Share #118 Napisano Januar 29, 2018 Link to comment Podeli na ovim sajtovima More sharing options...
Mikorist Napisano Februar 7, 2018 Autor Share #119 Napisano Februar 7, 2018 MS vraćaja nazad spektre zakrpe zbog nestabilnosti, problema sa performansama, iznenadnim rebutovanjem itd. https://support.microsoft.com/en-us/help/4078130/update-to-disable-mitigation-against-spectre-variant-2 pakonja je reagovao/la na ovo 1 Link to comment Podeli na ovim sajtovima More sharing options...
pakonja Napisano Februar 7, 2018 Share #120 Napisano Februar 7, 2018 O uzasa... Link to comment Podeli na ovim sajtovima More sharing options...
sir Oliver Napisano Mart 1, 2018 Share #121 Napisano Mart 1, 2018 Na mobilnom nadjem neki sajt za online slušanje klasične muzike. Želim da slušam na PCu pa taj linak pošaljem sebi kao mail. Mail stigne ali linka nema ?!?!?! Nekoliko puta ponovim i isto. Kad pogledam mail na mobilnom prikaže se linak. Kad stigne na PC nema ništa. Ko filtrira poruke? Gmail ili neki adbloker ili koj djavo? Link to comment Podeli na ovim sajtovima More sharing options...
sir Oliver Napisano Mart 2, 2018 Share #122 Napisano Mart 2, 2018 https://www.googleadservices.com/pagead/aclk?sa=L&ai=CKcmSwTGVWr2AJJqO6gTx2ZKQBYTltMhQ-N2m5p0GsdL5iwEQASDj-5MDYLEFoAGf9tHzA8gBA6kCQFR8Pcpqtz6oAwHIA8kEqgSfAU_QNhYLe8brRp3WsZNS6BGGTJGTHIhQOibfu7O3fDZE2rFHq_f0Agjong3bGf1yXCZFhzXA9s2v4Ht1AZP7gyRvihVYsG0yESGnQYALNXvr4h4YWb83IXNVElrqA3AoLkEF0WUui8OneWGuWgKi1jbn_lQKbKiscSFByey_VDQao0D1QWYJFPziTxjM31nvqBUPY3UdKDbsrzPUnvcsFKAGA4AHyYmuDKgH1ckbqAemvhvYBwHSCAcIgGEQARgD8ggcY2EtaG9zdC1wdWItNDc5MDkxMjc5MzM1MzAzObEJLkJcVvJck6aACgHYEwI&num=1&cid=CAASEuRoCBNG3wXD0X3huu194OLHTA&sig=AOD64_1882MOd92YW0b1qGiQ_fzuYzIB9g&client=ca-pub-6219811747049371&nm=3&nx=182&ny=120&mb=2&bg=!uLulu6NEffSzw95Gcs4CAAAAOlIAAAA2mQGTc4p8IKyuuYo_hZg6Hr41dRRqp0ucqQHIbJ3vzjgwyiC7UwZervlJxBHl0NMnUsVm41nY5v-2aWdpYbg5c7ESpFw2htQi-AgWdpXuzeKSOfn_IcezveTrFYm_tHtvvJq9_uMbc98weck25AL_pbkyyprocXJP4CIPTIM4ilvi-3dfhi_P-u_N-m0Mg-zOt25LNqaNlIZTGJBMeDCSoBMWt-05O5W5LLybgxrk6K9owJQv6ckA8JuqC_kgbtN_M68DCTIA4tcYIjnjH4PgJx6K5uQUzstb6AP09rxydRO_TKECZJphix2jFbTbowhHqF2Gl2nH4WUn98nkWUdMn4k5do1k92PE642ncwx7cOE60GSseMYfUAMuVIpEsC0KTvJpC-hTRTH0GxzJvzHDERJomfC1ndW4PTUUXt9ckzuWtU_namT3bMwwFukE7MYFb6-utsMmFQvxPGow5ZQpUEZfXOwmyAX32J9p-NGIM6UkjcTmAUbFSGLD85OROxxlNyVKolF6PchwavIYi998N6_s19KXBA&adurl=https://bachtrack.com/19000/find-events/medium%3D2 Link to comment Podeli na ovim sajtovima More sharing options...
shonne Napisano Mart 2, 2018 Share #123 Napisano Mart 2, 2018 skurnja stebe Sire Link to comment Podeli na ovim sajtovima More sharing options...
Woland Napisano Mart 2, 2018 Share #124 Napisano Mart 2, 2018 (izmenjeno) 34 minutes ago, sir Oliver said: https://www.googleadservices.com/pagead/aclk?sa=L&ai=CKcmSwTGVWr2AJJqO6gTx2ZKQBYTltMhQ-N2m5p0GsdL5iwEQASDj-5MDYLEFoAGf9tHzA8gBA6kCQFR8Pcpqtz6oAwHIA8kEqgSfAU_QNhYLe8brRp3WsZNS6BGGTJGTHIhQOibfu7O3fDZE2rFHq_f0Agjong3bGf1yXCZFhzXA9s2v4Ht1AZP7gyRvihVYsG0yESGnQYALNXvr4h4YWb83IXNVElrqA3AoLkEF0WUui8OneWGuWgKi1jbn_lQKbKiscSFByey_VDQao0D1QWYJFPziTxjM31nvqBUPY3UdKDbsrzPUnvcsFKAGA4AHyYmuDKgH1ckbqAemvhvYBwHSCAcIgGEQARgD8ggcY2EtaG9zdC1wdWItNDc5MDkxMjc5MzM1MzAzObEJLkJcVvJck6aACgHYEwI&num=1&cid=CAASEuRoCBNG3wXD0X3huu194OLHTA&sig=AOD64_1882MOd92YW0b1qGiQ_fzuYzIB9g&client=ca-pub-6219811747049371&nm=3&nx=182&ny=120&mb=2&bg=!uLulu6NEffSzw95Gcs4CAAAAOlIAAAA2mQGTc4p8IKyuuYo_hZg6Hr41dRRqp0ucqQHIbJ3vzjgwyiC7UwZervlJxBHl0NMnUsVm41nY5v-2aWdpYbg5c7ESpFw2htQi-AgWdpXuzeKSOfn_IcezveTrFYm_tHtvvJq9_uMbc98weck25AL_pbkyyprocXJP4CIPTIM4ilvi-3dfhi_P-u_N-m0Mg-zOt25LNqaNlIZTGJBMeDCSoBMWt-05O5W5LLybgxrk6K9owJQv6ckA8JuqC_kgbtN_M68DCTIA4tcYIjnjH4PgJx6K5uQUzstb6AP09rxydRO_TKECZJphix2jFbTbowhHqF2Gl2nH4WUn98nkWUdMn4k5do1k92PE642ncwx7cOE60GSseMYfUAMuVIpEsC0KTvJpC-hTRTH0GxzJvzHDERJomfC1ndW4PTUUXt9ckzuWtU_namT3bMwwFukE7MYFb6-utsMmFQvxPGow5ZQpUEZfXOwmyAX32J9p-NGIM6UkjcTmAUbFSGLD85OROxxlNyVKolF6PchwavIYi998N6_s19KXBA&adurl=https://bachtrack.com/19000/find-events/medium%3D2 ček bre, kako na tapatalku vidim link a na edge ne? axa - Ad bloker je razlog Izmenjeno Mart 2, 2018 od Woland prosvetlio se Link to comment Podeli na ovim sajtovima More sharing options...
D i g i t a L Napisano Maj 11, 2018 Share #125 Napisano Maj 11, 2018 NIXIE je reagovao/la na ovo 1 Link to comment Podeli na ovim sajtovima More sharing options...
Aleks Napisano Maj 11, 2018 Share #126 Napisano Maj 11, 2018 Oću! Gde ima? Link to comment Podeli na ovim sajtovima More sharing options...
D i g i t a L Napisano Maj 12, 2018 Share #127 Napisano Maj 12, 2018 Zasada samo "sta bi bilo kad bi bilo". Link to comment Podeli na ovim sajtovima More sharing options...
stefaca Napisano Maj 12, 2018 Share #128 Napisano Maj 12, 2018 Pola jeste - pola nije: https://externos.io/ Link to comment Podeli na ovim sajtovima More sharing options...
vladd Napisano Maj 12, 2018 Share #129 Napisano Maj 12, 2018 Mene to asocira na "loudness war" s pocetka 80-ih, a sada je u toku "hardware war" sa operativnim sistemima koji imaju prekomplikovane opcije i zahteve po pitanju hardvera, a realno su davez za rad. Razumem ja njihovu zelju da vire u svaki kompjuter, ali onda se os deli besplatno. Treba nam operativni sistem, a ne operativacijin sistem Cak su se i ljutnuli u MS-u, kada sam ih na nekom seminaru pitao kada misle da naprave profesionalini OS...da ne iskacu nikakvi "pomocnici", da sistem ima ozbiljniju proveru modula a da ne trazi po netu update, da zakrpe i pecevi nisu veci od osnovnog os-a, da me ne dave sa pitanjima "da li si siguran"..valjda u to sto radim? Vix, Dual and D i g i t a L je reagovao/la na ovo 3 Link to comment Podeli na ovim sajtovima More sharing options...
D i g i t a L Napisano Maj 12, 2018 Share #130 Napisano Maj 12, 2018 NIXIE and vladd je reagovao/la na ovo 2 Link to comment Podeli na ovim sajtovima More sharing options...
Mikorist Napisano Septembar 15, 2018 Autor Share #131 Napisano Septembar 15, 2018 Čitam sad šta su ovi retardi u evropskom parlamentu usvojili pre par dana. Veliki igrači poput Googla, Facebooka i Twittera će, dakle, morati da naprave ''pametne filtere'' koji će svaki copyrightovani materijal morati instant da prepoznaju i obrišu. Kako ovo NIJE tehnički izvodljivo - kapiram da će Google, FB i Twitter BLOKIRATI pristup svojim servisima državljanima EU - u fazonu ''kad ste tolki retardi sada svirajte u prste bez 90% interneta''. Evo šta su usvojili - https://www.eff.org/deeplinks/2018/09/today-europe-lost-internet-now-we-fight-back Vix je reagovao/la na ovo 1 Link to comment Podeli na ovim sajtovima More sharing options...
ninja Napisano Septembar 16, 2018 Share #132 Napisano Septembar 16, 2018 Filter treba da se koristi za naplatu i kad linkas nesto onda moras odmah da platis. Ludilo neoprazovanih ljudi koji vladaju sa EU. Link to comment Podeli na ovim sajtovima More sharing options...
Preporučeni Komentari
Kreiraj nalog ili se prijavi da daš komentar
Potrebno je da budeš član DiyAudio.rs-a da bi ostavio komentar
Kreiraj nalog
Prijavite se za novi nalog na DiyAudio.rs zajednici. Jednostavno je!
Registruj novi nalogPrijavi se
Već imaš nalog? Prijavi se ovde
Prijavi se odmah