Security

InSpectre

January 16, 2018, 06:37(EST) By Eric (a.k.a. TweakHound)

Steve Gibson of GRC has a tool to check for the Meltdown and Spectre vulnerabilities and verify protection.
Download & Info

Meltdown & Spectre Updates Benchmarked

January 14, 2018, 15:11(EST) By Eric (a.k.a. TweakHound)

My system benchmarked after KB4056892 and CPU Microcode update (BIOS).
Full system specs here: My New PC – 2017
CPU: Intel i7-8700k
Mobo: Gigabyte Z370 AORUS Gaming 7
GPU: Zotac GeForce GTX 1060 AMP! Edition (Nvidia)
Ram: 32GB
Drives: x2 Samsung 960 EVO NVMe M.2
OS: Win10 Pro

***UPDATED 23JAN2018

My motherboard manufacturer released another BIOS update for this issue.
New scores on PCMark10.
[Read more…] about Meltdown & Spectre Updates Benchmarked

Thursday Random Stuff…

January 11, 2018, 15:05(EST) By Eric (a.k.a. TweakHound)

Meltdown and Spectre News
Yeah I know, daily stuff. I know some of you are sick of it but it is bigger than a big deal so hear we go…
Intel has the nads to release some benchmarks showing performance hits varying from +1 to -21%. (pdf) None of us are going to know what the heck hits us until we get some fracking firmware updates.
On my end, Gigabyte has been silent on the entire issue. I emailed both the Press and Tech Support teams with no reply. Questions on this topic have gone unanswered in their forums.
Dell on the other hand has been a pleasant surprise. They have a dedicated support page for this issue that even list when your model will get an update. My Alienware 15 R2 is scheduled to get an update on the 14th.
Lawsuits: I am now officially a part of a class action suit (well, after I sign the retainer). More news may follow. Or not.
CEO: No new word on Intel’s CEO that many think should be fired or worse.
Excellent read: iVerge – How the industry-breaking Spectre bug stayed secret for seven months
Linux: Spectre & Meltdown Checker “A simple shell script to tell if your Linux installation is vulnerable” I repeat myself, at the risk of being cruel, if you’ve got Intel you’re vulnerable. Apologies to Paul Simon.
Browsers: Online browser checker. “If the result is VULNERABLE, it is definitely true. However, if the result is NOT VULNERABLE, it doesn’t mean your browser is absolutely not vulnerable because there might be other unknown attacking methods. ”
VMware Workstation Player: 14.1.1 released “This update of VMware Workstation Player exposes hardware support for branch target injection mitigation to VMware guests.”

Why Are You Still On Social Media?
I’m constantly amazed at the utter gall displayed by the higher-ups at these social media companies. The gist of this article is that if you don’t think like they do you are “shitty people” and they will “shadow ban” you. I don’t care what your political views are, no freedom loving person can find this behavior acceptable. The only way to change this is not to buy the Bravo Sierra that they will try to “fix” things. The fix is to remove their power over you. The fix is to GET OFF SOCIAL MEDIA.

The Beginning Of The End
Facebook developing ‘Portal’ gadget which will let it put microphones and cameras in people’s homes

Off Topic
Cleveland Indians pitcher Trevor Bauer: 116.9 MPH
I don’t think I could even stay in the batters box.

PowerShell – Check For Meltdown and Spectre

January 5, 2018, 05:20(EST) By Eric (a.k.a. TweakHound)

IMHO this is a Geek tool for fun. Got Intel? You’re vulnerable.
[Read more…] about PowerShell – Check For Meltdown and Spectre

Chrome & Firefox Updated

January 4, 2018, 17:08(EST) By Eric (a.k.a. TweakHound)

Chrome 63.0.3239.132
AFAIK this does not address the Meltdown and Spectre stuff. That was due to happen with Chrome 64 due out next Tuesday.
“The stable channel has been updated to 63.0.3239.132 for Windows, Mac and Linux”
Download

Firefox 54.0.4
“Security fixes to address the Meltdown and Spectre timing attacks”
Download
Release Notes

Win10 January 3, 2018 Updates And AV Software

January 4, 2018, 08:29(EST) By Eric (a.k.a. TweakHound)

Important information regarding the Windows security updates released on January 3, 2018 and anti-virus software
Microsoft has identified a compatibility issue with a small number of anti-virus software products.
The compatibility issue is caused when anti-virus applications make unsupported calls into Windows kernel memory. These calls may cause stop errors (also known as blue screen errors) that make the device unable to boot. To help prevent stop errors caused by incompatible anti-virus applications, Microsoft is only offering the Windows security updates released on January 3, 2018 to devices running anti-virus software from partners who have confirmed their software is compatible with the January 2018 Windows operating system security update.
If you have not been offered the security update, you may be running incompatible anti-virus software and you should follow up with your software vendor.

Intel CPU Fiasco – More Info

January 4, 2018, 07:47(EST) By Eric (a.k.a. TweakHound)

last updated: 0838EST, 04JAN2018

Full breakdown: https://meltdownattack.com/

iVerge – Microsoft issues emergency Windows update for processor security bugs

Google: “These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running on them.”

AMD says, “near zero risk”

CERT: Vulnerability Note VU#584653 – CPU hardware vulnerable to side-channel attacks

WARNING – Do Not Run Windows Update

January 4, 2018, 07:31(EST) By Eric (a.k.a. TweakHound)

Patches will be rolling out today for the Intel CPU Fiasco.
(See below for the email I woke up to this morning.)
I highly recommend you pause, disable, stop, do not run Windows Update.
Full details have not been released as of this writing. These updates will at the kernel level. For the non-Geek that means at the core of Windows. I am not trying to play chicken little (henny penny for my U.K. friends). IMHO these updates are being rushed out and will be altered over time. They could slow down or even hose your PC. Let someone else beta test this stuff.
[Read more…] about WARNING – Do Not Run Windows Update

Patch Tuesday

December 12, 2017, 15:58(EST) By Eric (a.k.a. TweakHound)

Time To Run Windows Update
Patches available for all things Microsoft. Full breakdown at the end of this post.
Windows 10 – December 12, 2017—KB4053580 (OS Build 15063.786)
“This update includes quality improvements. No new operating system features are being introduced in this update.”

Flash Updated
APSB17-42 Security updates available for Adobe Flash Player
Download for Firefox and Opera: Adobe Flash Player 28.0.0.126
Download for Internet Explorer: Adobe Flash Player 28.0.0.126

CCleaner 5.38 Released
***WARNING*** As of this writing only the standard build available. No portable or slim.
I am not downloading this until a portable version is available.
CCleaner Forums post about this:
“The devs have decided to delay the portable version until the slim release. it is unclear if this is just for this version or going forward but this is a test trial of this policy.”
I am considering switching to Privacy Eraser. If anyone is/has used this please chime in.

[Read more…] about Patch Tuesday

Monday Random Stuff…

December 11, 2017, 16:11(EST) By Eric (a.k.a. TweakHound)

Another HP Keylogger
Security researcher Michael Myng found a keylogger on some HP laptops. There was one found earlier this year. This is on top of spyware found on HP devices.
Yikes!

GET OFF OF FACEBOOK
Another former Facebook exec rips social media:
“I think we have created tools that are ripping apart the social fabric of how society works…No civil discourse, no cooperation; misinformation, mistruth. And it’s not an American problem — this is not about Russians ads. This is a global problem.”
source: iVerge

« Previous Page