Is it worth risking bricking the motherboard to patch meltdown?

is it worth risking bricking the motherboard to patch meltdown?

Other urls found in this thread:

downloadcenter.intel.com/download/27431/Linux-Processor-Microcode-Data-File
tracker.debian.org/news/900514),
youtu.be/UpPoWGiQIhA?t=83
twitter.com/NSFWRedditVideo

There is no risk.

Also not patching is never the correct choice. Now and in general, you either run the newest version of [technology] from provider X or Y.

>There is no risk.
then why does the asrock site have a huge ass warning about updating the bios?

because of the retards who can't update a bios safely

Because about 40-60% of Clickbait frenzied normies are gonna fuck it up and they don't want to be responsible for that shit.

what if power goes out while flashing?

clear cmos and be on your way

Um so I'm fucked? I have all the windows updates and bios updates.

What if the newest available bios version is from 2015?

Throw out your motherboard if you are running intel

But I need my PC and a new motherboard is expensive

Not IMO. I'll rather just take my chances. I don't Internet bank anyway.

You realize that if you don't patch it, any moron on fortunes can be hacking you right now, right? JS is not needed to use the exploit. If you have an older board that isn't getting an update, don't use it for anything that you don't want anyone else to know about. Otherwise, disconnect it, use it for something else , or trash it.

For meltdown perhaps but I'm still doubtful that any old skiddie can fully use spectre.

>You realize that if you don't patch it
wtf am I supposed to do if my motherboard doesn't have an update available? Make one myself? I just bought this shit a week ago, not gunna buy some other shit

I have a z370 and the patch isnt out for it yet. Just wait a bit

Why do people say flashing an "brick" your mobo when its possible to recover from a failed bios flash?

how? with a raspberry pi?

Msi has a guide on how to recover. Looks like a pain in the ass but still possible

>JS is not needed to use the exploit
What?
You mean basic HTTP is enough?

sudo apt install intel-microcode

sudo apt install intel-microcode
sudo : The term 'sudo' is not recognized as the name of a cmdlet, function, script file, or operable program. Check
the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1
+ sudo apt install intel-microcode
+ ~~~~
+ CategoryInfo : ObjectNotFound: (sudo:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

>Looks like a pain in the ass
That's why.

Kek

Yea, you're fucked.

Seriously though why dont you have sudo installed, did you run that as root?

Pretty sure that's the Microsoft command line, AKA he's on Windows

The question to ask is, are you running virtual machines on your system for someone else? If no, then why does it matter. Going to hack yourself?

because this is Sup Forums, it is full of idiots that don't understand how this works and think it is the worst security issue in the past 40 years.

I think you can blame the media for that. They've been spinning this is a major tech happening and most non-tech savvy people "VULNERABILITIES, SECURITY ISSUES CPU AND BIOS" as words they don't quiet fully understand.

>HTTP
You mean HTML, right?

Actually, it's PowerShell. It comes as default on Win10 so whatevs

Yeah, sorry.
I'm surprised.
I thought JS or some more stupid way was needed to get you infected like WannaCry.

>not using a PSU

What the fuck I meant UPS.

So, what are the most recent CPUs that are not affected by these exploits?

If you're running Intel, your system is already a worthless brick.

somewhat off topic BUT isn't a class action lawsuit against Intel warranted?

no, if it was it would also be warranted against IBM, ARM, AMD, Qualcomm and several others.

Has anyone ran the new microcode updare vis mflash yet? I have anxiety issues and i am nervous about flashing

I'm dumb and with all this chaos I still haven't understood.
Are these two bugs patched with just an os update? Or do I need to do something else?
Are old Thinkpads with ivy bridge fucked?

Only meltdown. Spectre is fixed by upgrading to hardware that doesn't exist yet.

>virtual machines
This affects the whole system not just VM's, you twit. The exploits read cached memory, doesn't matter what service is using it.

$3.00 has been deposited into your accounts fellow Intel shills.

Then reason VMs are mentioned at all is because that bug can read all of your system's memory, even from a virtual machine. Meltdown in particular can be even executed from a web browser. It's not any less severe on your desktop.

Yes Ivy Bridge is fucked. The performance penalty will be much worse than on newer hardware.

I should add, the frenzy about VM's got more focus because services like Amazon's AWS, Digital Ocean, etc, have millions of users, whose data can be leaked across any single VM on an entire server. So, basically, one VM get's exploited, and they all do.

I can finally run my non-exist games!

I haven't noticed any differences on my t430 running mint, but that's probably because I basically just use it to compile small programs.

You're getting hacked RIGHT THIS SECOND

>don't patch motherboard
>browsing your favourite site
>suddenly drive-by JS hacks your entire system stealing your data and bricks your PC
yeah don't bother OP it's fine.

bump

my motherboards last update was 2015 and I cant get another one, how fuck am I. I updated my windows and firefox, is there anything else I can do. I thought these exploits had to be done manually.

see
Better just turn off the internet.

Yeah but even with the windows update, firefox update, ublock. I don't run a anti virus however. Am I still fucked, whats the point in the updates if you can still get fucked. I read that this shit was manual.

8600k Asus rog strix e
I update BIOS, was on a beta version before.
Better temps now with same 4.8ghz oc. Before max spike in AC origins was 74c now 70c
Also took a hit to image editing score in realbench about 30% JUST to image editing every other score was slightly better 3-4%
Overall things running smooth and future updates will fix these performance hits this was a rapid fire patch .
>update op

I was planning on buying an x220 - should i abort?

the way i see it if all hardware is affected anyway, and will be until 2019 atleast, might aswell just use what you use with caution. i need a laptop now, not in a year

What if the cmos is soldered to the motherboard?

Buy broken motherboard off eBay, replace bricked one with a soldering iron.

I have done this with a Sony laptop, so I know you can.

>last bios update - 2012

Yeah, this will be fun.

I'm running a modded bios to of my vanilla 6600. Im not gonna flash for protection.

If you're running GNU/Linux you can update the microcode without a flash through or downloadcenter.intel.com/download/27431/Linux-Processor-Microcode-Data-File or whatever your package maintainer recommends doing
Note: it's proprietary and there is no actual changelog (outside of tracker.debian.org/news/900514), but you bought a CPU with already proprietary firmware so...
Another note: This will likely degrade performance even further

I had never flashed a bios before, just did it with mflash, literally took 5 minites. All secure now :)

there is no bios update for my laptop or my desktop, so i wont be doing that

Hows that 60% SSD slow down of write speed friend? :)

Still not BIOS update on my MSI Z87-GD65 Gaming motherboard. MSI are shit.

Shit. This machine is for muh games though so it doesnt matter. Why else would i buy this locked i5

It's for the retards that decide to find ways to halt the process in the middle or don't get the correct board's shit.

>Dur, what if I unplug it in the middle of this?
>Guh, better in complain about failure because I corrupted shit.

Be sure to thank Intel when somebody fucks it in that gaping security hole.

If you don't get a patch, you're wide open.
If it helps you calm down, you're welcome to get mad at me, Anonymous.

You're reading fud, bud.

meltdown or brick...ahh, the agony of choice...
youtu.be/UpPoWGiQIhA?t=83

>Being this of a nigger

Just download an updated browser put unlock and noscript and don't go to shitfest sites like nosteam

Javascript is not needed to use the exploit. You're free to believe otherwise. Go with whatever makes you feel better, Anonymous.

>If you don't get a patch, you're wide open.

Create a situation where being wide open doesn't matter. So easy. Boot a live OS for shopping and banking, do NOTHING else with it in that session, reboot into your main OS for whatever you do with that.

The paranoia here is hilarious. Most of you knegrowz don't run a fucking SCIF.

Want to surf the foulest regions of the internet? Boot Knoppix or whatever and do that.

Worried your goat porn collection will get nuked? Back it up. Are you coding or doing profitable work with a system? Air gap that motherfucker and leave it that way. You can always add more PCs.

fuck that. I'm not patching my bios.

wow amazing picture faggot, just waste bandwidth, why not

>The hacker known as 4chin enlighten an user

Thanks 4chin

>he hasn't received the kernel updates

You are such an idiot it's painful.

Yeah its pretty bad. I dont want my bank account hacked into though.

stop browsing on a metered connection you fucknut, I'm guessing you're the type that blames others for your mistakes.

Its ok man, you don't have to be all passive aggressive. Just express your true feelings.

be happy there is a update for your bios. my last update was 2012. i have no idea what to do, cant afford another motherboard.

Talking about gookmoots bandwidth you faggot, or do you like being pumped full of ads and malware?

That must be it. You've got me now, Anonymous.

>actually giving a fuck about Sup Forums

holy kek

If you cant afford a mobo you dont have anything worth stealing

There's no need for any BIOS uupdate to load new CPU microcode. The OS can do it post-boot if needed. Linux and Windows will load new microcode in boot if they have a never version than the one the CPU booted with, or the BIOS loaded after the chip came out of reset.

It's just slightly more comfy to have the BIOS do it, so the chip's head gets straight as early as possible during boot.

But it's more aesthetics than function unless you run an OS that CAN'T load microcode (e.g.DOS).

Just find out how to check CPU microcode level once the box is up. On linux, cat /proc/cpuinfo

Don't be hysterical retards.

And dont buy HP garbage anymore. They want you to pay for BIOS updates if you're "out of warranty".

Yeah, pay to fix your Fiorina/Pajeet mistakes much later, HPee.

Ah I see you have conceded. I shall add this feather to my veritable plumage of internet argument victories.

Yes, you do that.

You arent fully patched without the bios update.

After checking motherboard bois I released I'm still on first release and completely forgot about the Intel ME for security vulnerabilities.
Are you meant to jump to the latest bois after being 3 years behind?

Yes that's right the BIOS has fuck-all to do with loading microcode, if you do it during OS boot.

And Intel distributes the microcode for free in a big text file.

Google how to make your OS load it, and you're stylin'.

Don't Worry Be Happy!

I have a 110 dollar z370 mobo my dude, the cheapest one they offered

>ASUS released a statement saying they'll get around to distributing new BIOS files eventually
well....ok then

Oh my sweet summer child.

Yes you are. The BIOS does not control the instruction set semantics. The microcode does.

You are only "vulnerable" until the OS boots, and reconfigures the CPUs microcode store.

The store is volatile, so must be re loaded on every boot.

Have there actually been any reported cases of spectre in the wild?