recentpopularlog in

charlesarthur : spectre   4

HP attempts to refresh the two-in-one with the leather-and-metal Spectre Folio • Ars Technica
Valentina Palladino:
<p>The Spectre Folio may look like a convertible that's covered in leather, but it's not that simple. The leather is actually built into the PC—you can't remove it, and HP doesn't want you to. The leather soft chassis adheres to the magnesium and aluminum hard chassis in a construction that you won't be able to see with your own eyes—it's all under the surface.

While it's classified as a convertible, it can flex into positions that were previously limited to tablets with keyboard covers. It can act as a laptop but instantly slide down into tablet mode as well. Instead of the traditional tent mode that other convertibles can achieve, the screen portion of the Spectre Folio can sit in a slot in front of the keyboard, turning it into a device ideal for photo and video viewing.

The Spectre Folio will have either an FHD or 4K touchscreen, both of which support inking, and the device will come with a stylus as well. It runs on 8th Gen Intel Core i5 and i7 Y-series processors and can support up to 8GB of RAM and 2TB of storage. HP claims the device will last at least 18 hours on a single charge. While super thin, the Spectre Folio contains two Thunderbolt 3 ports and one USB Type-C port, all of which support charging.</p>

A picture (below) from The Verge shows how the keyboard is covered by the screen when you want "tablet time"; the screen can then lay flat outward, or flat inward. At least they're trying.
<img src="" width="100%" />
hp  spectre  laptop  design 
october 2018 by charlesarthur
Spectre and Meltdown flaws being exploited by more than 100 strains of malware • Tech Republic
Nick Heath:
<p>Security researchers are discovering a growing amount of malware that exploits the Spectre and Meltdown CPU flaws.

Spectre and Meltdown are vulnerabilities in modern chip design that could allow attackers to bypass system protections on nearly every recent PC, server and smartphone—allowing hackers to read sensitive information, such as passwords, from memory.

Researchers have gathered more than 130 samples of malware that try to exploit Meltdown and Spectre, although most appear to be proof-of-concept code rather than being used in attacks.

Security firm Fortinet says all of the publicly available samples of malware it analyzed appeared to be test code, although it was unable to analyze some Spectre/Meltdown-exploiting malware, due to it not being released into the public domain.</p>

If you’re not updating your systems, hackers will find you out.
Spectre  meltdown  hacking 
february 2018 by charlesarthur
'WHAT THE F*CK IS GOING ON?' Linus Torvalds explodes at Intel spinning Spectre fix as a security feature • The Register
Thomas Claburn and Kat Hall:
<p>Intel's fix for Spectre variant 2 – the branch target injection design flaw affecting most of its processor chips – is not to fix it.

Rather than preventing abuse of processor branch prediction by disabling the capability and incurring a performance hit, Chipzilla's future chips – at least for a few years until microarchitecture changes can be implemented – will ship vulnerable by default but will include a protection flag that can be set by software.

Intel explained its approach in its technical note about Spectre mitigation, titled Speculative Execution Side Channel Mitigations. Instead of treating Spectre as a bug, the chip maker is offering Spectre protection as a feature.

The decision to address the flaw with an opt-in flag rather than activating defenses by default has left Linux kernel steward Linus Torvalds apoplectic.

Known for incendiary tirades, Torvalds does not disappoint. In a <a href="">message posted to the Linux kernel mailing list on Sunday</a>, he wrote, "As it is, the patches are COMPLETE AND UTTER GARBAGE."

"All of this is pure garbage. Is Intel really planning on making this shit architectural?" he asked. "Has anybody talked to them and told them they are f*cking insane? Please, any Intel engineers here – talk to your managers."</p>

The full Torvalds rant is worth reading. Never one to hold back, ol' Linus.
linux  torvalds  intel  spectre  hacking 
january 2018 by charlesarthur
The Spectre of an advertising meltdown: what you need to know • Lawfare
Nicholas Weaver:
<p>The information security world is focused on two new security vulnerabilities, “Spectre” and “Meltdown”, that represent vulnerabilities embedded in computer hardware. Lawfare readers should respond in two ways: keep their operating systems up to date and, critically, install an ad-blocker for your web browser. (Here are guides on how to do so in Chrome and Firefox.) In fact, a proper response to Spectre should involve ad-blocking on all government computers. Other than that, don’t worry.

Readers who just wanted to know what to do can stop reading. But for those curious about some of the technical background on these vulnerabilities and why ad-blocking is an essential security measure for a modern computer, read on.</p>
spectre  meltdown  adblocking 
january 2018 by charlesarthur

Copy this bookmark:

to read