this post was submitted on 17 Sep 2023
560 points (98.8% liked)

World News

39011 readers
2770 users here now

A community for discussing events around the World

Rules:

Similarly, if you see posts along these lines, do not engage. Report them, block them, and live a happier life than they do. We see too many slapfights that boil down to "Mom! He's bugging me!" and "I'm not touching you!" Going forward, slapfights will result in removed comments and temp bans to cool off.

We ask that the users report any comment or post that violate the rules, to use critical thinking when reading, posting or commenting. Users that post off-topic spam, advocate violence, have multiple comments or posts removed, weaponize reports or violate the code of conduct will be banned.

All posts and comments will be reviewed on a case-by-case basis. This means that some content that violates the rules may be allowed, while other content that does not violate the rules may be removed. The moderators retain the right to remove any content and ban users.


Lemmy World Partners

News [email protected]

Politics [email protected]

World Politics [email protected]


Recommendations

For Firefox users, there is media bias / propaganda / fact check plugin.

https://addons.mozilla.org/en-US/firefox/addon/media-bias-fact-check/

founded 1 year ago
MODERATORS
 
  • Russia appears to be targeting journalists with spyware known as Pegasus.

  • Pegasus is a "zero-click" software, hacking phones by sending texts that don't need to be opened.

  • The software has targeted dozens of journalists, activists, and politicians in recent years.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 24 points 1 year ago (1 children)

hardware based speculation is hard to patch compared to most exploits that are just bad programming mistakes due to two factors. one being its hardware and its hard to patch out hardware and 2. fixing it would lead to severe drop in performance. A name of a very recent one would be Retbleed.

[–] [email protected] 1 points 1 year ago (1 children)

Yet, if you check your dmesg you'll find innumerable methods of mitigation against such exploits.

A software patch for hardware issue.

Personally, I'd rather the drop in performance than the Kashoggi treatment.

[–] [email protected] 10 points 1 year ago (3 children)

hence a preference thing, because In real life, when users see a huge performance drop, they complain (e.g Apple throttling old iphones due to aging battery without telling users). It's why it's one of the hardest fixes to do. Sometimes patches for speculation doesn't hurt the end user much (e.g Zenbleed does not affect consumer loads like gaming) then you have situations like Intel's Downfall, which has sizable AVX2/AVX512 performance penalties.

[–] [email protected] 5 points 1 year ago (1 children)

It was absolutely not just for aging battery. It was also planned obsolescence.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

hence why it feels like that, but saying its the same situation again, some people would have prefer it for the phone to randomly shut off at 1-10% battery, and there's the other camp that would have preferred for it to be throttled to prevent non zero shut down.

Apples mistake was both not telling people about it publicly, and not giving them a choice.

[–] [email protected] 2 points 1 year ago (1 children)

It wasn't a mistake. It was intentional.

[–] [email protected] 4 points 1 year ago

Apple doing that intentionally WAS the mistake.

It lost trust. It was sketchy. It was plain wrong.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

because In real life, when users see a huge performance drop, they complain

Yeah, true, and the dead people don't get to complain, so just prioritize performance because the dead aren't complaining.

/s obviously. I don't give a fuck how much performance you gain/lose by running an exposed system. Increasing road speed limits would help people get to work faster. But more of them would be dead. Road safety comes first, convenience and speed comes second.

I could understand people having a slightly different priority list 30 years ago when performance was shit and computers were obscure. But in this day and age, we're making increases in performance 99.9% of the populace won't notice and computers literally run our lives. The priority is security.

then you have situations like Intel's Downfall, which has sizable AVX2/AVX512 performance penalties.

Yeah, exactly. Most people don't utilize AVX all that much. And those that do likely have newer machines that are unnaffected. And Intel is patching it.

[–] [email protected] 1 points 1 year ago

The point is, anything there is code speculation, virtually every single time they invent a new way to speed up performance, a new method of attack gets found. It doesnt matter if its Arm, it doesnt matter if its Apple, jt doesnt matter if its Intel, doesnt matter if its AMD, everyone has exploits as long as code speculation is a thing. If security is a severe issue, would the solution not be finding or using phones without code speculation period as as long as long as it exists, historyically speaking, its only a matter of time till an exploit exists for it.

[–] [email protected] 1 points 1 year ago

One affects games.

The other literally gets people killed.