• Telorand@reddthat.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    3 months ago

    As pointed out elsewhere, the attack requires kernel-level access, and anyone with that access can do a lot of damage anyway.

    And the flaw can be fixed (there’s a fix out), it’s just that there’s no remediation once the flaw has been exploited.

    • mox@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 months ago

      anyone with that access can do a lot of damage anyway.

      it’s just that there’s no remediation once the flaw has been exploited.

      One of these things is not like the other.

      • Telorand@reddthat.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 months ago

        They’re intrinsically linked, in fact. If you have kernel access, you can do any number of things, including but not limited to persistent rootkits. I agree that this bug is one step further, since it affects the processor itself, but if somebody has ring 0 access that shouldn’t, you already have problems.

        • FierySpectre@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          arrow-down
          1
          ·
          3 months ago

          It’s always been a thing that the only way to completely be safe after malware is yeeting the old system and getting a new one…

          And even then there have been actively exploited issues where the system gets re-infected when reloading the data from a backup. (My memory is a bit rusty on that one, but it was just data being restored, nothing that should install anything)

  • cmnybo@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago

    I wish CPUs would all have a fuse bit to permanently disable those “security co-processors”. They are running who knows what and don’t do the average user any good.

  • droopy4096@lemmy.ca
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    at this point all major chipmakers have proven that innovation is dead, nobody cares about “boring” fratures. We can finally take a step back and reflect on why did we end up here