Meltdown, Spectre, and what they mean for Linux users
Superbugs
© Lead Image © Natalia Lukiyanova, 123RF.com
The blatant security holes known as Meltdown and Spectre, which are built into the computer hardware, are likely to keep us busy for the next few years. How is the Linux community addressing this unexpected challenge?
The year 2018 began with a disaster for IT: We learned that most processors sold in the last 15 years come with two blatant bugs that make our systems vulnerable. The vulnerabilities, named Meltdown and Spectre, mainly affect CPUs of the market leader Intel, but related problems are also present in Apple, AMD, PowerPC, and ARM64 processors. (To the relief of makers around the world, the all-clear has been issued for all Raspberry Pi models.)
These security gaps, which are largely a result of the race for increasingly faster computers, will persist for a very long time and can only be completely eliminated with a new generation of CPUs – probably years in the future. Kernel developers will have to deal with the vulnerabilities that are opening up on PCs, smartphones, and even cloud service for a long time to come. With smartphones and tablets, only owners of currently supported devices can hope to eliminate the vulnerabilities; older devices remain unprotected.
In addition to the vulnerabilities that became known in January, security researchers published further attack scenarios [1] on February 14th. The previous software patches probably also cover these new attack vectors, but for Intel, this means that the changes to the CPU blueprints developed so far must be scrapped, and the engineers have to go back to the drawing board.
[...]
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Framework Laptop 13 Pro Competes with the Best
Framework has released what might be considered the MacBook of Linux devices.
-
The Latest CachyOS Features Supercharged Kernel
The latest release of CachyOS brings with it an enhanced version of the latest Linux kernel.
-
Kernel 7.0 Is a Bit More Rusty
Linux kernel 7.0 has been released for general availability, with Rust finally getting its due.
-
France Says "Au Revoir" to Microsoft
In a move that should surprise no one, France announced plans to reduce its reliance on US technology, and Microsoft Windows is the first to get the boot.
-
CIQ Releases Compatibility Catalog for Rocky Linux
The company behind Rocky Linux is making an open catalog available to developers, hobbyists, and other contributors, so they can verify and publish compatibility with the CIQ lineup.
-
KDE Gets Some Resuscitation
KDE is bringing back two themes that vanished a few years ago, putting a bit more air under its wings.
-
Ubuntu 26.04 Beta Arrives with Some Surprises
Ubuntu 26.04 is almost here, but the beta version has been released, and it might surprise some people.
-
Ubuntu MATE Dev Leaving After 12 years
Martin Wimpress, the maintainer of Ubuntu MATE, is now searching for his successor. Are you the next in line?
-
Kali Linux Waxes Nostalgic with BackTrack Mode
For those who've used Kali Linux since its inception, the changes with the new release are sure to put a smile on your face.
-
Gnome 50 Smooths Out NVIDIA GPU Issues
Gamers rejoice, your favorite pastime just got better with Gnome 50 and NVIDIA GPUs.