Bill, Spectre in particular is not something that can be patched in the OS easily. There are workarounds, like decreasing JavaScript engines' timer resolution to make the attack impractical from browser-based JS. Dave, I've read that Alpha and Itanium support per-entry tagging in the TLB which can help totally mitigate Spectre on those platforms, if the OS takes advantage of it. I suspect that since SPARC64 and MIPS can run with a software TLB manager, they can also be corrected. Thanks, Jonathan On Mon, Jan 8, 2018 at 8:33 AM, william degnan via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
It's a combo of the OS-patched vs non-OS-patched CPU. If you're still running a Windows 2003 server in production or you use Windows XP I'd say now is the time to upgrade. Modern CPU machines with modern OS versions are less likely to have issues. Perhaps Rasp Pis running DNS servers with specialty builds of Debian which are not patched and supported other than the snapshot they were taken and stuff like that are vulnerable. That's why for my PDP 8i I used the latest Debian rather than Wheezy that one could download from the PiDP8 web site image. The Pocket CHIP maybe vulnerable too, depending what you're running on it.
As far as on-topic CPUs ... they're long-ago vulnerable to many things. Take a number.
Bill
On Mon, Jan 8, 2018 at 8:18 AM, Dean Notarnicola via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
These flaws can be *potentially* exploited on any processor that features speculative execution. No idea as to why there is no comprehensive list of affected CPUs as of yet.
On Mon, Jan 8, 2018 at 8:02 AM, Joseph Oprysko via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
It’s been said that the Meltdown/Spectre flaws affect CPU’s as far back as 1995. Which in some opinions possibly could put some of the affected processors into the ‘vintage’ range. But I’ve yet to see a comprehensive list of all processors affected. Intel released a list, but that only goes back to around 2011 or so with the branding change to “Core” and others released in the time since.
I’m curious about exactly what CPU devices, regardless of manufacturer, other than those listed, that are also affected. So including ARM processors, AMD, PowerPC?, G3/4/5? that may vulnerable to those flaws. And where they got the 1995 date from, because there’s a fair number of disused processors in that timeframe as well.
Anyone have any insights on this? -- Normal Person: Hey, it seems that you know a lot. Geek: To be honest, it's due to all the surfing I do. Normal Person: So you go surfing? Normal Person: But I don't think that has anything to do with knowing a lot... Geek: I think that's wrong on a fundamental level. Normal Person: Huh? Huh? What?