Intel has released an advisory regarding another speculative-execution-type attack, in multiple forms and affecting many processors.
Hackaday has an write up about it, also.
Personal computing discussed
Moderators: Flying Fox, morphine
DancinJack wrote:You might put something in the title about Meltdown. Might get some more interest that way.
DancinJack wrote:You might put something in the title about Meltdown. Might get some more interest that way.
just brew it! wrote:DancinJack wrote:You might put something in the title about Meltdown. Might get some more interest that way.
Except that it is more closely related to Spectre, and the researchers who discovered it did in fact name it "Foreshadow"...
Ummagumma wrote:DancinJack wrote:You might put something in the title about Meltdown. Might get some more interest that way.
Right now I think that would equate to "clickbaiting" the article.
The definitions of "meltdown" and "spectre" flaws seem to be pretty clear here:
https://meltdownattack.com
DancinJack wrote:The reason I said Meltdown was because of this article at Ars, which I read before this thread. "What's in store today? A new Meltdown-inspired attack on Intel's SGX, given the name Foreshadow by the researchers who found it."
Chrispy_ wrote:That exists on the intertubes somewhere, right?
3. LICENSE RESTRICTIONS. All right, title and interest in and to the Software
and associated documentation are and will remain the exclusive property of
Intel and its licensors or suppliers. Unless expressly permitted under the
Agreement, You will not, and will not allow any third party to (i) use, copy,
distribute, sell or offer to sell the Software or associated documentation;
(ii) modify, adapt, enhance, disassemble, decompile, reverse engineer, change
or create derivative works from the Software except and only to the extent as
specifically required by mandatory applicable laws or any applicable third
party license terms accompanying the Software; (iii) use or make the Software
available for the use or benefit of third parties; or (iv) use the Software on
Your products other than those that include the Intel hardware product(s),
platform(s), or software identified in the Software; or (v) publish or provide
any Software benchmark or comparison test results.
DragonDaddyBear wrote:Wow. I'm not sure how that doesn't violate the first amendment. I'd like to see Intel try to win that law suit.
just brew it! wrote:DragonDaddyBear wrote:Wow. I'm not sure how that doesn't violate the first amendment. I'd like to see Intel try to win that law suit.
First amendment only prohibits government interference in free speech. Intel is not the government. If first amendment protected all speech, then all NDAs would be pointless.
JBI wrote:First amendment only prohibits government interference in free speech. Intel is not the government. If first amendment protected all speech, then all NDAs would be pointless.
just brew it! wrote:DragonDaddyBear wrote:Wow. I'm not sure how that doesn't violate the first amendment. I'd like to see Intel try to win that law suit.
First amendment only prohibits government interference in free speech. Intel is not the government. If first amendment protected all speech, then all NDAs would be pointless.
DancinJack wrote:Looks like WIndows 10 got the patches for these CVEs this week.
srg86 wrote:It appears Intel caved and is removing that clause from the License.
Topinio wrote:Windows Update delivers these patches? How can Intel's new license term apply to the new microcode delivered that way?
Edit: odd KB, 4346084 there, where's Kaby Lake S and the Skylake S and Skylake SP Xeons? Is there no patch coming for the pre-1803 releases of Windows server and client?
Glorious wrote:srg86 wrote:It appears Intel caved and is removing that clause from the License.
I was hoping this was going to be someone in legal being ridiculously over-broad and overzealous and that Intel would quickly rectify this.
Amiga500+ wrote:There is no way a company like Intel makes such major changes to their Ts&Cs without serious vetting by the processes of the legal team.
Amiga500+ wrote:Get a Term or Condition wrong and Intel could be looking at millions, if not billions, in fines or compensation. They are acutely aware of this. That clause likely went right to the head of legal and even into the boardroom
Amiga500+ wrote:You don't change those things - particularly in such a drastic way - on a whim.
Shobai wrote:No, it seems they changed it back.
Shobai wrote:this clause doesn't appear to have been in any previous UELA covering Meltdown, etc
Shobai wrote:- Intel will have done all the required legwork to implement the change in UELA for this release
Shobai wrote:Intel have now reverted that change after public outcry
Shobai wrote:this eventuality was foreseen and accounted for, allowing for the speed of response
Glorious wrote:What would the "required legwork" even be? What on earth are you talking about?
Amiga500+ wrote:There is no way a company like Intel makes such major changes to their Ts&Cs without serious vetting by the processes of the legal team... That clause likely went right to the head of legal and even into the boardroom.
Glorious wrote:WHAT?
