https://git.kernel.org/…/ke…/... sure some of you are working on the patches already, if you are then lets connect cause, I am an ardent researcher for the same as of now.

So here it goes:

As soon as kernel page table isolation(KPTI) bug will be out of embargo, Whatsapp and FB will be flooded with over-night kernel "shikhuritee" experts who will share shitty advices non-stop.

1. The bug under embargo is a side channel attack, which exploits the fact that Intel chips come with speculative execution without proper isolation between user pages and kernel pages. Therefore, with careful scheduling and timing attack will reveal some information from kernel pages, while the code is running in user mode.

In easy terms, if you have a VPS, another person with VPS on same physical server may read memory being used by your VPS, which will result in unwanted data leakage. To make the matter worse, a malicious JS from innocent looking webpage might be (might be, because JS does not provide language constructs for such fine grained control; atleast none that I know as of now) able to read kernel pages, and pawn you real hard, real bad.

2. The bug comes from too much reliance on Tomasulo's algorithm for out-of-order instruction scheduling. It is not yet clear whether the bug can be fixed with a microcode update (and if not, Intel has to fix this in silicon itself). As far as I can dig, there is nothing that hints that this bug is fixable in microcode, which makes the matter much worse. Also according to my understanding a microcode update will be too trivial to fix this kind of a hardware bug.

3. A software-only remedy is possible, and that is being implemented by all major OSs (including our lovely Linux) in kernel space. The patch forces Translation Lookaside Buffer to flush if a context switch happens during a syscall (this is what I understand as of now). The benchmarks are suggesting that slowdown will be somewhere between 5%(best case)-30%(worst case).

4. Regarding point 3, syscalls don't matter much. Only thing that matters is how many times syscalls are called. For example, if you are using read() or write() on 8MB buffers, you won't have too much slowdown; but if you are calling same syscalls once per byte, a heavy performance penalty is guaranteed. All processes are which are I/O heavy are going to suffer (hostings and databases are two common examples).

5. The patch can be disabled in Linux by passing argument to kernel during boot; however it is not advised for pretty much obvious reasons.

6. For gamers: this is not going to affect games (because those are not I/O heavy)

Meltdown: "Meltdown" targeted on desktop chips can read kernel memory from L1D cache, Intel is only affected with this variant. Works on only Intel.

Spectre: Spectre is a hardware vulnerability with implementations of branch prediction that affects modern microprocessors with speculative execution, by allowing malicious processes access to the contents of other programs mapped memory. Works on all chips including Intel/ARM/AMD.

For updates refer the kernel tree: https://git.kernel.org/…/ke…/...

For further details and more chit-chats refer: https://lwn.net/SubscriberLink/...

~Cheers~

(Originally written by Adhokshaj Mishra, edited by me. )

Since I was little I was fascinated by club light shows I saw on TV shows. I just couldn't find out how they made light react to sound, which were two completely unrelated things to me back then. But I wasn't dumb and somehow figured out that if I hooked some low energy fairy lights to my amp and turned the bass up, they would lightup to the beat.
3 fried fairy lights and angry parents for to loud music later I swore to myself that I would someday build something that could light up my whole room and react to the music I was playing.

I started coding about the age 13 (turned 20 a month ago) with some old school bat scripts. But I wanted something that would generate a .exe so I googled and ended up installing Visual Studio Express (again angry parents for installing without asking) and started copying my first VB.Net program together. From there no one could stop me. I wanted to archive something with an application and googled until I found what I needed and learned to code this way.
I learned writing decent vb.net code and itvwas about this time I came into contact with IRC. I lurked arround there and this is were I came into contact with Linix servers, because I wanted to code IRC (eggdrop) bots, so I learned TCL and got used to Linux. Time passed and I ended uo being a Global OP on some network back then.

I did go further, coded Minecraft Mods, thus Java, changed back to C#, learned PHP and started setting things up on my VPS, Mails server, web server, etc.

Nowadays I work as a Systemadmin / Developer Hybrid, earning my first real money doing what I love to do and guess what? In the meantime I proved myself I can accomplish what I wanted as kid. I bought some Club LED DMX capital lights and programmed a controller for them which can control them in C#, but in a way I can run it on my raspi using mono. I also coded a client which runs on windows which uses some native libraries to calculate the dominant color of the shown picture in realtime (Handels 24fps 1080p) and uses the lights as ambient light, like you see them behind TVs sometimes.
The same app uses Bass.NET and an algorithm to dedect a beat in realtime and switches the light colors. Exactly what I wanted as akid, but better.

I can even control the lights via the new Google Assistant and/or Tasker.

Feels fcking good.

Some of my work lies on github among other, mostly trash: https://github.com/Kimmax - didn't updated there in a while tho.

I plan on writing a new free opensource plugin based modular home automatication server and pretty sure could use some helping hands..

I don't know why I wrote all this, just felt like it.
Also: first Rant

Please don't kill me for errors in the text, I'm to lazy to read through it again right now :P