***On Fri, 30 Dec 2011 04:42:43 -0500
“STeve Andre’” wrote:
> It’s not the newest model, but the W500 is a wonderful laptop. I
> am using it now. 2.8G core two
Should that be w500 with dual core. Core two duos have botched microcode
with security risks according to Theo, though I’m not sure of the
specifics/severity.
to misc
Yes, W500’s do have that potential problem. It’s a real issue,
which makes me think that not running Windows is a grand
idea. I’m not sure there is a solution to this. Laptops are
special–you can’t take parts out or add them as easily as a
desktop. sigh***
Has anyone else heard about inherent security flaws in core 2 duo processors, or is this just openbsd chatter?
Much like software products, bugs, errata or ways to improve upon operation are often found in CPU’s after they have reached the market. In some cases, the necessary changes can be applied by the end user without any change to the underlying hardware in the form of microcode updates downloadable from the manufacturer. Intel offers these microcode updates for download on their website.
Provided the availability of the microcode and firmware kernel modules (which are enabled in the stock kernels of most distributions) and a suitable user space tool such as microcode_ctl, one can install the updated microcode into their processors at runtime. The microcode update is volatile however, meaning that it disappears upon reboot. While this reduces the risk of applying such an update to essentially 0, it does mean that it must be applied on each boot.
Unfortunately, Theo is not here to comment! He rarely speaks to those outside his inner circle, it appears, even on his own openbsd forum. MS does microcode updates through its partnership with Intel - not sure if GNU/Linux also does this.