Debian User Forums

Posted: **2018-01-04 15:08**

zerubbabel wrote:Who would buy a house if he knew that the builder reserved the "right" to build a hidden chamber below the apparent foundation, having a control panel with which to monitor everything that happens in the house, and having a secret tunnel connecting it to some other unknown realm?

Of course, except it wasn't designed that way. It cropped up like most software security vulnerabilities do, as an unintended consequence of bad programming.

Maybe nobody should ever buy anything ever again, just in case there is a hidden security flaw.

Posted: **2018-01-05 08:54**

Wheelerof4te wrote:^Average non-gamer users won't notice much difference in performance.

That's a good point. I just wanted to see first hand the difference with pre- and post-patch performance. You are right that the actual impact to average user is minimal. Gamers also shouldn't be too much affected, unless the game is especially CPU intensive. Like you said, most impact will be suffered by business users, service providers and users who need to squeeze out every bit of performance from their hardware.

So I ran following sysbench tests, which seemed to show some change. I ran three tests before and after the patch, below results are my own redacted summary of all six tests. System load and processes for all tests was the same, but I doubt my test setup would fulfill scientific standards..

Thought I'd share them with you anyway, maybe someone's interested.

EDIT: Disclaimer, I'm not really big on system benchmarking. There probably is lot better ways to test it. Maybe someone could comment on this?

Code: Select all

Hardware:
Intel i5-3570k @ 4.4Ghz, 8Gb DDR 3

Tests run with:
$sysbench --batch --batch-delay=5 --num-threads=2 --max-requests=50000 --test=threads run

Pre-patch, with kernel 4.9.65-3+deb9u1
Pre-patch Test 1-3
total time:                          5.3247s - 5.4139s
total time taken by event execution: 10.6455 - 10.8239
per-request statistics:
   min:                                            0.18ms - 0.19ms
   avg:                                            0.21ms - 0.22ms
   max:                                           0.57ms - 0.92ms
   approx.  95 percentile:               0.23ms - 0.24ms
Threads fairness:
events (avg/stddev):                  25000.0000/2.00
execution time (avg/stddev):     5.3228 - 5.4119/0.00


Post-patch, with kernel 4.9.65-3+deb9u2
Post-patch Test 1-3
total time:                          8.7143s - 8.8911s
total time taken by event execution: 17.4244 - 17.7782
per-request statistics:
   min:                                            0.32ms
   avg:                                            0.35ms - 0.36ms
   max:                                           0.97ms - 1.03ms
   approx.  95 percentile:               0.36ms - 0.37ms
Threads fairness:
events (avg/stddev):                  25000.0000/2.00
execution time (avg/stddev):     8.7122 - 8.8891/0.00

Posted: **2018-01-05 21:16**

I guess a better test would be to perform something cpu intesive that you care about, like decompress large archives or compile kernels.

Posted: **2018-01-07 09:10**

Researchers discovered an undocumented configuration setting that can used to disable Intel ME 11 that has been likened to a backdoor.

Use at your own risk: How to disable Intel ME 11 'backdoor' thanks to the NSA.

NSA's name should be changed to NRA, National Risk Agency.

Oh wait, NRA already stands for National Rifle Association.

Then how about National Security Abomination?

Posted: **2018-01-07 09:43**

^^ fixed the subject heading for that article....

"Now you, too, can disable NSA's Intel ME 'backdoor' thanks to the NSA"

Posted: **2018-01-07 15:21**

^ Oh my doG! How did I dare to edit the title of the article? Naughty, naughty.

Posted: **2018-01-07 19:21**

@alan stone:

Your last post seems very unethical. Kindly remove the words before exclamation. Thankyou.

Posted: **2018-01-12 09:23**

^ I don't rent space to anyone in my head.
- Anonymous

The human race will never stop being entertaining... even if it's in strange ways.
- Sarah Denninger

In the end everything will to be ok. And if it's not ok, it's not the end.
- John Paul Dejoria

Debian User Forums

Debian Security ~ Intels' ME and likewise

Re: Debian Security ~ Intels' ME and likewise

Re: Debian Security ~ Intels' ME and likewise

Re: Debian Security ~ Intels' ME and likewise

Re: Debian Security ~ Intels' ME and likewise

Re: Debian Security ~ Intels' ME and likewise

Re: Debian Security ~ Intels' ME and likewise

Re: Debian Security ~ Intels' ME and likewise

Re: Debian Security ~ Intels' ME and likewise