*

Offline xasop

  • Administrator
  • *****
  • Posts: 9776
  • Professional computer somebody
    • View Profile
Re: Meltdown/Spectre
« Reply #20 on: January 26, 2018, 05:12:32 PM »
A bicycle works. A shiny car costs more and is easier to use. I understand how every part of a bicycle works and can fix it. I can't do this with my 'bloated' one ton car. It needs a laptop and a skilled mechanic. Sometimes my car breaks. I need to spend time and money fixing it. But I'm sure as hell not going to use my bike to cycle to London.  >o<

If you had to wait 3 months for other people to test new parts your mechanic puts into your car before you can trust his work, would you keep paying the same mechanic or would you find someone else?
when you try to mock anyone while also running the flat earth society. Lol

*

Offline Dr David Thork

  • *
  • Posts: 5188
  • https://onlyfans.com/thork
    • View Profile
Re: Meltdown/Spectre
« Reply #21 on: January 26, 2018, 05:15:07 PM »
I still wouldn't be cycling everywhere.
Rate this post.      👍 6     👎 1

*

Offline xasop

  • Administrator
  • *****
  • Posts: 9776
  • Professional computer somebody
    • View Profile
Re: Meltdown/Spectre
« Reply #22 on: January 26, 2018, 05:16:35 PM »
I still wouldn't be cycling everywhere.

And there you go assuming I'm talking about one particular OS again. Why are you reading more into my statements than there is?
when you try to mock anyone while also running the flat earth society. Lol

*

Offline Dr David Thork

  • *
  • Posts: 5188
  • https://onlyfans.com/thork
    • View Profile
Re: Meltdown/Spectre
« Reply #23 on: January 26, 2018, 05:29:32 PM »
All the OSes you have ever suggested are nihilistic, command-driven time thieves with the visual beauty of a octogenarian vagina. 
As fun as this time loop has become, its my 40th birthday. I am off out to drink lots and be obnoxious to women. ttfn.
Rate this post.      👍 6     👎 1

*

Offline xasop

  • Administrator
  • *****
  • Posts: 9776
  • Professional computer somebody
    • View Profile
Re: Meltdown/Spectre
« Reply #24 on: January 26, 2018, 06:29:55 PM »
All the OSes you have ever suggested are nihilistic, command-driven time thieves with the visual beauty of a octogenarian vagina. 
As fun as this time loop has become, its my 40th birthday. I am off out to drink lots and be obnoxious to women. ttfn.

That statement doesn't really explain anything. Why do you think there are no good OSes that aren't interesting to me personally?
when you try to mock anyone while also running the flat earth society. Lol

JohnAdams1145

Re: Meltdown/Spectre
« Reply #25 on: January 28, 2018, 08:21:41 AM »
Baby Thork, I hope you realize that something called the Windows Insider Program exists. People who sign up for it get the latest and greatest in features in exchange for submitting feedback/bug reports on stuff that doesn't work. Typical software updates have been tested extensively; any bugs will probably just be small annoyances and won't brick your computer. On the other hand, deciding to avoid updates on published vulnerabilities makes your computer an easy target. Imagine if an attacker knew everything you typed, everywhere you visited... That's asking for identity theft. Even ransomware will cost you far more time than the slight annoyances that come with keeping up-to-date. Besides, most updates fix annoying bugs in previous versions.

*

Offline Lord Dave

  • *
  • Posts: 7653
  • Grumpy old man.
    • View Profile
Re: Meltdown/Spectre
« Reply #26 on: January 28, 2018, 08:27:29 AM »
Baby Thork, I hope you realize that something called the Windows Insider Program exists. People who sign up for it get the latest and greatest in features in exchange for submitting feedback/bug reports on stuff that doesn't work. Typical software updates have been tested extensively; any bugs will probably just be small annoyances and won't brick your computer. On the other hand, deciding to avoid updates on published vulnerabilities makes your computer an easy target. Imagine if an attacker knew everything you typed, everywhere you visited... That's asking for identity theft. Even ransomware will cost you far more time than the slight annoyances that come with keeping up-to-date. Besides, most updates fix annoying bugs in previous versions.


To be fair, Windows has released updates that they've had to retract due to system crashes or breaking the OS.  I've seen a few personally.


And most vulnerabilities are specific and unbroadcasted.  Yes, its a hole but its like trying to poke a moving target in the dark.  You need lure.  You need the vulnerable pc to get infected or to link up with a compromised website.  Then you need to use the right attack in the time you have.
If you are going to DebOOonK an expert then you have to at least provide a source with credentials of equal or greater relevance. Even then, it merely shows that some experts disagree with each other.

*

Offline Pete Svarrior

  • e
  • Planar Moderator
  • *****
  • Posts: 16073
  • (◕˽ ◕ ✿)
    • View Profile
Re: Meltdown/Spectre
« Reply #27 on: January 28, 2018, 11:51:59 AM »
Typical software updates have been tested extensively; any bugs will probably just be small annoyances and won't brick your computer.
The big "Creators Updates" have consistently caused major issues on small (but significant) numbers of machines. The Insider Program is a decent attempt at widening participation in testing, but it is still insufficient for the product of this size.
Read the FAQ before asking your question - chances are we already addressed it.
Follow the Flat Earth Society on Twitter and Facebook!

If we are not speculating then we must assume

*

Offline Dr David Thork

  • *
  • Posts: 5188
  • https://onlyfans.com/thork
    • View Profile
Re: Meltdown/Spectre
« Reply #28 on: January 28, 2018, 03:36:50 PM »
Typical software updates have been tested extensively; any bugs will probably just be small annoyances and won't brick your computer.
The big "Creators Updates" have consistently caused major issues on small (but significant) numbers of machines. The Insider Program is a decent attempt at widening participation in testing, but it is still insufficient for the product of this size.
The creators update before last, I held off. Eventually it forced the update on me and I figured it must be fine by now. It wasn't. It broke my wifi (compatibility problems with Intel dual band wireless AC-8260). In the end I had to reconfigure my router to get it working, but it took 3 days to figure out what happened.  >:(

To my mind, being given some apps and a newer version of MS Paint 3D which I don't use anyway, isn't worth the risk of being kicked off the internet. I wish Microsoft would abandon the Windows 10 forever strategy. I don't want to play. I just want my machine to work as it does right now. I paid for the product. Let me use it as I intended, not as Microsoft intend.
« Last Edit: January 28, 2018, 03:41:43 PM by Baby Thork »
Rate this post.      👍 6     👎 1

*

Offline Lord Dave

  • *
  • Posts: 7653
  • Grumpy old man.
    • View Profile
Re: Meltdown/Spectre
« Reply #29 on: January 28, 2018, 03:42:33 PM »
Typical software updates have been tested extensively; any bugs will probably just be small annoyances and won't brick your computer.
The big "Creators Updates" have consistently caused major issues on small (but significant) numbers of machines. The Insider Program is a decent attempt at widening participation in testing, but it is still insufficient for the product of this size.
The creators update before last, I held off. Eventually it forced the update on me and I figured it must be fine by now. It wasn't. It broke my wifi. In the end I had to reconfigure my router to get it working, but it took 3 days to figure out what happened.  >:(

To my mind, being given some apps and a newer version of MS Paint 3D which I don't use anyway, isn't worth the risk of being kicked off the internet. I wish Microsoft would abandon the Windows 10 forever strategy. I don't want to play. I just want my machine to work as it does right now. I paid for the product. Let me use it as I intended, not as Microsoft intend.

Exactly how did windows break your wifi?  What configurations did you need to change to get it working?

Also...
you CAN turn off updates so it won't ever force them.  At least I'm 90% sure you can.  But if you want "install updates when I want" you probably want a linux or unix distro, not windows. 
If you are going to DebOOonK an expert then you have to at least provide a source with credentials of equal or greater relevance. Even then, it merely shows that some experts disagree with each other.

*

Offline Dr David Thork

  • *
  • Posts: 5188
  • https://onlyfans.com/thork
    • View Profile
Re: Meltdown/Spectre
« Reply #30 on: January 28, 2018, 03:44:46 PM »
You press "remind me later" and keep doing that. At some point it just stops asking and before you know it when you shut down the percentage time install has begun and it is telling you not to turn off your PC. Now you're getting that update, permission or not.

And no, you couldn't stop it.
https://www.computerworld.com/article/3247754/microsoft-windows/reports-say-win10-creators-update-users-are-being-forced-to-fall-creators-update-again.html


They weren't supposed to
https://wccftech.com/microsoft-forced-windows-10-update/
But they did anyway.  >:(
« Last Edit: January 28, 2018, 03:49:45 PM by Baby Thork »
Rate this post.      👍 6     👎 1

*

Offline Lord Dave

  • *
  • Posts: 7653
  • Grumpy old man.
    • View Profile
Re: Meltdown/Spectre
« Reply #31 on: January 28, 2018, 03:54:38 PM »
Oh there's ways around that and you know it.  Just go block the update server on your router or firewall.  Or turn off the update service.

And really, I can't blame Microsoft, one of the biggest and most used OSes in the world, to not force it's users to update sometimes when alot don't bother and that lets infections spread.

It's like people who refuse to get vaccinations.  Sure, you'll probably be ok but if enough do it, well, your chances get worse every day.
If you are going to DebOOonK an expert then you have to at least provide a source with credentials of equal or greater relevance. Even then, it merely shows that some experts disagree with each other.

Re: Meltdown/Spectre
« Reply #32 on: January 28, 2018, 03:57:17 PM »
>uses windows because it "just works"
>arg why doesn't windows ever work!!!!11
I have visited from prestigious research institutions of the highest caliber, to which only our administrator holds with confidence.

*

Offline Dr David Thork

  • *
  • Posts: 5188
  • https://onlyfans.com/thork
    • View Profile
Re: Meltdown/Spectre
« Reply #33 on: January 28, 2018, 04:03:24 PM »
Oh there's ways around that and you know it.  Just go block the update server on your router or firewall.  Or turn off the update service.
Do you even have a Windows PC?
https://answers.microsoft.com/en-us/windows/forum/windows_10-update/how-can-i-block-the-creators-update/47be322a-30fb-4cfc-a503-47ac48dc99b8?auth=1

And really, I can't blame Microsoft, one of the biggest and most used OSes in the world, to not force it's users to update sometimes when alot don't bother and that lets infections spread.

It's like people who refuse to get vaccinations.  Sure, you'll probably be ok but if enough do it, well, your chances get worse every day.
There is a world of difference between a content update (creators) and a vulnerability update (patch). I should just be able to opt out of creators updates full stop.

And it is not up to microsoft to keep my PC free of viruses. It is up to me. Its my machine, I paid for it and I bear the brunt of anything that happens to it. I also use 3rd party software to keep it clean of nasty stuff. I haven't had a virus in years. I have had update problems. So again, the patch is the biggest threat to my PC, not malware. Their patches are malware at this stage. I like to wait, it gives the best chance of not installing a patch that later gets pulled or repatched because it broke computers.
« Last Edit: January 28, 2018, 04:07:21 PM by Baby Thork »
Rate this post.      👍 6     👎 1

*

Offline Lord Dave

  • *
  • Posts: 7653
  • Grumpy old man.
    • View Profile
Re: Meltdown/Spectre
« Reply #34 on: January 28, 2018, 05:33:58 PM »
Oh there's ways around that and you know it.  Just go block the update server on your router or firewall.  Or turn off the update service.
Do you even have a Windows PC?
https://answers.microsoft.com/en-us/windows/forum/windows_10-update/how-can-i-block-the-creators-update/47be322a-30fb-4cfc-a503-47ac48dc99b8?auth=1

Literally the first reply:
Quote
You can physically block updates by fiddling with system settings. But that's an absurd thing to do, for at least two reasons: 1) Your computer will eventually stop receiving security updates; and 2) going forward, all changes to Windows and all software programs and hardware drivers will presume that they are dealing with a fully patched system, leading to unpredictable results if the system is not fully patched.

Quote
And really, I can't blame Microsoft, one of the biggest and most used OSes in the world, to not force it's users to update sometimes when alot don't bother and that lets infections spread.

It's like people who refuse to get vaccinations.  Sure, you'll probably be ok but if enough do it, well, your chances get worse every day.
There is a world of difference between a content update (creators) and a vulnerability update (patch). I should just be able to opt out of creators updates full stop.

And it is not up to microsoft to keep my PC free of viruses. It is up to me. Its my machine, I paid for it and I bear the brunt of anything that happens to it. I also use 3rd party software to keep it clean of nasty stuff. I haven't had a virus in years. I have had update problems. So again, the patch is the biggest threat to my PC, not malware. Their patches are malware at this stage. I like to wait, it gives the best chance of not installing a patch that later gets pulled or repatched because it broke computers.
You're right, it's not up to Microsoft to keep your PC free of viruses.  It IS up to them to fix the security holes in the OS that lets others use it as part of a bot net though.  Cause no AV in the world is gonna help with that.

This meltdown/spectre thing?  Tell me what AV is gonna stop that? 
Ransomeware.  You know why it's so potent?  Because it uses Windows's own god damn encryption.  AV can barely figure out when something is encrypting that isn't intentional and relies on delivery signatures or blacklisted IPs.  It's not gonna scan your processes and go "Hey... the OS is encrypting this file.  Do you want to allow it?"
or
"Hey, this program is reading cache.  Do you wish to allow that?"

So yes, Microsoft is responsible for fixing your OS.  Just like Ford is responsible for replacing your airbag when they learn it'll (probably) kill you if deployed.
If you are going to DebOOonK an expert then you have to at least provide a source with credentials of equal or greater relevance. Even then, it merely shows that some experts disagree with each other.

*

Offline xasop

  • Administrator
  • *****
  • Posts: 9776
  • Professional computer somebody
    • View Profile
Re: Meltdown/Spectre
« Reply #35 on: January 28, 2018, 05:54:50 PM »
There is a world of difference between a content update (creators) and a vulnerability update (patch). I should just be able to opt out of creators updates full stop.

Do you understand how software development works?

I mean, yes, in theory you are correct. However, in order to support you with security updates without giving you the Creators update, Microsoft would effectively be supporting two different OSes. Now add the next "content update" onto that, and it's three OSes. Fast-forward 10 years and you have another Windows XP situation.

The reality is that very few OS vendors will continue to produce security patches for old releases past about a year after their replacement comes out. This isn't a Microsoft-only problem, it simply requires too much manpower to support every special snowflake configuration everyone wants to run.

For example, the only Linux distribution I'm aware of that enables users to hold off on "content updates" within one major release is Red Hat Enterprise Linux. This will cost you $249, and you still only get 2 years of security support before you need to get the "content updates" anyway.

So no, when you consider practicality, "content updates" and security updates are not so separate.
when you try to mock anyone while also running the flat earth society. Lol

*

Offline Dr David Thork

  • *
  • Posts: 5188
  • https://onlyfans.com/thork
    • View Profile
Re: Meltdown/Spectre
« Reply #36 on: January 28, 2018, 11:38:32 PM »
Rate this post.      👍 6     👎 1

*

Offline juner

  • Planar Moderator
  • *****
  • Posts: 10174
    • View Profile
Re: Meltdown/Spectre
« Reply #37 on: January 31, 2018, 05:05:23 PM »
I also use 3rd party software to keep it clean of nasty stuff. I haven't had a virus in years.

Interesting, what kind of 3rd party software? Anti-virus or similar? Do you let that 3rd party software do its own definition updates, or do you also wait 3-6 months on that? I have had more issues with 3rd party software (specifically A/V) breaking things than OS updates. Bad definition updates that happen automatically have taken down applications on me 3 times I can recall in recent memory. I guess I should apply Thork-LogicTM and not let those things update for months as well, as they are likely the biggest risk to my machine according to you.

*

Offline Dr David Thork

  • *
  • Posts: 5188
  • https://onlyfans.com/thork
    • View Profile
Re: Meltdown/Spectre
« Reply #38 on: January 31, 2018, 07:49:27 PM »
Definitions are different to patches.

Lets use a different example. So I have Spybot as one of my tools. And I update the definitions on that regularly. But the difference is, it tells me when its going to do something. It tells me what its found, and asks me what to do. I also only have it in on-demand mode. IE I ask it to check the drive. It isn't 'immunizing' my computer. I have other things for that.

A virus definition tends to be a check for a registry key setting or the location of where a bad file loads itself and a check for it. And it always asks ... do you want to quarantine or delete this threat? It isn't sneakily doing shit behind my back. And if it says my keyboard is a virus and it wants to remove it, I tell it not to. I can't do that with a patch.

In short I keep my definitions up to date. They don't cause me issues. It is patches that break my machine from time to time, and not being so keen to update has really reduced the likelihood of me getting an issue. I'm usually one version behind on my bios too ... + I google and read to see if the version I'm looking to install has caused other people problems and weigh the risk. For example if an update is breaking people's Logitech mice, I might ignore that as I don't have one and install. If people with my graphics package are saying it destroys their performance, then I'm going to wait and ride that one out.

For me it is more about not just installing because it is there. Do I need it, do I need it right now, what might it break, how long has it been out ... it has to be a better strategy than "patching as soon as possible". That is a strategy that has burned me many times in the past. Sure it takes a few mins to decide whether or not to do the updates, but that is better than losing several hours or worse because a patch broke something.
Rate this post.      👍 6     👎 1

*

Offline juner

  • Planar Moderator
  • *****
  • Posts: 10174
    • View Profile
Re: Meltdown/Spectre
« Reply #39 on: February 02, 2018, 04:24:58 PM »
No spectre or meltdown viruses exist.


http://www.zdnet.com/article/meltdown-spectre-malware-is-already-being-tested-by-attackers/
Quote
The number of potential Meltdown-Spectre malware samples collected by AV-Test has steadily climbed since the first one was spotted on January 7 to 139 by the end of January.

I know pointing out Thork being wrong is like shooting fish in a barrel, but I figured I should remind everyone again that he is wrong.