The pfSense Store

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - kejianshi

Pages: [1] 2 3 4 5 ... 331
1
OpenVPN / Re: OpenVPN server low upload throughput
« on: Yesterday at 01:09:32 pm »
You didn't say how far apart the vpns are in miles or kilometers or what sort of processor the two ends have.

2
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 13, 2018, 01:23:47 pm »
I would say those companies are actually similar to pfsense in that they use readily available consumer grade hardware and run a tightly secured OS and software.

I think any processors that are immune to spectre are immune accidentally.  I really don't think anyone purposely made a CPU to be immune to these attacks, but they will soon be doing it for sure.

3
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 13, 2018, 10:31:58 am »
So are you saying pfsense hardware isn't a security product?

4
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 12, 2018, 03:25:12 pm »
I'm sure its nothing. No sense crying over spilled milk...   Especially when its only 10% - 30% of your milk.  Thats nothing....  You still have 70% of what you paid for after all, with good-nuff security to boot. 

Most of the time anyway (Work load dependent, of course).  I mean if all you do is display a static image on your monitor, you might not notice any performance hit at all (-:

(Unless your computer won't boot or keeps rebooting) - My AMD just sort of slows to a crawl and hangs eventually.  Its only a problem if I need to use it though.  The rest of the time its barely noticeable.

Anyway - Its "fixed"ish.  Stop whining!

5
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 11, 2018, 12:35:28 pm »
Time will tell. 

6
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 11, 2018, 12:09:00 pm »
The problem is you think things will be patched and fairly usable and secure.

We disagree on this point.  I think it is a basic flaw that will never be adequately patched.

Time will tell.  I believe (an opinion) the CPU makers will end up paying lots and lots over this. 

Perhaps not going broke levels of cash but I wouldn't expect profits til the next slew of hardware is released and tested to be 100% immune.

If Intel and AMD doesn't do this, another chip maker will and that would be a disaster for the current makers.

We will know one way or another pretty soon whether people just accept this or if they start looking elsewhere for hardware. 

If Intel is smart they have rooms filled with overpaid geniuses designing new hardware this very second working 24/7....  Because someone does.
I definitely won't buy the "We are the only game in town so you have to accept it" line.  If they try that nonsense, they will end up extinct.

7
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 11, 2018, 11:53:17 am »
I'm sure its not a hardware problem like everyone says.  haha.
I think there is an expectation that the hardware is fundamentally secure in its design and that only software and OS issues could make it otherwise.
I'm sure the government IT guys are fairly panicked because I promise you they will not feel the patches are "good enough".
Put in other terms, if a computer was a car we would be dealing with a massive recall.

8
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 11, 2018, 07:52:22 am »
Likely there will be massive class action suits now that you mention it.  Wonder when that hammer will drop?

It wouldn't take much work to prove that the people who designed and manufactured the chips are responsible for their flawed design.  One would think?

Looking around the web I can see that several states are already filing suit against intel saying that by keeping the flaw secret for six months they allowed people to buy their products who likely would not have given the flaw.  You can put me on that list.  I'd have to be desperate for a new machine to buy one right now.

9
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 11, 2018, 06:29:24 am »
Thats true, and totally understandable.  However, downplaying the severity and lack of full fix isn't understandable. 

In the end, the first company to come up with a high performance chip that isn't susceptible is going to make trillions of dollars.  Hopefully it will be a new contender and an entirely new architecture.  We are due for a refresh.

10
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 11, 2018, 12:40:36 am »
Limiting access to high resolution timers is what google chrome and firefox have done.  Also strictly segmenting memory between pages.  The patch sucks to high heaven performance wise and still is vunerable. 

Good enough security?  Hmmmm.   I don't think we will have that before a processor redesign.  I mean I'm not selling my laptop or anything but I'm well aware that I need to change how I use my machines.  I'm going to have to cut way back on the number of sketchy porn sites I visit.

I think they should be presenting the patches for what they are.  An attempt to reduce the risk.  However they consistently use language that leads people to believe the patches fix things.  Last time I saw writing that misleading was when cigarette companies tried to convince everyone that smoking was perfectly harmless.

However, because of the way pfsense is used and the fact that it isn't a web browsing machine, I worry about pfsense way less than my computers that have desktops and keyboards.

11
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 10, 2018, 11:08:59 am »
Mikeisrespectful...   Yeah.  32 bit got hit too.

The thing I find interesting is that researchers with nothing to gain or lose say this can't be truly fixed.

Meanwhile people who stand to lose billions upon billions are saying "We can fix it with patches".

12
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 09, 2018, 11:50:02 am »
All benchmarks performed before the BIOS upgrades needed to patch the CPUs and the OS patches are meaningless as far as I'm concerned.

To compare apples to apples, we need to compare CPU benchmarks AFTER all the patches are installed.

13
General Questions / Re: Intel CPUs Massive Security Flaw issue
« on: January 09, 2018, 12:04:54 am »
"Once these backports are available, snapshots including the fixes will only be available for pfSense® 2.4.x and amd64 architecture."

Thank god my D2700 doesn't do branch prediction!

"Our Amazon Web Services and Microsoft Azure customers are safe as both providers already patched their infrastructure against these vulnerabilities."

I'm dubious that cloud servers are"Safe".  Mitigated and cured are not the same thing.

14
webGUI / Re: webConfigurator default certificate expired yesterday
« on: January 07, 2018, 12:29:26 pm »
My 32 bit D2700 is immune to spectre by the way...  Funny.  So is my old AMD x2.

Saved by old junk!

15
webGUI / Re: webConfigurator default certificate expired yesterday
« on: January 07, 2018, 10:09:36 am »
I'd also update the TV (-:

I'd religiously update anything with a web connection. 

Pages: [1] 2 3 4 5 ... 331