Post by Rinaldi J. Montessi
Recently downloaded the Slackbuilds tools for building and installing
the latest Intel microcode update (January 2018). iucode_tool and
Question is, should I go ahead and install this update or wait for the
package to be provided in an official update? Or none of the above? Not
sure of the risks involved in fiddling with microcode.
For motherboards that are now "legacy" - my x99 last UEFI/BIOS update was
in 2016 - your only recourse is to load new microcode on boot along with
a patched kernel. Doing one or the other is only half the fun. If
possible, its best do load microcode as early as possible before the
kernel actually loads as any exploit needs to be already in memory to
take advantage of the CPU hardware bugs.
I'm not going to stress over Spectre and Meltdown, as its not directly
exploitable remotely, and wait for Slackware 15. I have my email client
set set to text only, and the browser set up with NoScript and Adblock.
random binaries. Anything else will require the "hacker" to enter my
home, sit at my desk, and log into my computer. This issue is of serious
concern, yes, but I am no longer surprised at the depths of stupidity our
species' achieves in the quest for profit (greed) and convenience
My advice? DON'T PANIC. Take the same online precautions that you should
have been doing since...forever. Learn to love plain text (USENET FTW!)
Lose the online fetish. Use a phone as a phone and not as an
entertainment device because you get bored standing in line for 5 minutes
or walking down the street. Go to a brick and mortar store and use cash
more often. Go to the physical bank.