Linux 4.3 Released As Stable; Improves On Open-Source Graphics, SMP Performance (lkml.org) 73
An anonymous reader writes: The Linux 4.3 kernel was released as stable today. The Linux 4.3 kernel brings Intel Skylake support, reworked NVIDIA open-source graphics support, and many other changes with the code count hitting 20.6 million lines of code.
Re: (Score:2)
Drugs, violence, and duck tape. Any of them is the solution to anything.
Re: (Score:1)
All of them is the solution to anything.
FTFY
Re: (Score:2)
Drugs, violence, and duck tape. Any of them is the solution to anything.
Especially if you cook the duck.
Re: (Score:2)
DUCT. TAPE. NOT DUCK.
It's not hard.
Fucking millenials.
Re: (Score:1)
Re: (Score:2)
s/Wrong, you ignorant fuck/Here's something you may be interested to learn/
Phew, now I can read your otherwise informative reply without bemoaning your inherent hostility. Yeah, I know, the OP was just as bad. Don't let that detract your response, though!
Something else to add to the discussion. The name "duck tape" _may_ be because of the duck cloth backing. Another theory on the name comes from the tape being waterproof like a duck. Even one more theory is that it was named after the
Re: (Score:2)
*shrug* I'm just trying to be helpful and point out that you're acting as bad as the original poster, therefore your response loses significant worth. That's a pretty good reason to be polite. It's up to you whether you want to take the point, or let loose with more ad hominem responses.
You also need to look up the definition of condescension and pretentious. I do not think they mean what you think they mean.
That's it from me. I'll respond no more on this topic, so feel free to have the last word.
How much of it do I have to trust? (Score:1)
If I upgrade to this kernel, how many of those lines of code do I actually have to trust not to give away everything on my machine to a black hat? Hopefully less than 100k lines of code are actually critical.
Re: (Score:2)
This is Linux so putting in random USB sticks is largely a non-issue.
Running stuff (especially as root) off random USB sticks is always a bad idea on any OS of course.
Re: (Score:2, Insightful)
I was reffering to BadUSB, which is for example the USB firmware suddendly adding a fake USB keyboard and running running curl | sh through ALT+F2, or maybe adding a USB network adapter that proxies your traffic through an attacker machine, or really all sorts of other fun things you could imagine.
This isn't the things I'd worry about, but properly done rogue firmware is definitely among the 1% scary attacks.
Re: (Score:2, Flamebait)
Re: (Score:2)
>> You're confusing all the Windows on here .. :)
Don't care, this is a Linux article
Re: (Score:3)
Firmware is just a fancy word for software. I write firmware for a living. Most of the fear around it is because many don't understand what firmware is.
The very nature of having code that runs on a processor that is isolated from the rest of your system is generally considered a good thing in security, and that's all firmware really is. Now what your computer does with the output of that firmware is really what has been overlooked for years.
Re: (Score:2)
Is your firmware microcode? Otherwise I agree that firmware is just code stored on an ROM. Still, this doesn't mean it isn't something to be afraid of it you don't trust it.
Re: (Score:2)
I'm only concerned if I'm giving it sensitive information. Of course the classic hack is to have your exploited mouse or whatever act like a keyboard and type something, or a storage device and boot something. It doesn't take much effort either and nobody offers a software signing service for USB peripherals.
Also when you say microcode, I don't think it means what you think it means.
Re: (Score:2)
Most importantly, you have to trust those parts of the kernel code that you run and very few other people do.
Big bad exploits get caught. Sneaky ones can hang around for awhile.
Re: (Score:2)
While that's generally true, there have been cases where common code has had potential exploits that have hung around for decades.
Re: (Score:2)
Heartbleed, for one, but once it's "outed" something like Heartbleed is addressed quickly.
If you're running a bit of the kernel that applies to 1% of the users of an obscure 1% piece of hardware and that bug gets outed - response time to fix that bug will probably be less impressive.
If an exploit exists in the code and nobody knows about it (or, more importantly, uses it), does it really matter?
Re: (Score:2)
I don't have the intel graphics driver loaded on my sysem.
Re:How much of it do I have to trust? (Score:5, Funny)
Re: (Score:3)
dude, you missed like 8 choices
Re:How much of it do I have to trust? (Score:5, Funny)
dude, you missed like 8 choices
there are 10 kinds of people: people that understand binary and people who don't.
Re: (Score:1)
dude, you missed like 8 choices
there are 10 kinds of people: people that understand binary and people who don't.
The top poster was right.
There are 11 kinds of people: people that understand binary and people who don't.
Re: (Score:2)
Actually there are 100 choices..
Trust the code
Don't use it
Write your own
Use an OS that sandboxes it by default, and only gives it the capabilities you supply.
Re: (Score:1)
This is Boolying.
Re: (Score:1)
> This is Boolying.
.AND. ?
Re: (Score:2)
> This is Boolying. .AND. ?
You're obviously full of bool.
Re: (Score:2)
Real programmers know there's one more option...
Re: (Score:2)
Most of them are related to drivers for a host of peripherals as well as other architectures and features your computer may not even have. So most code is largely untouched.
Here is a neat comparison: http://www.informationisbeauti... [informatio...utiful.net]
Re:How much of it do I have to trust? (Score:5, Informative)
Re: (Score:3)
If I upgrade to this kernel, how many of those lines of code do I actually have to trust not to give away everything on my machine to a black hat? Hopefully less than 100k lines of code are actually critical.
Depends on your threat model. If your "black hat" can plug malicious devices into your machine quite many but then your security is probably badly compromised anyway. If he's within wireless range then a few stacks like Bluetooth, WiFi, WiDi etc. if you have them enabled, but if that's a realistic fear I'd simply use wired accessories. If he's got a local user there might be many vectors for an escalation attack, but then he's already got a foot in the door. For packets coming down the wire from the Interne
Re: (Score:2)
The fact that it existed as a default for sooo long though... I mean, at what point in time did that seem like a Good Idea ?
Re: (Score:2)
The fact that it existed as a default for sooo long though... I mean, at what point in time did that seem like a Good Idea ?
Probably at the same point in time that it seemed like a good idea to enable SSH to a box. I mean, oh my god, with the root password (or an account that has sudo privileges) someone could remote in and access the whole computer!
The administrative shares on a Windows box really aren't all that different, you need an administrative account (root) to use them and if you have an administrative account you get full access. You could argue that they are "hidden" and not well known, but I would counter that are
Re: (Score:2)
Re: (Score:2)
Depends on your threat model. If your "black hat" can plug malicious devices into your machine quite many but then your security is probably badly compromised anyway.
Compared to... what, exactly? A networked Windows box with the fefault CIFS client for printing and drive access enabled publishes the entire hard disk as the hidden crive \\ipaddress\c$, *always*, it's a nightmare to turn off.
Compared to... a secure system. If someone can plug in devices they can probably install hardware keyloggers, spy cams and anything else they need to compromise your credentials the next time you log in. You can't trust a machine that's been tampered with any more than you can trust software that's been patched, whether it runs Linux or some other OS.
Re: (Score:2)
Passwords are for protecting against remote bruteforcing. For local protection you lock the door.
Yes, but you can put a password on your computer that I cannot brute force.
You cannot put a lock on your door that I cannot bypass, likely without you even knowing it was bypassed.
Re: (Score:2)
Re: (Score:1)
There's no way to quantitatively measure that. But I do know that between the 3 major monolithic kernels, it's in the top two in trust and competently-written code.
Re: (Score:2)
You have to assume it's compromised.
Re: (Score:2)
All of the lines that you use.
Same as ANY OTHER OPERATING SYSTEM OR APPLICATION.
Were you expecting a different answer?
And have you EVER inspected the code to any program fully enough to satisfy your curiosity that it doesn't do anything you don't trust? If so, are you aware of the Obfuscated C contests?
Sorry, but for even a skilled coder, there is NO WAY you can audit this amount of code single-handedly and you have to take it on trust. Same as everything else.
Even the TrueCrypt audit didn't catch all the
Re:SMP improvements? (Score:5, Informative)
"and the performance testing results are encouraging. Nevertheless we need to keep
an eye on potential regressions, since this potentially affects every SMP workload
in existence."
http://lkml.iu.edu/hypermail/linux/kernel/1508.3/04818.html
We'll know that Linux has surpassed Windows... (Score:2)
with the code count hitting 20.6 million lines of code
Linux' technical capabilities are all well and good but we'll know that it's truly surpassed Windows when it can claim just as many (if not more) lines of code...
I kid, I kid!
Re: (Score:2)
half of it at least is device drivers, windows keeps that in a separate pile