.

Brief: Linux Kernel 4.15 release has been delayed because Intel has not yet provided a proper fix for the nasty CPU bugs. And that has made Linus Torvalds go into swearing mode, again.

Computer systems around the world are getting a raft of patches in the wake of the Meltdown and Spectre vulnerabilities. These low-level bugs affect many different CPUs and architectures, but Intel was hit harder than most. As the company starts rolling out patches, not everyone is happy with the quality of Intel’s work. In fact, original Linux developer Linus Torvalds has called Intel’s patches “COMPLETE AND UTTER GARBAGE.” He actually used caps lock, so you know he’s serious.

Spectre and Meltdown target some core features of modern CPU known as speculative execution. These features allow CPUs to “prime the pump” by doing calculations that may be needed in the future. Spectre and Meltdown abuse cache timing to leak information from the system. All you really need to know is these are serious vulnerabilities that are difficult to patch because of the low-level features they target. Google managed to come up with innovative means to patch its cloud services, but other firms have had issues.

Torvalds’ feelings on the Intel patch were made public in an email chain with Amazon engineer David Woodhouse. He takes issue with the content of the Spectre (variant 2) patch as well as the way it’s implemented on Linux systems. “Has anybody talked to them and told them they are f*cking insane?” Torvalds says at one point in the exchange.

The “insane” part, according to Torvalds, is that Intel has added redundant junk to the patch and made the entire thing optional. Administrators actually need to opt into the patch via a software flag when booting the system. Torvalds says this is because Intel’s Meltdown patch (known as “Indirect Branch Restricted Speculation” or IBRS) is so inefficient that rolling it out universally would cause substantial performance hits. In addition, Torvalds says many of the changes made by the patch are redundant when Google’s “retpoline” already provides protection.
As Torvalds points out, it looks like Intel’s approach to patching Spectre is to not patch it. The software flag is a weird half measure when we’re talking about such a serious flaw. Torvalds also complains that Intel seems determined to punt on the issue until it implements architectural changes down the road.

Intel has responded to Torvalds’ concerns without really saying anything — pretty standard for PR. The company says it’s “actively engaging with the Linux community, including Linus.” We’re not out of the woods yet, so it’s good we’ve got people like Linus Torvalds holding Intel’s feet to the fire.

#Easter EGG#
https://s3.reutersmedia.net/resources/r/?m=02&d=20180612&t=2&i=1271958961&w=1200&r=LYNXMPEE5B1X5

https://s3.reutersmedia.net/resources/r/?m=02&d=20180612&t=2&i=1271958961&w=1200&r=LYNXMPEE5B1X5

SEOUL (Reuters) - North Korean leader Kim Jong Un said it was “urgent” for North Korea and the United States to halt “irritating and hostile military actions against each other” during talks on Tuesday with U.S. President Donald Trump and other U.S. officials, North Korea’s state media said on Wednesday.

FedRAMP Authorized Cloud Service Providers
FedRAMP Authorized Cloud Service Providers[5] , with available service offering detail, includes:

18F [6]
Accenture [7]
Adobe [8]
Amazon [9]
Deloitte [10]
IBM [11]
Oracle [12]
TalaTek, LLC [13]
1901 Group
Accellion
Acquia Inc.
AINS
AirWatch
Akamai
Appian
Autonomic Resources a wholly owned subsidiary of CSRA LLC
Avue Technologies
BlackBerry
Blackmesh
BMC Software
Box Inc.
CGI Federal
Cisco Systems Inc.
Collab9
Complete Discovery Source
Compusearch Software Systems, Inc.
Cornerstone OnDemand
CoSo Cloud, LLC.
Cylance, Inc.
Datapipe Government Solutions, a Rackspace Company
Decision Lens Inc.
DocuSign
Druva, Inc.
DXC Technology
Economic Systems
Esri
FireEye
General Dynamics Information Technology (GDIT)
Google
Granicus
Huddle US
IdeaScale
IT-CNP
Knight Point Systems
MicroFocus
MicroPact
Microsoft
MIS Sciences Corporation
mLINQS
MobileIron
Netcomm
Northrop Grumman
Okta
OMB
PowerTrain Inc.
Project Hosts
Proofpoint, Inc.
PTC
QTS
Qualys
SAIC
Salesforce
SAP National Security Services Inc. (SAP NS2)
ServiceNow
Skillsoft
Skyhigh
Socrata
Softlayer
SpringCM
Symantec Corporation
TIBCO
United States Department of Agriculture
United States Department of the Treasury
VASCO
Verizon
Virtustream
In October 2013, it was revealed that AWS was awarded a $600M contract with the CIA.
During August 2014, AWS received Department of Defense-Wide provisional authorization for all U.S. Regions.
This is why they are part of the $hit list under #Trump Admin

FedRAMP Authorized Cloud Service Providers
FedRAMP Authorized Cloud Service Providers[5] , with available service offering detail, includes:

I do not see Ubuntu, Mozilla, Linux, ....\ #Oracle is the closest you will get...

Here is the official $hit list under @realDonaldTrump

https://www.w3schools.com/code/tryit.asp?filename=FS06OX194VZW
Oracle's Larry Ellison