Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Meltdown and Spectre
- Thread starter Dronecatcher
- Start date
- Sort by reaction score
Does not affect PowerPC. One thing i liked and still like about PPC - Its built better and safer than anything x86.
I wonder if Apple or even other companies might consider going to Power CPUs again. IBM is still making pretty amazing CPUs for servers with some pretty great technologies allowing direct access to storage for faster fetching. I think it would be cool for Apple to get back with IBM for a new PowerMac with a single Power8 (8-core awesomeness).
Not true. Spectre could affect anything 604 or later.
As far as I know we have 'security from obscurity' but don't mistake that as real security. Tiger and leopard are definitely not secure! Take Java, X11 or an unpachted Bash - many ways to do harm!
Cameron Kaiser wrote a good blog post about hardening OS X (ppc and Intel).
Remeber: Your hardware is only as secure as the operating system running on it. Run morph OS and I'd admit you are really secure
Wrong. Spectre can be exploited on any semi-modern CPU with speculative execution. As said, PowerPC had has that since the 604. I'd suggest actually reading the article, as it explains it in greater detail.
The plot thickens....
http://tenfourfox.blogspot.co.uk/2018/01/more-about-spectre-and-powerpc-or-why.html
http://tenfourfox.blogspot.co.uk/2018/01/more-about-spectre-and-powerpc-or-why.html
Interesting. Makes sense - the G3 and G4 7400 had more in common with the 603e than the 604. The G4e 7450 added back the longer pipeline of the 604.
[doublepost=1515172894][/doublepost]
It's a side effect of the rose tinted glasses the dude is wearing.
[doublepost=1515172894][/doublepost]
It's a side effect of the rose tinted glasses the dude is wearing.
I'm surprised at how many different variants of processors are affected by this. It would be understandable if those processors which shared a common architecture, such as Intel and AMD, were all vulnerable. But to find PowerPC along with Power and IBM's Z-Series systems as affected is amazing.
Kernel Side-Channel Attacks - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
There are 3 known CVEs related to this issue in combination with Intel, AMD, and ARM architectures. Additional exploits for other architectures are also known to exist. These include IBM System Z, POWER8 (Big Endian and Little Endian), and POWER9 (Little Endian).
There are 3 known CVEs related to this issue in combination with Intel, AMD, and ARM architectures. Additional exploits for other architectures are also known to exist. These include IBM System Z, POWER8 (Big Endian and Little Endian), and POWER9 (Little Endian).
Last edited:
i have what i think is a simple defense for my data. i have a lot of data on some of my ppc's that i don't want to lose. a lot of documents, pictures, music and movies. i access some of them every single day. all of my music has been ripped from cd's, movies have been ripped from dvd's, documents written in appleworks, pictures imported from a digital camera. yes i am a follower of steve jobs's digital hub. i have no use for the internet on a ppc these days so i simply turn the internet off. i figure that the only way i can be hacked is for someone to have physical access to my machines. that has never been a problem for me and since i'm not a spy or work for a government i figure that it's unlikely to occur in the future. if anyone sees any holes in my reasoning please point out my flaws to me. cloud storage holds no fascination to me. now like everyone else i use the internet daily but only on intel machines and i don't believe i have any data on my intels. at least not any data that i care about. if i download something i wish to keep i simply transfer the file to an ipod and later transfer the file to a ppc. cd;s, dvd's, appleworks, and digital cameras? i suppose you can tell i'm not a millennial. just the way i've been doing things for years. works for me.
Biggest hole in your reasoning - someone writes a hack specifically targeting old PowerPC Macs running a legacy version of OS X. It's highly implausible, short of something like stuxnet which targeted a specific bit of software. The number of active machines is a tiny fraction of what's connected to the internet. The architecture is dead and would require familiarity with the instruction sets.
If you're a hacker after personal data you go after Windows boxes or Android smartphones, pure and simple. They account for approx 35-40% each of installed devices. Best case for a PowerPC Mac assuming all Macs older than OS X 10.6 are PPC - 0.1%, so in reality a lot less than that.
If you're a hacker after personal data you go after Windows boxes or Android smartphones, pure and simple. They account for approx 35-40% each of installed devices. Best case for a PowerPC Mac assuming all Macs older than OS X 10.6 are PPC - 0.1%, so in reality a lot less than that.
Last edited:
Just some weeks ago I've read an article about how much better a Pentium IV was compared to a G5. One argument was the longer pipeline and the more precise branch prediction. That was the first time I've ever heard about these things. Now a couple of weeks later the knowledge proves to be very helpful, especially to tell fanboys of all kind why their machine is affected like any other 
Last edited:
The idea behind the P4 was longer pipelines which allowed higher clock speeds. That worked great until the processor had to branch and, of course, the thermal headroom limits. When a branch mis-prediction occurred the whole pipeline had to be flushed causing significant delay.Just some weeks ago I've read an article about how much better a Pentium IV was compared to a G5. One argument was the longer pipeline and the more precise branch prediction. That was the first time I've ever heard about these things. Now a couple of weeks later the knowledge proves to be very helpful, especially to tell fanboys of all kind why there machine is affected like any other
http://tenfourfox.blogspot.co.uk/2018/01/actual-field-testing-of-spectre-on.html
Fascinating update - in brief G3s, 7400 G4s and DLSD Powerbooks are resistant.
Fascinating update - in brief G3s, 7400 G4s and DLSD Powerbooks are resistant.
Cameron Kaiser is patching TFF, but in theory Safari/Webkit are not safe because of Java for example, right?
The original Safari isn't safe at all since it's an extremely outdated browser on whatever version of OS X you're running on PowerPC Macs. Leopard WebKit receives an update every now and then, so you'd have to check the development status of it to find out whether it has been updated to mitigate Spectre attacks or not. TFF is by far the safest browser on PowerPC OS X, but then you're still running an extremely outdated OS with a lot of potential security holes that don't require Spectre at all.
Interesting stuff. Seems really odd why a DLSD should be more resistant. The G3s and the 7400-based G4s I get, but the DLSD? Strange.
Yes, spectre or meltdown can be synonyms for flooding of your apartment, fire, earthquake, robbers, power over voltage, kids, disk failure, etc etc....