Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Great, thanks.

Sort of weirds me out that my OS can just silently update my CPU - I didn’t realize I was giving it that level of control… I guess it’s good vs the alternative of no-one actually updating for exploits like his though.



Active microcode updates are stored in volatile memory and thus have to be applied during each system boot.

https://wiki.gentoo.org/wiki/Microcode


It does not upgrade your cpu, it loads up the firemware when you boot Linux.


That’s reassuring, thanks (not sure why you’re getting downvoted!)


As opposed to updating any other piece of software in the system directly? The OS has always had full control.


The implication was that you could boot a malicious OS, then boot into a different OS with the same processor and get pwned. As other commenters mentioned, this mechanism doesn't create that risk because the update has to be applied each boot.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: