1. Neil Sutter
  2. PowerBuilder
  3. Tuesday, 9 January 2018 15:48 PM UTC

Hi

My customers are asking for assurances that any delivered software be protected from the new Intel (and AMD?) vulnerabilities Spectre and Meltdown. 

What, if anything can or should be done with PowerBuilder and / or any PowerBuilder produced applications? 

Tangentially, what are people's various development and customers' sites doing to protect against these vulnerabilities, within PowerBuilder, but also for the computers as a whole. 

What types of execution degradation have been noticed once any protections are put in place? 

I suspect this subject will be of significant interest for a a while to come as it's fairly new and apparently potentially a huge issue. 

Thanks for any info you can offer up as to what we, as developers, can do to protect our applications and customers, and also anything we can offer up to our customer sites to might help to make them more secure. 

Neil

 

Neil Sutter Accepted Answer Pending Moderation
  1. Wednesday, 10 January 2018 14:52 PM UTC
  2. PowerBuilder
  3. # 1

Ya, thanks guys. As I expected. Just wasn't sure in a situation like this if anything in particular could/should/would be done at the application level. 

Is anyone working on a site that has installed the various fixes. What performance degradation is being seen, obviously primary interest in any PowerBuilder applications. I know that any degradation is highly processor and OS dependent, but just curious if anyone has started any metrics to show how systems are reacting. 

Neil

Comment
There are no comments made yet.
Chris Pollach @Appeon Accepted Answer Pending Moderation
  1. Wednesday, 10 January 2018 00:53 AM UTC
  2. PowerBuilder
  3. # 2

Hi Neil;

   Olan is correct.

However, Intel & AMD (along with Microsoft) are working on patches for this exposure that should be sent out very soon.

Regards .. Chris

Comment
There are no comments made yet.
Olan Knight Accepted Answer Pending Moderation
  1. Tuesday, 9 January 2018 23:22 PM UTC
  2. PowerBuilder
  3. # 3

Spectre and Meltdown are firmware bugs in the INTEL hardware. There's absolutely nothing that any application code can do about them.

As usual, I strongly recommend an excellent anti-virus program on each user and each client platform, along with Malwarebytes.

 

Intel has stated that they will be releasing fixes within a week:

https://www.theverge.com/2018/1/8/16866600/intel-ceo-spectre-meltdown-updates-fix-brian-krzanich-ces-2018

 

Note that Microsoft ALSO advises that these fixes could cause significant performance issues:

http://appleinsider.com/articles/18/01/09/microsoft-advises-fixes-for-spectre-and-meltdown-security-flaws-could-cause-noticeable-performance-hits

 

Each user and each client will to decided whether or not implement the "fixes" that will be released soon, or to wait and see if a better fix will be available in the near future.


Later -

Olan

Comment
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.