RETBleed attack warning
RETBleed attack warning
I am running Version 6.1.22_Debian r144080 on mx-linux and I am getting a warning on every start up guest, mx-linux, Debian. Can this warning be stopped ?
- Attachments
-
- virtualbox startup error.png (11.02 KiB) Viewed 15579 times
Re: RETBleed attack warning
This is a mx-linux message, not a VirtualBox message. You need to check out the mx-linux forums to see if it can be stopped.
-
- Site Moderator
- Posts: 20965
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: RETBleed attack warning
Try this command on the host terminal, while the VM is fully shut down, not save-stated:
VBoxManage modifyvm "VM name" --spec-ctrl on
VBoxManage modifyvm "VM name" --spec-ctrl on
--spec-ctrl on|off: Enables and disables the exposure of speculation control interfaces
to the guest, provided they are available on the host. Depending on the host CPU and
workload, enabling speculation control may significantly reduce performance
Re: RETBleed attack warning
Thanks, that corrected the message from appearing.
Why would that not be the default ?
Why would that not be the default ?
-
- Volunteer
- Posts: 5668
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: RETBleed attack warning
The answer was already given in the quote from the VirtualBox User Manual by scottgus1.camvirt wrote:Why would that not be the default ?
Re: RETBleed attack warning
That does not answer my question.
Why is it not the default for security? If the system is slow then a pop up could notify the user. I find with it enabled that my guest run faster.
Why is it not the default for security? If the system is slow then a pop up could notify the user. I find with it enabled that my guest run faster.
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: RETBleed attack warning
None of us here are devs, so we can't really answer dev policy questions. However I can think of several possible answers.camvirt wrote:Why is it not the default for security?
(1) Paranoia about malware is not universal, especially in VMs, part of whose purpose can be to provide an isolated environment that we don't really care about.
(2) It is common practice in software when introducing an onerous new feature is to make selectable, and default to previous behaviour.
(3) Perhaps they didn't want a permanent penalty for a temporary problem, i.e. an entirely theoretical risk that would be gone in the next generation of processors.
-
- Volunteer
- Posts: 5668
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: RETBleed attack warning
In addition to what mpack wrote, many users prefer performance over security. Unfortunately, that's especially true in the business world IMHO.camvirt wrote:Why is it not the default for security?
That's not possible, because there is no generally accepted definition of slowness.camvirt wrote:If the system is slow then a pop up could notify the user.
Well, then you should let VirtualBox provide the speculation control interfaces to your VM. AFAIU, the performance penalty is high when using many transitions between user space and kernel space, and when using I/O-bound workloads.camvirt wrote:I find with it enabled that my guest run faster.