Victor

I think we’re talking past each other here. Missing each other’s points. I’m definitely confused by yours, and I feel like I’m not getting across to you. So I think I’ll say thank you for the discussion, and I’m sorry.

Just know this: I’m on board with everyone saying it would be good if AMD patched this for everyone. 🙂

But the airbag situation is different. The airbag vulnerability is something broken which already doesn’t work on the car. It’s broken before and after the crash.

But as I understood it, this vulnerability is only exploitable after the system has been compromised in some other way, first. So your system would have to first be compromised, then this vulnerability is exploitable. That’s like saying “your car radio will not function in this car, but only after the engine breaks.” It’s like 🤷‍♂️ OK, seems reasonable.

But the really bad thing IMO is that this vulnerability can cause permanent damage once exploited (?). That is super, super bad.

I haven’t had malware on any of my computers for 20+ years. 🤷‍♂️ Ever since I stopped clicking on shitty links on shitty sites and downloading shitty files with unknown contents and such behavior. I don’t think I’m worried. I’m not the target group for these kinds of attacks, I think.

I mean… 🤷‍♂️ The analysis is made, decision made. I probably have an affected system but… What’s the real risk for private end users? Should I really be so concerned?

they could just as well choose to help them.

I think that’s what I have a hard time believing. If they could “just as well” help, it is my belief that they also would. Because I don’t think they’re morons. I think they know this hurts their reputation. There has to be some obstacle, be it financial or lack of man power or… something. That is my belief.

Don’t you (all) think that sounds more likely than them just leaving their customers in the dark for no other reason than not having to do work?

What I meant was exactly that, which you corroborated as correct. You’d first have to already compromise these systems, in order to be able to exploit this vulnerability. That’s as I understood it. It’s that correct?

Gosh, it’s not easy getting my point across here today, I’m sorry.

All I’m saying is that I don’t think AMD is doing this to us, on purpose. I think it’s just happened, and they’re not handling it very well, even though it’s somewhat understandable. At least to me. 🤷‍♂️

But then again, I have no reason to be attacked or have my system compromised, so my situation is better than others’, perhaps.

I agree. 👌

When I said “It’s like”, I meant it as a simile to what’s going on with AMD right now. Not with what’s actually going on with car companies. Car companies are a whole different topic and discussion, of which I know nothing.

Would a car have a defect that was shown 5 years later, then the manufacturer would have to recall it or offer a repair program and or money in exchange.

I mean… A car is different, depending on the defect. It’s like “this window only breaks if you’ve already crashed the car”. (The defect only causes a vulnerability if the system is already compromised AFAICT.) And 5 years is much, much younger for a car compared to a CPU, but that’s not the important bit, I know.

But I agree with you all, I am not saying it shouldn’t be fixed, I was just saying I don’t think AMD is looking to screw over their customers on purpose. That’s all.

Ryzen 3000 series CPUs are still sold as new

Ah, that changes things. Not great. But still,

uninfected systems will intentionally be left vulnerable

what I meant was that apparently only compromised systems are vulnerable to this defect.

I’m guessing it’s a balance between old products, effort, severity, etc. As we’ve learned, this is only an issue for an already infected system. 🤷‍♂️

Well, you feel how you feel, and you choose the products you want after this. Good luck to you! 👍

Edit: So many down votes for wishing someone good luck. The hive mind is odd sometimes.

That’s not what I was referring to. I was referring to the act of “adding vulnerabilities”. Surely they aren’t doing that on purpose. And surely they would add fixes for it if it was economically viable? It’s a matter of goodwill and reputation, right?

I don’t know, I just don’t think it’s AMD’s business model to “screw over” their customers. I just don’t.

How is AMD “screwing us over”? Surely they aren’t doing this on purpose? That seems very cynical.

Ah, thanks.

Hmm?

everything I’ve seen for radarr, sonarr, overseerr, etc. require docker

Back when I was using Sonarr a couple years ago before that really good free tracker died, I wasn’t using docker at all. Just a systemd unit for the server and one for the web interface I believe, or maybe just the one for both. I’m on Arch.

I hope that helps.

Keep the database on an SSD. I put mine on a HDD and it corrupted.

That seems very odd to me, and a very serious bug, no? 🤨 I feel like the storage medium shouldn’t matter as long as it can keep up with data throughput (or eventually keep up, with some help with buffering via the kernel or some other mechanism).

pass the gpu into the container

Man, if the “Download more RAM!” scammers of old could see us now.

but I’m super disenchanted on docker after this thread if I’m being honest

What made you feel that way? (I’m not too familiar with docker much tbh and I’m thinking of hosting on a Pi just like you.)