From owner-freebsd-security@freebsd.org Fri Jan 5 14:48:50 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 27A19EAD345; Fri, 5 Jan 2018 14:48:50 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id DD7BC6BE94; Fri, 5 Jan 2018 14:48:49 +0000 (UTC) (envelope-from des@des.no) Received: from desk.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id BC691107C6; Fri, 5 Jan 2018 14:48:47 +0000 (UTC) Received: by desk.des.no (Postfix, from userid 1001) id 7E0425CEB6; Fri, 5 Jan 2018 14:47:15 +0000 (UTC) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Jules Gilbert Cc: "Ronald F. Guilmette" , Eric McCorkle , Freebsd Security , Poul-Henning Kamp , "freebsd-arch\@freebsd.org" , FreeBSD Hackers , Shawn Webb , Nathan Whitehorn Subject: Re: Intel hardware bug References: <736a2b77-d4a0-b03f-8a6b-6a717f5744d4@metricspace.net> <2594.1515141192@segfault.tristatelogic.com> <809675000.867372.1515146821354@mail.yahoo.com> Date: Fri, 05 Jan 2018 15:47:15 +0100 In-Reply-To: <809675000.867372.1515146821354@mail.yahoo.com> (Jules Gilbert's message of "Fri, 5 Jan 2018 10:07:01 +0000 (UTC)") Message-ID: <861sj4tlak.fsf@desk.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jan 2018 14:48:50 -0000 Jules Gilbert writes: > Sorry guys, you just convinced me that no one, not the NSA, not the > FSB, no one!, has in the past, or will in the future be able to > exploit this to actually do something not nice. The technique has already been proven by multiple independent parties to work quite well, allowing an attacker to read kernel memory at speeds of up to 500 kB/s. But I guess you know better... DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no