Date: Thu, 11 Jul 2019 14:16:17 +0200 From: peter.blok@bsd4all.org To: Kevin <labadore@protonmail.ch>, freebsd-security@freebsd.org Subject: Re: FreeBSD MDS Mitigation Message-ID: <DDBA787F-4238-4C9B-A960-A2C82D25F7EE@bsd4all.org> In-Reply-To: <1-e0UcMiG_xiNHOUE9o3duPx3uN6Loigx376zYIhPFYNE-khNPR1vB-gu5TAG-L_V9AL7gNrWsyurZ8bBcW1zMayEPgkl2SpalOGkrGfTEE=@protonmail.ch> References: <1-e0UcMiG_xiNHOUE9o3duPx3uN6Loigx376zYIhPFYNE-khNPR1vB-gu5TAG-L_V9AL7gNrWsyurZ8bBcW1zMayEPgkl2SpalOGkrGfTEE=@protonmail.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
I=E2=80=99m sorry but if you really care about security you have to read = the advisory and stop assuming things. For every complaint why this is disabled by default, there will 10 = complaints why it was enabled by default and broke things. Having said this, I could see the benefit of reporting the fact that a = certain security measure is disabled in the daily security reports, = hoping someone reads it together with the executables that suddenly have = been setuid for root. Peter > On 10 Jul 2019, at 18:37, Kevin via freebsd-security = <freebsd-security@freebsd.org> wrote: >=20 > Hello list. I am reading this page about FreeBSD security [ = https://vez.mrsk.me/freebsd-defaults.html ] and it says the Intel MDS = mitigation is off by default. So I tried. >=20 > % sysctl hw.mds_disable_state > hw.mds_disable_state: inactive >=20 > Now I see the instructions in the advisory, but what about anyone who = didn't? Or who did a new install and didn't read past advisories? >=20 > I have an Intel CPU that is vulnerable. By applying the update and = installing the microcode package, I thought I was safe. >=20 > Why? Why does FreeBSD let its users be vulnerable? > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to = "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DDBA787F-4238-4C9B-A960-A2C82D25F7EE>