Date: Fri, 5 Jan 2018 11:11:49 -0800 From: Cy Schubert <Cy.Schubert@cschubert.com> To: Eric McCorkle <eric@metricspace.net>, Jules Gilbert <repeatable_compression@yahoo.com>, "Ronald F. Guilmette" <rfg@tristatelogic.com>, Freebsd Security <freebsd-security@freebsd.org>, Brett Glass <brett@lariat.org>, =?Windows-1252?Q?Dag-Erling_Sm=F8rgrav?= <des@des.no>, Poul-Henning Kamp <phk@phk.freebsd.dk>, "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org>, FreeBSD Hackers <freebsd-hackers@freebsd.org>, Shawn Webb <shawn.webb@hardenedbsd.org>, Nathan Whitehorn <nwhitehorn@freebsd.org> Subject: RE: Intel hardware bug Message-ID: <20180105191145.404BC335@spqr.komquats.com>
next in thread | raw e-mail | index | archive | help
According to a Red Hat announcement, Power and Series z are also vulnerable= . --- Sent using a tiny phone keyboard. Apologies for any typos and autocorrect. Also, this old phone only supports top post. Apologies. Cy Schubert <Cy.Schubert@cschubert.com> or <cy@freebsd.org> The need of the many outweighs the greed of the few. --- -----Original Message----- From: Eric McCorkle Sent: 05/01/2018 04:48 To: Jules Gilbert; Ronald F. Guilmette; Freebsd Security; Brett Glass; Dag-= Erling Sm=F8rgrav; Poul-Henning Kamp; freebsd-arch@freebsd.org; FreeBSD Hac= kers; Shawn Webb; Nathan Whitehorn Subject: Re: Intel hardware bug On 01/05/2018 05:07, Jules Gilbert wrote: > Sorry guys, you just convinced me that no one, not the NSA, not the FSB, > no one!, has in the past, or will in the future be able to exploit this > to actually do something not nice. Attacks have already been demonstrated, pulling secrets out of kernel space with meltdown and http headers/passwords out of a browser with spectre. Javascript PoCs are already in existence, and we can expect them to find their way into adware-based malware within a week or two. Also, I'd be willing to bet you a year's rent that certain three-letter organizations have known about and used this for some time. > So what is this, really?, it's a market exploit opportunity for AMD. Don't bet on it. There's reports of AMD vulnerabilities, also for ARM. I doubt any major architecture is going to make it out unscathed. (But if one does, my money's on Power) _______________________________________________ freebsd-arch@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-arch To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180105191145.404BC335>